Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / Data Security / Android Oreo Protects from Bad Apps
Android 8.0 Oreo Will Protect You from Installing Harmful Apps
Android 8.0 Oreo Will Protect You from Installing Harmful Apps
By Shirley Siluk / Enterprise Security Today Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
Among the new features arriving with Google's latest mobile operating system update, Android 8.0 Oreo, is a new defense system against malware trickery when installing apps from outside of Google Play.

Officially named during Monday's coast-to-coast solar eclipse, Android Oreo is being rolled out via over-the-air updates to users with Pixel, Nexus 5X and Nexus 6P smartphones, with the Pixel C and Nexus Player to see updates "over the next several weeks," according to Google. Other new Android devices that support the OS are expected to begin arriving at the end of this year.

Unlike previous versions of Android, Oreo offers boosted protection against accidental downloads and installation of apps from untrusted sources. Users will still be able to install applications from sources outside of the Google Play Store and other first-party sites, but they must first grant specific permission for such actions.

Defends against 'Deceptive Behavior'

Android 8.0 Oreo adds new defenses against common malicious app tricks by eliminating the previous "allow unknown sources" setting in favor of a new permission to "install unknown apps." The new permission ensures that the app source itself is checked before the software can be installed.

"A common strategy employed by PHA [potentially harmful apps] authors is to deliver their apps via a hostile downloader," Android security product manager Edward Cunningham wrote yesterday on Google's Android Developers Blog. "For example, a gaming app might not contain malicious code but instead might notify the user to install a PHA that masquerades as an important security update . . . Users who have enabled the installation of apps from unknown sources leave themselves vulnerable to this deceptive behavior."

The updated app precautions build on Google Play Protect, another security offering that rolled out in May. Google said Play Protect continuously scans the estimated 2 billion Android devices around the world, using machine learning to watch for unusual and questionable behavior in more than 50 billion apps and automatically removing problem applications.

With the arrival of Oreo, Android users who choose to enable the new "install unknown apps" permission have greater transparency into the source of those apps before installation, Cunningham said.

"When used on a device running Android O and higher, hostile downloaders cannot trick the user into installing an app without having first been given the go-ahead," he said.

Faster Updates with Treble

Another new feature of Android Oreo is something called Project Treble, which uses architectural changes in the OS to speed up updating processes for Android device manufacturers. Treble essentially separates manufacturer implementation processes from the Android framework by adding a new vendor interface to streamline operating system updates, according to Project Treble team lead Iliyan Malchev.

"With a stable vendor interface providing access to the hardware-specific parts of Android, device makers can choose to deliver a new Android release to consumers by just updating the Android OS framework without any additional work required from the silicon manufacturers," Malchev noted in an Android Developers Blog post in May.

According to an article in BGR today, this means that "[e]very new phone that will launch with Oreo is 'treblized,' which means those devices will be easier to upgrade to future Android releases."

By the end of this year, Android users can expect to see Oreo-supporting devices from Essential, HMD (Nokia), HTC, Huawei, Kyocera, LG, Motorola, Samsung, Sharp, and Sony, Google vice president of engineering Dave Burke said on Monday.

Image credit: Product shots by Google/Android.

Tell Us What You Think


Posted: 2017-08-26 @ 2:12pm PT
This is about money not security. Google does not want people going outside their Store.

Like Us on FacebookFollow Us on Twitter

Over the past decade, hospitals have been busy upgrading their systems from paper to electronic health records. Unfortunately, spending so much on EHR may have left insufficient funds for security.
The British government officially blamed Russia for waging the so-called NotPetya cyberattack that infected computers across Ukraine before spreading to systems in the U.S. and beyond.
© Copyright 2018 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.