- Feb 7, 2014
- 1,540
Google has re-architected the Mediaserver component in Android 7.0 Nougat and included other security enhancements in the new platform release.
Android Nougat was released on Aug. 22, but Google decided to provide detail on the security enhancements on Sept. 6. In addition to the re-architected Mediaserver, other ehnacements include a new Direct Boot mode, hardened media stack, strict enforcement of verified boot with error correction, and a reduced attack surface and better memory protection via updates to the Linux kernel.
Courtesy of the newly introduced Direct Boot, users no longer need to enter their PIN/pattern/password to have access to the phone’s main features, such as the phone app and alarm clock during the boot process. Android 7.0 also comes with file-based encryption, designed to deliver an improved user experience, as the system storage area and each user profile storage areas are encrypted separately.
“Unlike with full-disk encryption, where all data was encrypted as a single unit, per-profile-based encryption enables the system to reboot normally into a functional state using just device keys. Essential apps can opt-in to run in a limited state after reboot, and when you enter your lock screen credential, these apps then get access your user data to provide full functionality,” Xiaowen Xin, Android Security Team, explains.
File-based encryption, Google says, can better isolate and protect individual users and profiles on the device. A unique key is used to encrypt each profile and only the user’s PIN or password can unlock that profile, Google explains. The new platform also requires that new capable Android devices pack trusted hardware, such as the ARM TrustZone, which is used to store security keys.
You can catch the rest of this news here: Android 7.0 Packs Re-Architected Mediaserver, Other Security Enhancements | SecurityWeek.Com
Android Nougat was released on Aug. 22, but Google decided to provide detail on the security enhancements on Sept. 6. In addition to the re-architected Mediaserver, other ehnacements include a new Direct Boot mode, hardened media stack, strict enforcement of verified boot with error correction, and a reduced attack surface and better memory protection via updates to the Linux kernel.
Courtesy of the newly introduced Direct Boot, users no longer need to enter their PIN/pattern/password to have access to the phone’s main features, such as the phone app and alarm clock during the boot process. Android 7.0 also comes with file-based encryption, designed to deliver an improved user experience, as the system storage area and each user profile storage areas are encrypted separately.
File-based encryption, Google says, can better isolate and protect individual users and profiles on the device. A unique key is used to encrypt each profile and only the user’s PIN or password can unlock that profile, Google explains. The new platform also requires that new capable Android devices pack trusted hardware, such as the ARM TrustZone, which is used to store security keys.
You can catch the rest of this news here: Android 7.0 Packs Re-Architected Mediaserver, Other Security Enhancements | SecurityWeek.Com