Android Android Security and Privacy Protection

         Android is a mobile operating system developed by Google. Its development history can be traced back to 2003. After 20 years, it has developed into a widely used smartphone operating system and extended to other mobile fields, such as tablet computers and smart TVs. wait.

        In 2003, Andy Rubin (Andy Rubin) and his team founded the Android company. The company's early goal was to develop a smartphone operating system that could meet the different needs of consumers.

        In 2005, Google decided to acquire the Android company in order to enter the smartphone operating system market and compete with iOS .

        In 2007, HTC became the first mobile phone manufacturer to launch the Android operating system . The Android 1.0 operating system was also released in the same year.

        In 2008, Google released Android 1.5 Cupcake, which added new features such as sliding unlock and virtual keyboard .

        In 2009, HTC Dream became the world's largest selling Android phone, and the Android 2.0/2.1 Eclair operating system was released accordingly.

        In 2010, Google launched Android 2.2 Froyo, which added new features such as mobile hotspot and Adobe Flash Player support .

        In 2011, the Android 4.0 Ice Cream Sandwich operating system came out, introducing features such as Google Voice Assistant and face unlock .

        In 2012, Google launched Android 4.1 Jelly Bean, which added new features such as Google voice search and notification bar . Meanwhile, sales of Android devices surpassed those of Apple's iOS devices.

        In 2013, Google launched Android 4.4 KitKat with a focus on performance and stability for mobile devices. This version improves the Android-specific multi-user function, strengthens the function of Google Now, and so on.

        In 2014, Google launched Android Lollipop 5.0, which introduced a new interface design and simplified the user experience. At the same time, this version also introduces multi-user functions, etc.

        In 2015, Google launched Android 6.0 Marshmallow, adding new features such as dynamic runtime permission control and fingerprint recognition .

        In 2016, Google launched Android 7.0 Nougat, which introduced new features such as multi-window support and system update optimization .

        In 2017, Google released Android 8.0 Oreo, adding new features such as notification channels and adaptive icons. At the same time, Android's market share exceeds 80%.

        In 2018, Google released Android 9.0 Pie, adding new features such as gesture navigation and a new volume control method.

        In 2019, Google released Android 10, which contains a number of functional upgrades, including gesture navigation, notification bar management, global dark mode, etc., and three new functions of "priority", "silent" and "adaptive notification" have been added to notification management. Enhance dark theme background.

        In 2020, Google released Android 11, which mainly improved chat bubbles, security and privacy, and power menu functions, added link KPIs, and supported waterfall screens, folding screens, and dual screens.

        In 2021, Google released Android 12 to optimize the triggering problem. Double-tap the back gesture to take a screenshot, summon Google Assistant, open the notification bar, control media playback, or open the recent application list.

        In 2022, Google will officially release the first Android 13 developer preview.

        In April 2023, Google launched the first Beta test version (Beta 1) of Android 14 as planned.

        The Android security system mainly includes the following seven aspects:

1. Application permission management : Android applications need to obtain user permissions to access certain functions or data . Users can manage application permissions and disable unnecessary permissions to protect their privacy and data security. Specifically, permission control is implemented through application declarations, user authorization, and other means. (1) Application declaration : In the Android system, each application must declare the permissions it needs and the corresponding permission levels (such as NORMAL, DANGEROUS, and SIGNATURE, etc.) in the manifest file. These permissions include things like getting call history on the device or reading the user's photo album. (2) User authorization : When a user installs an application, the system will show the user the permissions required by the application, and the user will grant these permissions to the application only after the user agrees. In addition, during the running of the application, if the application needs to access sensitive resources or perform sensitive operations, the system will prompt the user for authorization. Users can also manage the access rights of the application through the setting interface of the application, such as canceling authorization or forcibly stopping a certain application. (3) Runtime permission management : When an application needs to access a sensitive resource, the system will send a permission request to the user at runtime, and the user can choose to accept or reject the request. This permission management method no longer requires the user to authorize all permissions when the application is installed, but can better protect the user's privacy and sensitive data.

2. Encrypted data : Android applications can use encryption technology to protect sensitive data in applications that are encrypted during storage and transmission, thereby protecting user privacy and data security. Specifically, Android's encryption functions include application layer encryption and system layer encryption. In the former, Android applications can use various encryption techniques to protect the security of application data. For example, the Java Cryptography Architecture (JCA) API can be used to provide support for symmetric and asymmetric encryption, digital signatures, hash functions, and message authentication codes. In addition, Android applications support the KeyStore API, which can securely store and retrieve keys and certificates, as well as TLS, which is used to encrypt network communications and protect the confidentiality and integrity of communication data. In addition, the Android operating system itself provides a variety of encryption technologies to protect the security of user data . For example, Android File-Based Encryption (FBE) encrypts files and directories on the device, protecting user data from unauthorized access. At the same time, Android Full-Disk Encryption (FDE) technology can protect the entire device, thus protecting all data stored on the device from attacks. On Android Nougat 7.0 and above, and devices that support hardware acceleration, the Advanced Encryption Standard (AES) algorithm is used; for earlier devices, the Triple Data Encryption Standard (Triple-DES) algorithm is used. In addition, Android also provides an API called Android KeyStore , which allows applications to store and retrieve keys and certificates in a secure area. This technology can make data more secure and can also be used to manage user authentication and passwords.

3. Comprehensive security settings : The Android system provides a series of security settings, including lock screen passwords, fingerprint recognition, facial recognition, etc., to protect users' equipment and data from being accessed and used by unauthorized people.

4. Memory protection : The Android system uses memory protection technology to prevent applications from interfering or attacking each other and improve application security. In the Android system, memory protection mainly includes the following five aspects of technology. (1) Memory isolation : The Android system runs each application through different processes, and each process has its own memory space. In this way, if one application crashes or is attacked, it will not affect the normal operation of other applications. In addition, the Android system allows each application to run in its own sandbox (sandbox) , thereby limiting its access to other applications and the operating system. (2) Memory address randomization (ASLR) : ASLR is a security mechanism that prevents attackers from exploiting known memory addresses by randomizing memory mapping addresses . The Android system randomizes the memory space address of each application program at runtime to increase the difficulty of the attacker's attack. (3) Stack protection : The heap and stack are important parts of storing data in the application, and attackers often exploit the loopholes in the heap and stack to attack the application. The Android system adds special boundary markers in the heap and stack . These markers are called Canary, which can detect the overflow of the heap and stack , thereby protecting the memory space of the application from being exploited by attackers. (4) Executable Memory Protection (NX) : NX is a security technology that prevents malicious code from executing in memory by marking memory areas as read-only or non-executable. The Android system uses NX technology to mark the memory space of all applications as read-only or non-executable , thereby protecting the memory space of applications from being exploited by attackers. (5) Memory encryption: On some devices, the Android system also supports memory encryption technology, which uses hardware encryption modules to encrypt the memory space of applications, thereby protecting sensitive data in applications from being accessed by attackers.

5. Malware protection : The Android system provides a security detection mechanism to detect and prevent the intrusion of malware, thereby ensuring the security of the device. The Android system provides a variety of malware protection features, some of which include (1) application credibility verification : the Android system digitally signs all applications, thereby identifying the author and source of the application. When an app is installed, the app's digital signature is verified to verify that the app is from a trusted developer and has not been tampered with or infected with malware. (2) Automatic update : The Android system supports the automatic update function of applications. When a developer releases a new version of an app, the system automatically downloads and installs the update, fixing known vulnerabilities and bugs in a timely manner. (3) Security scanning : The Android system integrates the Google Play Protect function , which can regularly scan the applications on the device and detect whether there is malware. Google Play Protect also supports remote uninstallation of apps and antivirus features, as well as other security tips and advice . (4) Rights management : The rights management function of the Android system can control the access of applications to sensitive information and functions on the device. By limiting the permissions of applications, you can reduce the risk of malware attacks. (5) Safe Mode : Safe Mode is a startup mode of the Android system, which can prohibit all third-party applications and reset some system settings at startup. This allows users to diagnose and fix issues on the device while in safe mode, including detecting and uninstalling malware. (6) Memory protection: As mentioned earlier, the Android system protects the security of applications through various memory protection technologies, such as memory isolation, memory address randomization, stack protection, NX technology, and memory encryption, so as to prevent malicious software attacks.

6. Security updates : Android systems and applications need to be updated in a timely manner to fix security loopholes and defects and improve system and application security.

7. Security auditing and monitoring : Android applications and systems need to conduct regular security auditing and monitoring to discover and fix potential security vulnerabilities and problems.

        From the perspective of user privacy protection, the main privacy protection functions of Android include:

1. Permission control : The Android operating system allows users to control the access permissions of applications. For example, when a user needs to use a certain function, such as obtaining mobile phone location information or using a camera, the system will prompt the user to authorize. This sensitive information can only be accessed with the user's authorization, which limits the application's ability to access the user's personal information.

2. Security encryption : The Android operating system supports multiple encryption technologies to protect the security of user data. For example, encrypt sensitive information such as passwords, PINs, and fingerprints to protect user privacy.

3. Automatically revoke permissions : In Android 11 and above, Google has introduced a new feature for apps to automatically revoke permissions. If the user does not use an application for a long time, the system will withdraw some permissions of the application, such as location, contacts, etc., to protect user privacy.

4. Hidden permissions : For some applications, users may not want access to certain sensitive information, such as phone numbers or personal contacts. In this case, users can hide these permissions to prevent applications from accessing such sensitive information.

5. Incognito mode : Incognito mode in Android 9 and above can hide personal information when users use certain applications. In incognito mode, the system restricts some functions, such as auto-filling forms and browser history, etc., to protect user privacy.