According to a source, a group of researchers who had checked the security strength of Android Lollipop 5.0 has stated that there are still a hefty amount of changes that need to be introduced in order to make the operating system much more secure. Elena Reshetova and her colleagues hailing from Finland’s Aalto University along with support from Intel have stated the following:
“Starting from the 5.0 Lollipop release all Android processes must be run inside confined SEAndroid access control domains. As a result, Android device manufacturers were compelled to develop SEAndroid expertise in order to create policies for their device-specific components. In this paper we analyse SEAndroid policies from a number of 5.0 Lollipop devices on the market, and identify patterns of common problems we found. We also suggest some practical tools that can improve policy design and analysis. We implemented the fist of such tools, SEAL.”
One of the things that they also mentioned is that while improved structuring and policy would allow the security of the platform to greatly improve, majority of smartphone OEMs make ample room for mistakes. This is due to the level modifications that these manufacturers add to their mobile devices in the form of interfaces, which end up rendering policies less strict, and a result, allow more vulnerabilities to sprout.
While an abounding amount of effort is going to be required to make the security of Android much more robust, other manufacturers have taken it upon themselves to improve security at a hardware level. UMi iRon Pro for example, is said to be the world’s first ever smartphone to feature a combination of a fingerprint and iris scanner, plus a voice recognition function to unlock the handset. This level of sophisticated security is going to be required to in order to put users’ worry to rest.
Additionally, fingerprint scanners were thought to give users a large degree of comfort, but they are not exactly the most secure feature around, which has obviously given rise to other security layers being incorporated by Chinese smartphone manufacturers and several others. According to the researchers, it is highly possible to thoroughly improve Android security overtime, but seeing as the level of modifications that other OEMs bring in their smartphones, it will definitely take a considerably long period.