The recently introduced version 4.4 of Android's operating system (OS), also known as KitKat, debuted some innovative security features, including better warnings about bad Web site certificates, and an improved way of blocking potential malicious changes to the OS.
Stefan Tanase, security expert at Kaspersky Lab, says one of the better features is that it will warn a user if a Certificate Authority (CA) is added to the device, making it easier to identify man-in-the-middle attacks.
Another feature, he says, is a barrier against exploits gaining root access. "SELinux is now running in enforcing mode, instead of permissive mode, which helps enforce permissions and thwart privilege escalation attacks, such as exploits that want to gain root access."
Tanase explains that privilege escalation and buffer overflows are techniques used for rooting mobile phones, essentially getting privileged control or root access within the subsystem.
"While this makes it harder for Android 4.4 users to get root access on their own devices, it also makes it harder for malware to do the same, which is an important step in the infection of Android-based terminals," he says.
Gavin Hetherington, MD of Neworder Industries, says KitKat is also addressing low spec smartphone fragmentation, which will allow the application to be accessible to more of the South African population.
He says this fragmentation exists because there are many different versions of the Android OS, some of which are really old. KitKat features lower resource usage, and can run on smartphones with as little as 512MB of RAM.
High-end users will see benefits such as better battery life and faster speeds, while lower-end users will have access to an updated, more secure OS.
However, he says the fact that most non-technical users need to rely on hardware vendors to get the updates is a real problem. Older devices will stop receiving updates at a certain point, as the device vendors withhold updates as a means of getting users to upgrade their handsets. "This is effectively increasing the risk across their entire user base," he says.
No silver bullet
Gregory Anderson, country manager at Trend Micro SA, says although moves by mobile players around security have come a long way, he questions whether it is enough.
"I am not sure we can ever say that adding a single layer of security is ever enough. Security needs to be ongoing."
He says it is important to remember that Android has 70% market share, so vulnerabilities cannot be patched in a single iteration of a product; it needs to be an ongoing process, as there are bound to be more vulnerabilities going forward.
"We can't simply say we have secured one area and we will now be free from vulnerabilities. What about botnets? What types of security technologies will help you see this? Remember, the owner of a botnet will just set it off at any time they want to, and no one will ever be the wiser."
At far as this release goes, although it is a good start, its full capabilities need to be tested, says Anderson.
He stresses that although a vendor's addition of security measures is good news, the onus lies on the user to take ownership of their personal security, yet too many users select unsecured products for their devices.
Tanase agrees, and adds that in terms of malware prevention, these improvements do not make a big difference, as users are still most commonly infected by downloading unofficial apps from third-party stores.
"Remember that the security landscape is changing on a day-by-day basis," Anderson adds. Whether KitKat will live up to what it promises; only time will tell. "However, as consumers and creators of mobile technologies, we need to consistently stay ahead of changes. We also need to extend the net of what we use to third-party products and not just rely on what the system ships with."
Room for improvement
In terms of what Google could have done better with this version, Tanase cites granular app permissions as a real must for Android security. "Everyone who is concerned about the security of their mobile devices is waiting for this feature," Tanase explains.
Granular permissions are used to grant system privileges, allowing users to restrict others from accessing their data.
Tanase says Google has been experimenting with this since the previous Android version, when it implemented a hidden option for changing app permissions. "However, it seems it's still not quite ready to be rolled out as a real feature."
Share
