Android security came a long way in 2016 but Google says there is more work

ransomware wannacry exploit attacking pc security padlock
Maksim Kabakou/Shutterstock.com
With hundreds of different Android devices out in the wild, running different versions of the operating system on different hardware, Google faces a massive challenge in distributing critical security updates. In the past, many users have had to wait up to three months before having their phones patched, not only due to the variation between Android products, but also the lack of urgency with which manufacturers pushed fixes out.

Google has been well aware of this problem, which is why it has made significant strides over the past several years, reducing that wait time to just a couple of days, according to TechCrunch. But there is still work to be done, as Adrian Ludwig and Mel Miller, members of Android’s Security Team, have noted in a year-in-review blog post.

More than 735 million devices from more than 200 manufacturers received security updates last year, according to Google. While that illustrates the company’s commitment to keeping users safe, the job is hardly complete. Ludwig and Miller also noted roughly half the Android products in use at the end of 2016 had not received an update in the preceding 12 months. Google claims its new A/B update system, designed to make over-the-air updates more reliable and prevent them from inadvertently bricking phones, will help encourage installation.

The monthly security update initiative, set in motion after the Stagefright vulnerability was discovered in 2015, also saw expansion in 2016, the team reported. Those updates were released for devices running Android 4.4.4 and up, which comprises 86 percent of all active devices globally.

Ludwig and Miller also said they made strides in stamping out potentially harmful apps (PHAs) in the Google Play Store. Verify Apps, a system that checks users’ devices for PHAs, conducted 750 million daily tests last year, up from 450 million in 2015. As a result, installation of PHAs was reportedly reduced in the top 50 countries in which Android devices are used. Google estimated PHAs accounted for 0.05 percent of all apps on the Play Store last year, compared to 0.15 percent in the year prior.

Of course, Google Play isn’t the only place where users can get their apps, and that is one of the roadblocks Google encountered trying to make Android safer for everyone. The number of devices with a PHA installed — from any source, not just Google’s marketplace — actually rose to 0.71 percent from 0.5 percent.

Although many Android users have chosen Pixel and Nexus devices to receive updates straight from Google automatically, the security team attributed much of its progress to enhancements offered by the release of Android 7.0 Nougat. Chiefly, the introduction of file-based encryption and protections against media-based attacks have bolstered security in the most recent Android phones, regardless of manufacturer.

Still, as much as the Android Security Team has accomplished alongside partners and carriers, it still helps to have friends in the research community. Google said its Vulnerability Rewards Program paid out nearly $1 million to researchers in 2016 for their contributions — some of which were set to rave music.

Photography

The 2019 class of camera phones is great, and we tested them to find the best

It's the middle of the year, which means it's time for a mid-year camera shootout to find the best among our top phones of 2019. We pit six phones against each other, including the OnePlus 7 Pro, Pixel 3a, and Galaxy S10 Plus.
Mobile

The Qualcomm Snapdragon 855 has smart card-equivalent security certification

The Qualcomm Snapdragon 855 is Qualcomm's flagship processor for the year, and it's available in a range of smartphones. Now, the chip is certified with a smart card equivalent security rating.
Computing

Apple has a plan to save Mac gaming, but it’s not the one you want

The Mac isn’t known for being a game-friendly platform, but Apple hopes to change that in the coming months and years. The thing is, its plan may not be quite what you were hoping for if you’re a Mac gamer.
Product Review

Amazon's new Fire 7 tablet will attract bargain hunters like moths to a flame

Amazon brought some slight improvements to its Fire 7 tablet this year and offers an impressive package for just $50, but there are flaws you should be aware of before you buy. Find all the pros and cons right here.
Cars

What is Android Auto? Pull over and we'll tell you everything you need to know

What is Android Auto? Google's app overrides native infotainment systems to reduce distractions while driving. Here's everything you need to know about it, including the feature set and compatible car models.
Mobile

The stand-alone Palm is available for purchase and still costs $350

A reboot of the classic Palm is finally here and it's tiny. It syncs to your phone and acts as a secondary device -- with a feature to help you disconnect from technology. The Palm will be available exclusively through Verizon for $350.
Mobile

Looking for a stylus for cheap? The Adonit Pro 4 is a great starting point

For casual note takers and sketch artists, the Adonit Pro 4 stylus is a low-maintenance, low-cost device for people just getting started with using a conductive pen on their smartphone or tablet.
Deals

Google Pixel 3 and 3 XL smartphones get price cuts ahead of Amazon Prime Day

American software titan Google has entered the mobile game in a big way with its excellent Pixel devices, and the third-gen Pixel 3 and Pixel 3 XL can both be had at nice discounts right now from Amazon.
Mobile

What is UFS 3.0 storage? We asked an expert about the SSD for phones

We take a dive into UFS, or Universal Flash Storage, to find out what the latest UFS 3.0 standard is capable of and why you might want it in your next smartphone. An expert from the standards body, JEDEC, explains all.
Mobile

Having problems with your OnePlus 7 Pro? Check out these workarounds and fixes

Every phone has issues that require some tweaking to sort out. Here are the most common OnePlus 7 Pro problems that people are talking about with advice on how you can work around them or fix them and get on with your day.
Android

Samsung's Galaxy S10 5G is coming to T-Mobile on June 28

Samsung's Galaxy S10 5G is the flagship of the S10 line, and it's expensive at $1,300. But, it's the only one of Samsung's latest phones that can connect to a 5G network. It's available from Sprint and Verizon, and now T-Mobile.
Mobile

The best gardening apps help you watch your garden grow

It takes work, commitment, and smarts to cultivate a beautiful garden or grow your own food, so you need all the help you can get. The best gardening apps can identify plants and pests and assist with garden care and planting schedules.
Mobile

Here are 5 things I’d like to see in the Samsung Galaxy Note 10

It's important that smartphones continue to improve and evolve or they risk stagnation and may alienate potential buyers. Here are five changes and new features I'd like to see in Samsung's forthcoming Galaxy Note 10 smartphone.
Product Review

Diesel On Full Guard 2.5 watch has killer looks but deadly battery life

Diesel’s no-holds-barred watch designs are awesome, so we hold its new smartwatch to a similarly high standard. While Diesel holds its end of the deal up, the On Full Guard 2.5 is let down by the battery and Wear OS.