Google confirms that 193 security vulnerabilities must be corrected

[ad_1]

<div _ngcontent-c15 = "" innerhtml = "

Google and Android logos are visible on Android mobile devices

LightRocket via Getty Images

The question of what Android could represent Q is over. As indeed, Android Q. Google has ad Android is evolving, and as part of this evolution, the new version of the operating system, which will be released in a few weeks, will be called Android 10. "There are many tempting" Q "desserts," says Sameer . Samat, vice president of product management for Android, said, "We believe that with version 10 and 2.5 billion active devices, it was time to make this change." It was also time to attack a total of 193 Android security vulnerabilities which Google has confirmed need to fix with Android version 10.

Android 10 security vulnerabilities

This surprising confirmation of Google's vulnerability came from official security release notes published in the Android Open Source Android Project (AOSP). update of the security bulletin August 20th.

The bad news is that 193 Android security vulnerabilities had to be fixed, covering a wide range of privilege elevations, remote code execution, disclosure of information and denial of service. Two of them are in the Android runtime itself, two others in the library and 24 in the framework. The essential, however, is shared between the Android multimedia framework with 68 vulnerabilities and the Android system with 97%. All were classified as "moderate" severity.

The good news is that all will be fixed by the default Android 10 patch level of 2019-09-01 at the release of the new operating system. Still on the positive news front, the update of the security bulletin indicated that "there has been no report of exploitation or abuse by our customers or customers. people who have abused these recently reported problems. "

Android 10 Privacy Enhancements

The good news for 2.5 billion Android fans does not stop there. Earlier this year, Stephanie Cuthbertson, director of product management for Android, said the Q of Android would bring "nearly 50 new features and changes focused on security and privacy." True to its promise, a multitude of new security and privacy features are indeed included in the Android 10 version.

You will find details of the most important privacy changes on the Android Developer's "Q" website, where: A declaration reads "Android Q extends the transparency and control that users have over the capabilities of data and applications."

The most important changes include "targeted storage" to give users more control over files by allowing only Android 10 apps to have a filtered view of their directory and specific media types.

Users will also have more control over when applications can use the device's location, offering two options when an application requests this access: when using the Application only, or at any time (in the background, in other words).

Android 10 will also limit the moment when the activity in the background can begin, to minimize interruptions for the user who can thus keep a better "control of what is displayed on the screen" .

There are also changes in the way apps can access the camera. Android 10 requires that applications obtain camera access permission to be able to "have" device-specific metadata. "& Nbsp;

With the introduction of Android 10, applications will not be able to enable or disable Wi-Fi, but must use a control panel to prompt the user to do so. In addition, "to protect user privacy, manual configuration of the Wi-Fi network list is now limited to system applications and device policy controllers."

According to one report in Wired"Google will now ask developers to use resettable identifiers to keep track of users, so if these fingerprints are never compromised, or if you want to erase your digital slate, you have a mechanism for do it."

Evolution of security on Android 10

Android 10 will also bring a quiet evolution of security rather than the revolution it seems. An encryption scheme of the name of Adiantum must be introduced as part of the Android 10 platform.

This is good news because Google will require encryption of all new devices running the latest Android operating system, including the Internet of Things, using either the established AES option or Adiantum. which offers sufficient performance to work with the low-end ARM processor. devices.

This Wired Report also shows how a new security library for Android 10 can be used with Google Jetpack set of tools to "help developers to secure their applications properly, even if they do not have great expertise in the field".

Along with the introduction of newly cured sandboxes, including mini-sandboxes that isolate system processes and application components, data leakage between applications should be less of a problem.

Finally, but certainly not at the bottom of the list of security issues, I'm delighted that Google is making changes to the way that Android 10 will handle security updates. The important components of the operating system will now be updated in the background, in the same way as the applications, to incorporate the latest security patches on your device as soon as they are available and without having to restart the phone!

The question of what Android could represent Q is over. Like Android, indeed, Q. Google has announced the evolution of Android. The new version of the operating system, which will be released in a few weeks, will be called Android 10. As part of this evolution, it will be called Android 10. "Sameer Samat, vice president of the product management for Android, said: "We believe that in the 10 and 2.5 billion active device versions, it was time to make this change." It was also time to tackle to a total of 193 Android security vulnerabilities which Google has confirmed the need to fix with Android version 10.

Android 10 security vulnerabilities

This surprising confirmation of Google 's vulnerability occurred in the official security release notes published in the Android Open Source Project (AOSP) security bulletin update on August 20th.

Android 10 Privacy Enhancements

You will find details of the major privacy changes on the website of the developer "Q" of Android, where it is written "Android Q extends the transparency and control of users on data features and applications" .

The most important changes include "targeted storage" to give users more control over files by allowing only Android 10 apps to have a filtered view of their directory and specific media types.

Android 10 will also limit the moment when the activity in the background can begin, to minimize interruptions for the user who can thus keep a better "control of what is displayed on the screen" .

There are also changes in the way apps can access the camera. Android 10 requires applications to obtain camera access permission for "potentially device-specific metadata."

According to a report published in Wired, "Google will now ask developers to use resettable identifiers to keep track of users, so if these fingerprints are never compromised, or if you want to erase your digital slate, you have of a mechanism this. "

Evolution of security on Android 10

Android 10 will also bring a quiet evolution of security rather than the revolution it seems. An encryption scheme of the name of Adiantum must be introduced as part of the Android 10 platform.

This Wired Report also shows how a new security library for Android 10 can be used with the Google Jetpack tool package to "help developers securely secure their applications, even if they do not have extensive expertise in the field".

Along with the introduction of newly cured sandboxes, including mini-sandboxes that isolate system processes and application components, data leakage between applications should be less of a problem.