Wednesday , September 19 2018 Ausdroid » Software » Android, Modding & Updates » Google talks Nougat security including how they got rid of the StageFright bug

android-security
With Android 7.0 rolling out, Google is starting to talk a little more about what’s under the hood and one of the big features is improved security. As part of the improvements to file systems, fingerprint security and boot options, they’ve also effectively removed the Stagefright vulnerability.

The Stagefright vulnerability – a bug that affects Android’s media play-back engine – first showed up in July last year, its discovery led to monthly security updates for Android such as the one released this morning. The patches are only effective as long as your manufacturer implements them, but in Android 7.0, Google has effectively gotten rid of them. How did they do it?

In Android Nougat, we’ve both hardened and re-architected mediaserver, one of the main system services that processes untrusted input. First, by incorporating integer overflow sanitization, part of Clang’s UndefinedBehaviorSanitizer, we prevent an entire class of vulnerabilities, which comprise the majority of reported libstagefright bugs. As soon as an integer overflow is detected, we shut down the process so an attack is stopped. Second, we’ve modularized the media stack to put different components into individual sandboxes and tightened the privileges of each sandbox to have the minimum privileges required to perform its job. With this containment technique, a compromise in many parts of the stack grants the attacker access to significantly fewer permissions and significantly reduced exposed kernel attack surface.

The Android team also implemented Verified Boot, an improved version of SELinux, Kernel hardening which includes parts that are read-only and APK signature scheme v2 which improves the speed at which an APK can be verified.

So, in other words in Android 7.0 Stagefright is effectively negated by stopping the ways that it overloaded the Android Media Server.

The improved security in Nougat also includes other features like Direct Boot which make your phone faster to boot. Direct Boot means you can access functions like the phone app and your alarm clock before entering your pin while still maintaining a secure system. These features mean you can get calls or get woken up if your phone reboots overnight while charging.

A new encryption system which separates the full-disk encryption introduced in Lollipop into file-based encryption with separate areas including system sand user profile storage. The per-profile encryption allows basic usage before pin entry, with developers able to allow basic app usage on an opt-in basis. Of course once you enter your pin, you can use it fully.

Google has also implemented new app permissions in Nougat, which lets them control which apps access the file systems and networks. There is also improvements on permissions security.

Lastly the update process gets a lot better with a dual-partition system that lets updates be installed in the background on one partition, with the phone switching to the updated partition on the next boot. And a bonus for those sick of the ‘Optimising Apps’ dialogue after updates, with the new JIT compiler, you won’t see this any longer.

Google is looking to improve still, advising if you have any feedback to contact them at [email protected].

Source: Google Security.

Daniel Tyson   Ausdroid's Editor in Chief

Dan is a die-hard Android fan. Some might even call him a lunatic. He's been an Android user since Android was a thing, and if there's a phone that's run Android, chances are he owns it (his Nexus collection is second-to-none) or has used it.

Dan's dedication to Ausdroid is without question, and he has represented us at some of the biggest international events in our industry including Google I/O, Mobile World Congress, CES and IFA.

1
Join the Ausdroid Conversation

avatar
1 Comment threads
0 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
1 Comment authors
Prishnav Recent comment authors
  Subscribe  
newest oldest most voted
Notify of
Prishnav
Guest
Prishnav

no mention of the fingerprint security improvements?

Check Also

Google won’t be dumping ‘www’ and ‘m’ in Chrome anytime soon

Earlier in the year, we heard that Google had a grand plan to rethink the …