Android 5.0 Lollipop
isn’t just a pretty face: it’s pretty serious about security too. From
intruder detection to secure sandboxing, version 5.0 is the toughest
Android yet. Here’s what’s new and why Android 5.0 makes your device
better.
It’s quiz time: what’s the biggest threat to your Android device? If
you said hackers, malware, villains or midgets you’d be wrong, because
the answer is you. Far too many of us don’t bother with even simple
security procedures because they’re too much of a pain in the neck - and
that’s something Android 5.0 Lollipop is designed to address.
Smart Lock security
Screen locking is one of the simplest ways to secure a phone or
tablet, but as Google points out, many people don’t use it “because it
takes too long to unlock, dozens of times per day”. Its solution, which
is baked into Android 5.0, is a smarter locking system.
You can pair it with compatible Bluetooth or NFC devices so the phone
doesn’t lock when you’re holding it with your Android Wear smartwatch or
when it’s paired with your car, or you can take advantage of the
revised facial analysis, now called Trusted Face, which can detect when
the user isn’t you and refuse to unlock your device.
In the longer term Android is likely to support trusted locations, so
for example your phone might remain unlocked when it knows you’re at
home. The possibilities here are very interesting: fancy a smartphone
that only unlocks with a PIN code if it also detects your watch, or that
refuses to unlock if you're in the bad side of town?
Kevlar around the core
Two of the most important security features in Android 5.0 Lollipop
are invisible to everyday users. Device encryption, previously available
as an option, is now on by default, so your data is protected from the
moment you first switch on your brand new or upgraded Android 5.0
device. There’s also mandatory SELinux Enforcing Mode for all apps on
all devices. SELinux first appeared on Android KitKat, and it prevents
applications from getting into parts of the system or device that they
aren’t supposed to. Making it mandatory for everything makes Android
significantly less exposed to malware.
Automatic updates and the kill switch
For some time now Google has been moving essential updates out of the
main Android package and into Google Play Services, which enables
Google to update crucial components without having to persuade
manufacturers to issue a brand new Android version. That continues in
Android 5.0, this time with the WebView component moving to Play
Services. WebView is the component app developers use to display web
content inside their apps, so the ability to patch it frequently is a
good thing.
Android 5.0 Lollipop also gains a “kill switch” in the form of
Factory Reset Protection. This requires your Google ID and password
before anybody can reset the device, and it makes it much more difficult
for a lost or stolen phone to be wiped by baddies. That’s the good
news; the bad news is that you have to specifically enable it. As
before, you can also use Android Device Manager to locate, reset or
erase your device if it goes missing.
The school of hard Knox
Android 5.0 Lollipop features something Samsung cooked up: Knox,
Samsung’s attempt to make Android more appealing to enterprise
customers. Google has taken three sets of APIs from Knox and put them
into Android: there are APIs for device and data security, APIs for IT
admins’ policies and restrictions, and APIs for remote application
deployment. Samsung has created a Knox compatibility library to make it
easy for Knox developers to make their apps work happily on Lollipop
too.
Phones get guest accounts too
The multiple account support we like so much on tablets makes its way
to Android smartphones in Android 5.0, and it’s well worth having.
There are three kinds of user accounts: guest mode, which is rather like
Chrome’s Incognito mode but for the entire phone, with the option to
start from scratch each time; profile accounts, which you can use to
prevent the kids from Googling for gore; and user accounts, which have
full access to apps and settings but which don’t affect other users’
accounts.
It’s still up to you
While Google has done lots of things to make Android 5.0 Lollipop the
most secure Android ever, the weak link in its armour is still the
device owner: if you don’t set up a lock screen or enable Factory Reset
Protection, for example, Android’s security isn’t going to help if your
device gets lost or stolen. Similarly, if you’re sideloading apps from
Dodgy Dave’s World of Warez An’ Crackz, even the new security features
might not protect your precious data from falling into the wrong hands
or stop someone cloning your credit card and using it to buy a
helicopter. What Google has done, though, is make it easier and quicker
than ever before to make your device secure. Keeping it that way is
still up to you.
What do you think? Is Lollipop a tough nut to crack, or is there more Google could do?
تعبيراتتعبيرات