Thursday, 9 March 2017

Protection Against Android Malware

Android
BGR
Some tips could always be useful irrespective of the user being new to Android who would be eager to explore new available options on the screen. Some of them could also be annoying which tends to come with the daily functions and operations. These tips could be helpful to the user since every few months there seems to be some security vulnerability in Android which could affect many users of Android smartphones, for instance in recent years, Quadrooter together with Stagefright.

 These two security vulnerabilities were considered to be different. In regular life, how secure would Android be and what would be helpful against the dangers from the internet? Numerous security holes had been exploited by Quadrooter, in Qualcomm drivers in the summer of 2016 wherein nine hundred million Android devices had been affected.

This had been presented by those who had identified the gaps. But in order to take the benefit of the Quadrooter exposure, the invader needs to be capable of installing and running an appropriate designed app on a smartphone. The Stagefright susceptibility seemed to be different which was unseen in the functions in processing of streams or media files and the issue was that when even a video would be sent as an MMS there was a tendency of it being misused.

The invader had the capability of sending a file to the user where the dangerous code could be accomplished. Beginning with Android 4.0, it seemed difficult to exploit the susceptibility owing to the system intervention, though it is not difficult. The dissimilarity between the two security breaches is evident. While Quadrooter tends to need few steps from the user, Stagefright can be exploited remotely without the need of interaction of the user. Android tends to have various means of safeguarding the security of the users. The most significant methods are:

1. Prevention of installation of unfamiliar apps 



There is said to be a setting in the Android system which enables or disables installations of apps of unfamiliar source wherein the option gets deactivated on the device in its delivery state where one can install apps only from the Play Store. Some of the companies tend to have their own app store preinstalled like in the case of Samsung, with its Galaxy Apps. The capability of limiting the option is not relevant for these and this option tends to protect the user against malware spreads through an unfamiliar app store or simple internet pages. News regarding malware in the Play Store seems to be quite rare since these disreputable apps are eradicated rapidly from the Play Store. However, unknown sources need to be activated in using app store of Amazon or perhaps for another like F-Droid.

2. Virus Scanner of Google 



The second line of defense of Google does not seem to have compatibility issue but provides security against malicious apps – virus scanning. Beginning with Android 4.2, this has been made available and is now a part of the services of Google Play. It has also been activated by default and should be left that way. The setting is said to enable apps to be scanned for likely malware before the installation. However if malware tends to be discovered, Android rejects the installation.

Quadrooter Malware 



Google had confirmed with Android Central some few days after discovering that Quadrooter malware cannot be installed while the corresponding setting had been set. Adrian Ludwig, security chief of Android had declared that it was identical to Gooligan, the malware which had hacked Google accounts in December 2016. As of April 2016, Android Security Report, in 2015 states that with this procedure, the threat landscape for users of Android could be considerably less and with this feature the malware apps does not have any chance against Google. Essentially the verification of the app tends to function by calculating the fingerprint – hash value of an APK which is compared against the database of Google comprising of likely threats. Google tends to scan apps on the Play Store, as well as APKs which are accessible through the web.

Alerts against Ensuing Manipulation



This system seems to be quite effective since around 90% of the apps connected outside the Play Store seemed to be well-known to Google which had been scanned for probable security concerns. Besides this, Google is also capable of extracting specific features from the apps subjecting them to identical process which enables Google to identify dangerous feature. Thus it warns the user if essential and also prevents the installation of such a kind of app. Google, in the meantime tends to scan the installed apps during the process and can also alert against ensuing manipulation of the app, which is already installed. In the case of extreme condition, there is also the likelihood of removing apps from the smartphone if these have been permitted by a device administrator.