What’s going on with Lollipop and security? Computerworld’s JR Raphael begins his look at improvements in Android security built into Lollipop, which is the recently released Android 5.0, with the observation that the hysteria surrounding the topic is overblown. The scary stories about Android’s shortcomings only look at theoretical dangers, Raphael writes. Anyone not almost trying to encounter trouble is relatively certain to be safe.
That doesn’t mean that everything is fine. Far from it. The nature and structure of Android makes security upgrades and updates vital. Raphael spoke with Adrian Ludwig, Android’s lead security engineer. The conversation covered steps forward in Lollipop. These include current and future improvements in sandboxing, a pairing system that protects devices even if users are not security conscious, and more aggressive approaches to encryption.
TechCrunch has more on Lollipop security, taking a closer look at the Smart Lock feature. Darrell Etherington points out that the greatest threat to security is simply users who don’t use lock screen PIN codes and take other basic steps. Thus, machines are wide open if lost or stolen.
Android 5.0 confronts this problem:
Lollipop offers Smart Lock to help address this, which uses paired devices to let you tell your device it’s okay to open up without requiring a password or other means of authentication.
ZDNet’s Rachel King looks at the use of Security Enhanced Linux (SELinux), a method of providing administrators and users more options around access control. Lollipop requires SELinux for all applications, and full data encryption of digital information now is a default setting.
One of the biggest issues surrounding Android – and a big deal in its ongoing battle for supremacy against Apple – is security. Raphael may be correct that many of the dangers are overstated. But the challenges do exist and Google is doing a good job in confronting them.
And perception is reality: If Android is thought to be safer, it will fare better in the marketplace.
Carl Weinschenk covers telecom for IT Business Edge. He writes about wireless technology, disaster recovery/business continuity, cellular services, the Internet of Things, machine-to-machine communications and other emerging technologies and platforms. He also covers net neutrality and related regulatory issues. Weinschenk has written about the phone companies, cable operators and related companies for decades and is senior editor of Broadband Technology Report. He can be reached at firstname.lastname@example.org and via twitter at @DailyMusicBrk.