Wednesday, 21 February 2018

Android P will stop malware from spying on you

Android P, the much anticipated upgrade of Android, may not be ready to release but due to Android's open source nature we now know that new rule-sets have been put in place to prevent background apps from accessing your camera or microphone. 

Basically users will no longer have be conscious about malicious apps and malware keeping tabs on their behaviour. It’s a welcome reprieve after it’s been noticed that’s malware such as GhostCntrl could be lurking in the background to stealthily record your conversations or take pictures. 

The Android Open Source Project (AOSP) commit from 19 January, states that if any background application does try and activate your camera, it will receive an error code instead. 

 How does this work?

The rule change exclusively targets the applications user IDs (UIDs), which is a unique identifier that Android assigns to each app when they’re installed. These UIDs won’t change provided the app remains installed on your phone or tablet. 

So, when you’ll be running Android P, the camera service will be able to determine when a particular UID is idle. In that state Android will issue an error and remove access to the camera.

With Android P restricting the camera, malicious apps will not be able to detect it. If they still wanted to spy on you, they’d have to implement a foreground service to operate. That is to say, thanks to Android O, the app would have to display a notification that states that the application is running. In addition to that, the app would have to be displayed on top of other apps. 

Slashgear makes a valid point in stating that such a feature will hamper the operation of anti-theft apps. This isn’t the first time that Google’s crackdown on abusive apps would result in negative connotations for security apps. Previously Cerberus was issued a warning by Google to notify users about being tracked. 

All in all, such a feature for much-needed and long-overdue. Perhaps in time it can be fine tuned to address other concerns. 

http://ift.tt/2CeQzs6

No comments:

Post a Comment