Android 14 to block malware from abusing sensitive permissions


Google has announced the release of the first developer preview for Android 14, the next major version of the world’s most popular mobile operating system, which comes with security and privacy enhancements, among other things.

Starting with Android 14, apps will have to declare precisely how they plan to use certain phone features, data exchange between them will be limited, and additional files downloaded by apps will be read-only.

A highlighted security feature in Android 14 is to block the installation of malicious apps that target older API levels (Android versions), which allows easier abuse of sensitive permissions.

Android 14 enhances security

Starting with the “Runtime receivers,” which enable apps to receive intents broadcast by the system or other applications, all apps targeting Android 14 must declare if they need to receive information from other apps or if they should be limited to system “broadcasts.”

This new security measure continues the “Context.registerReceiver()” feature introduced in previous Android releases. It aims to prevent malicious apps on the device from intercepting or misusing broadcasts meant to reach other apps.

To further tighten up the information exchange between apps and prevent malware from gripping sensitive user data, Android 14 will also restrict the sending of “intents” that don’t have a specified recipient.

With this new security enhancement, malware can no longer intercept intents sent from other apps and read their contents.

The third security feature that will land on Android 14 is “safer dynamic code loading,” which limits all files downloaded by an application to read-only mode.

This would help prevent some code-injection scenarios involving manipulated executables that are meant to be run by privileged apps.

Finally, Android 14 will block the installation of harmful apps that target SDK versions lower than 23 (Android 6.0) to achieve easier permissions abuse.

“Malware often targets older API levels to bypass security and privacy protections that have been introduced in newer Android versions,” explains Google.

“To protect against this, starting with Android 14, apps with a targetSdkVersion lower than 23 cannot be installed.”

In Android 6.0 (2015), Google introduced a runtime permission model that required apps to request the user to grant permission access requests for sensitive operations like the device’s camera, microphone, GPS sensors, phone calls, and SMS access upon the app’s launch.

Malware targeting previous SDK versions can specify it in the manifest XML file and request access to sensitive permissions upon installation, which is easier for users to overlook and approve.

The new permissions protection system will also make it impossible for users to install apps that haven’t been updated for some time. However, Google says older apps already installed on devices that upgrade to Android 14 will continue to work.

Android 14 is still far from its final form, and we may see more security features land on the second developer preview in March 2023.

If you want to test the new system now, you can only flash the available system images on a Google Pixel device.

For more information about all new features that have landed in the first developer preview of Android 14, visit the developer site.



Source link