Great Motorola Edge deal on Amazon!

Cryptography professor warns about Android security, says some of it is six years behind the iPhone

By Daniel P.
14comments
iOS Android
Cryptography professor warns about Android security, says some of it is six years behind the iPhone
We are constantly barraged with sensationalist headlines of the "millions of Android phones are under threat" type that inform about this and that malware or security lapse that is usually pretty easy to avoid if you install decent apps from legit sources. 

The sole reason for so many Android security news, however, is that Android's encryption is still not up to par, even the latest 7.0 Nougat version, reveals a cryptography professor from Johns Hopkins university.

Android struggling to deploy encryption that Apple figured out 2010

According to Matthew Green, while Nougat devices have moved away from the full-disk encryption (FDE) of yesteryear that is easier to hack, and employ file-level protection if you set a passcode, there are scenarios where you can still access some files directly as the encryption keys are being stored in memory. 

Apparently, while Apple provides no less than four protection levels for developers to choose from, Android N has only two, and even if it adds more down the road, this will still leave millions of legacy apps somewhat vulnerable. In a nutshell, the cryptography professor's disheartening conclusion is that the current state of Android's security is only good for Google to keep the FBI at arm's length.

If you’re an optimistic type, you’ll point out that Android is clearly moving in the right direction. And while there’s a lot of work still to be done, even a half-baked implementation of file-based protection is better than the last generation of dumb FDE Android encryption...

On the other hand, you might notice that this is a pretty goddamn low standard. In other words, in 2016 Android is still struggling to deploy encryption that achieves [lock screen] security that Apple figured out six years ago. And they’re not even getting it right. That doesn’t bode well for the long term security of Android users.

source: Matthew Green (Cryptography Engineering)

Recommended Stories

Loading Comments...

Popular stories

Even longtime T-Mobile customers will have to put up with slow internet speed policy
Even longtime T-Mobile customers will have to put up with slow internet speed policy
Two more companies want FCC action against T-Mobile for interference from 5G
Two more companies want FCC action against T-Mobile for interference from 5G
The 51 million customers affected by the AT&T data breach are getting free protection for 12 months
The 51 million customers affected by the AT&T data breach are getting free protection for 12 months
Make your Galaxy fingerprint scanner unlock faster as Samsung fixes what One UI 6.1 broke
Make your Galaxy fingerprint scanner unlock faster as Samsung fixes what One UI 6.1 broke
iPhone users warned to disable iMessage temporarily to avoid getting hacked
iPhone users warned to disable iMessage temporarily to avoid getting hacked
T-Mobile will soon have another reason to gloat
T-Mobile will soon have another reason to gloat

Latest News

Verizon's Visible introduces annual plans with discounts up to 26%
Verizon's Visible introduces annual plans with discounts up to 26%
Comcast launches NOW, low-cost and prepaid brand for data, TV, and WiFi hotspots
Comcast launches NOW, low-cost and prepaid brand for data, TV, and WiFi hotspots
Apple tipped to reduce display size of iPhone 17 Plus
Apple tipped to reduce display size of iPhone 17 Plus
Google Photos working on an option to hide your downloaded memes and other UI tweaks
Google Photos working on an option to hide your downloaded memes and other UI tweaks
Hurry up and snatch Amazon's jumbo-sized Fire Max 11 tablet at its biggest discount yet
Hurry up and snatch Amazon's jumbo-sized Fire Max 11 tablet at its biggest discount yet
Memes of the week: Crazy Pixel leaks, OnePlus feels the heat in India, and more!
Memes of the week: Crazy Pixel leaks, OnePlus feels the heat in India, and more!
FCC OKs Cingular\'s purchase of AT&T Wireless