31
Oct
icon

Yet another facet of KitKat worth pointing out today is the addition of new security enhancements to the OS. Security is one area that's frequently sensationalized with Android - it seems that every few days a scare story about Android malware creeps onto my Google News page. Google's eliminating security arguments (and possible arguments) one at a time, though, and has made a few key enhancements this time around.

First among them is a change to SELinux. For those not up to speed, SELinux - introduced in Android 4.2 - is essentially a set of kernel add-ons and tools that restricts pieces of software to run with only the bare minimum privilege set they require to function properly, and minimizes the damage a malicious program can do by tightly controlling security policy. Previously, SELinux operated in "permissive" mode in Android, but in 4.4 it has been switched to "enforcing" mode, meaning essentially that even if a piece of malware successfully intrudes, it won't be able to disable SELinux and do whatever it wants, even - theoretically - if it has administrative access.

Android 4.4 KitKat also mixes in improved cryptographic algorithms, adding support for Elliptic Curve Digital Signature Algorithm to improve security for digital signing, and the implementation of the Scrypt key derivation function to protect the keys used in encrypting a full disk.

Finally, KitKat applies VPNs per user, meaning each user can route traffic through a separate VPN without affecting other users on the device. FORTIFY_SOURCE level 2, a directive that detects buffer overflows in an effort to enhance memory safety, is also supported in 4.4. For Google's own list of enhancements, and more developer-facing changes, hit the link below.

Source: Android Developers

Liam Spradlin
Liam loves Android, design, user experience, and travel. He doesn't love ill-proportioned letter forms, advertisements made entirely of stock photography, and writing biographical snippets.

  • mgamerz

    This is going to make root interesting.

    • dhruva

      how?

      • mgamerz

        selinux in 4.2 made ota survival work less... i imagine it's going to be significantly harder to get exploits with this (of course, nexus can still just flash)

    • Ray

      If anyone can work it out, I'm going to put my money on Chainfire. He is a wizard!!

    • Bobby Phoenix

      It's set as Enforcing by default on the Note 3 which runs 4.3, and that has been rooted successfully, so there should be no issue on 4.4, unless Google did something strange to stop it.

    • liam

      This has nothing to do with root.

      • Jeff

        It has everything to do with root. One of the primary goals of SELinux is to limit the possibility of privilege escalation and to limit the effects if it does occur. Rooting devices is achieved through privilege escalation vulnerabilities, this will make it much harder, and even if you do achieve root, root's capabilities will be limited by SELinux policy, so you may not be able to do what you want.

  • NF

    So no Linux 3.10?

    • Nathaniel Webb

      Not just yet. I believe 4.4 is still based on 3.4 linux kernel.

      • CJ Vanilla

        I really thought this was on thing that was going to happen. Kinda surprised.

        • Kenny Strawn

          Well, there's probably the use of zRAM (compressed memory) in there for sure, which is definitely something that would allow KitKat to run on low-end devices.... but nope, so far, no 3.10 kernel.

  • ari_free

    Interesting that they've adopted scrypt.

  • Freddy

    SELinux was NOT enabled in any form in AOSP 4.2 builds….it came in 4.3.

    • Kenny Strawn

      It was enabled in some pre-release builds of 4.2, but ultimately disabled in the final release...

  • Cybertronic

    I was just looking at the kernel config. They left SELinux developer mode enabled. Which means once you get root, you can toggle it off. oops

  • Kenny Strawn

    Look on the bright side: this means that the only pieces of malware that can possibly do damage to an Android device are rootkits. The bad? Rootkits are the most difficult pieces of malware to remove.

    Of course, any software that is able to obtain a root exploit won't be allowed in the Play Store (even z4root has to be sideloaded) either, and Bouncer would probably block anything that has a root exploit in the code before it even gets through.

    • liam

      Rootkits would still be contained. That's one of the points of using a mac. You beat a mac by going after implementation errors not the theory, and this has been around for more than a decade.

      • Kenny Strawn

        Yup, pretty cool... Must add, however, that the only pieces of malware containing root exploits that were ever submitted to the Play Store — DroidDream and GingerMaster — were sumbitted and removed before the Play Store ever had Bouncer to protect itself.