From CRN: Google is taking steps to bolster the security of its highly targeted Android platform, which security experts warn is significantly outpacing other mobile platforms in introducing risk to corporate networks.
Android is now part of Google's patch reward program, which gives cash to developers to contribute to security patches to popular open source projects. The move, unveiled last month, encompasses all open-source components of Android, wrote Adrian Ludwig, an Android security engineer, in the company's official Android blog.
"The Android team works very closely with the security research community at large to foster public discussions and implement improvements," Ludwig wrote.
Ludwig said the company pushed out security improvements in Android 4.4, known as KitKat, reinforcing the Android sandbox to prevent mobile apps from extending to other device processes. The sandboxing technology is core to most mobile device platforms and significantly increases the difficulty in carrying out attacks that can root or takeover a mobile device. In addition, Ludwig highlighted the enforcing mode, which is enabled by default on Android devices, to prevent malicious code from violating or attempting to bypass security restrictions.
Google is responding to reports that consistently document attacks targeting the platform. Android smartphones and tablets make up more than 90 percent of the attacks targeting mobile devices, according to data collected by a variety of security vendors. Google remains fairly tight lipped about the actions it takes to address mobile threats, such as malicious applications and mobile malware attacks.
The latest threat report, issued last month by McAfee, found mobile malware that allows an attacker to bypass mobile application restrictions. The firm documented approximately 700,000 new Android malware samples. The company pointed to the rising threat posed by malicious applications overstepping their bounds. One gaming app bilked more than 37 million email addresses from the contacts associated with 810,000 Android phones and tablets.
View: Article @ Source Site
