NSA Releases Secure Android Version

  /     /     /  
Publicated : 22/11/2024   Category : security


NSA Releases Secure Android Version


National Security Agency publicly releases SE Android, a secure version of Googles Android platform that delivers app isolation and related security meausres.



The National Security Agency has made its first public release of SE Android, a secure version of Googles Android platform.
SE Android
aims to close Androids security gaps by isolating apps from one another, mitigating problems with flawed or malicious apps, instituting permission and other security checks, restricting use of system facilities by apps, and taking related steps.
The project is based on SE Linux, a security-hardened version of Linux which the NSA initially released in 2000. Numerous parts of SE Linux were eventually integrated into the official Linux kernel and other Linux-based platforms. Android, too, is powered by Linux, so the fit is somewhat natural.
First announced at the Linux Security Summit in September, SE Android remains in early stages. There are not yet any pre-compiled builds of SE Android, so installation is anything but simple at this point. Those wishing to use SE Android will, for now, have to follow directions posted on the projects Web page. However, Android developers have already hit developer bulletin boards to discuss plans to release packaged versions.
One big focus of SE Android is application security. Application-level permissions control access to application components and system resources. A big change from SE Linux is that SE Android switches from Discretionary Access Control, which lets users set permissions, to Mandatory Access Control, which does not. This can, for example, prevent malicious apps from running processes that wipe a device of all data.
Sandboxing and process isolation also play large parts. Android SE isolates applications from one another and the system--unlike many apps on Googles Android Market that have broad permissions to access other apps and device elements like Bluetooth and the camera. Sandboxing prevents bypass of the application-level controls as well.
The NSA doesnt consider SE Android to be a panacea, according to a presentation from the Linux Security Summit, which cautions that SE Android is not a cure-all to mitigate all kernel vulnerabilities.
How 10 federal agencies are tapping the power of cloud computing--without compromising security. Also in the new, all-digital InformationWeek Government supplement: To judge the success of the OMBs IT reform efforts, we need concrete numbers on cost savings and returns. Download our
Cloud In Action
issue of InformationWeek Government now. (Free registration required.)

Last News

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
NSA Releases Secure Android Version