Security Enhanced Android released by the NSA

Its been proven that Android isn’t the most secure mobile operating system, and the National Security Agency felt they should step in. They have just released a version of Android known as “Security Enhanced Android” and it aims to fill in some of the loopholes that can make Android vulnerable. It is based off of AOSP Android, and the source is available for anyone looking to port it onto a device or within their ROM. The full description includes:

  • Per-file security labeling support for yaffs2,
  • Filesystem images (yaffs2 and ext4) labeled at build time,
  • Kernel permission checks controlling Binder IPC,
  • Labeling of service sockets and socket files created by init,
  • Labeling of device nodes created by ueventd,
  • Flexible, configurable labeling of apps and app data directories,
  • Userspace permission checks controlling use of the Zygote socket commands,
  • Minimal port of SELinux userspace,
  • SELinux support for the Android toolbox,
  • Small TE policy written from scratch for Android,
  • Confined domains for system services and apps,

This may be a message to Google that they need to make Android more secure, as viruses and other malware have been at large in the past couple of months. How do you feel about the security on your Android device? Should Google improve it? Let us know in the comments!

via Droid-Life; XDA; SELinuxproject 

Tags: , , , ,