Categories Security

128 posts

Auto Added by WPeMatico

Android Protected Confirmation: Taking transaction security to the next level

Posted by Janis Danisevskis, Information Security Engineer, Android Security In Android Pie, we introduced Android Protected Confirmation, the first major mobile OS API that leverages a hardware protected user interface (Trusted UI) to perform critical transactions completely outside the main mobile operating system. This Trusted UI protects the choices you […]

Control Flow Integrity in the Android kernel

Posted by Sami Tolvanen, Staff Software Engineer, Android Security Android’s security model is enforced by the Linux kernel, which makes it a tempting target for attackers. We have put a lot of effort into hardening the kernel in previous Android releases and in Android 9, we continued this work by […]

Providing a safe and secure experience for our users

Posted by Paul Bankhead, Director, Product Management, Google Play We focus relentlessly on security and privacy on the Google Play Store to ensure Android users have a positive experience discovering and installing apps and games they love. We regularly update our Google Play Developer policies and today have introduced stronger […]

Security vs. Utility: Talking about regulation

Raising capital with ICOs (Initial Coin Offerings) has become very popular: in 2017 alone, ICOs has raised a combined $3.7 billion. Projects using this model typically raise capital by issuing digital tokens on a blockchain and distributing them to investors for a financial contribution. Such crypto tokens represent a virtual […]

Microsoft is working on” next generation’ security OS, hints synaptics

Synaptics hints that Microsoft’s next-generation operating system will have enhanced biometric features It’s been three years since Microsoft introduced its last desktop operating system, Windows 10 in July 2015. The tech giant has since been regularly upgrading, improving and developing the current operating system (OS) with a continuous stream of […]

Compiler-based security mitigations in Android P

Posted by Ivan Lozano, Information Security Engineer Android’s switch to LLVM/Clang as the default platform compiler in Android 7.0 opened up more possibilities for improving our defense-in-depth security posture. In the past couple of releases, we’ve rolled out additional compiler-based mitigations to make bugs harder to exploit and prevent certain […]

Project Capillary: End-to-end encryption for push messaging, simplified

Posted by Giles Hogben, Privacy Engineer and Milinda Perera, Software Engineer Developers already use HTTPS to communicate with Firebase Cloud Messaging (FCM). The channel between FCM server endpoint and the device is encrypted with SSL over TCP. However, messages are not encrypted end-to-end (E2E) between the developer server and the […]

Insider Attack Resistance

Posted by Shawn Willden, Staff Software Engineer Our smart devices, such as mobile phones and tablets, contain a wealth of personal information that needs to be kept safe. Google is constantly trying to find new and better ways to protect that valuable information on Android devices. From partnering with external […]

DNS over TLS support in Android P Developer Preview

Posted by Erik Kline, Android software engineer, and Ben Schwartz, Jigsaw software engineer The first step of almost every connection on the internet is a DNS query. A client, such as a smartphone, typically uses a DNS server provided by the Wi-Fi or cellular network. The client asks this DNS […]