9 security reasons you should upgrade to Android 8.0 Oreo
Android 8.0 Oreo has a lot of interesting features, right from the Instant App application (instant application) to the notification channel. Although most users are quite excited about these new features, there are a number of little-known security enhancements in this latest operating system of Google.
Security features may not be as exciting as other features, but they are equally important. The term security can be quite confusing for non-tech people, so this article will simplify security features in Android 8.0 Oreo.
Privacy update is available in the software
Here are some security features available in the operating system.
1. The sideload application is now safer
Unlike iOS, Android is quite "open" about allowing users to download applications on their device. Sideload applications allow access to all types of applications but installing applications from unverified sources can lead to huge security risks.
In Android 8.0 Oreo, there is a big change in how to download applications. Instead of allowing applications to be installed from anywhere, Oreo requires users to turn on this setting on a per-application basis. For example, you can install APK manually from the Amazon Appstore but block the installation of APK downloaded from Google Chrome.
This allows you to specify specific sources where applications can be installed, thus preventing users from installing applications from unknown sources. In addition, Google Play Protect can check for security threats from unknown applications.
2. Verified Android Boot 2.0 feature prevents tampering
Android Verified Boot is a security feature built into Android since 4.4 KitKat. Smart Android malware with root permissions can hide and hide, making security applications not discover them. This feature prevents the device from starting if the software is tampered with. However, a hacker can downgrade the device to an older version to ignore this feature.
- Summary of some root ways of Android devices
To prevent this, Oreo comes with Android Verified Boot 2.0, which supports Rollback Protection. It is designed to prevent the device from booting if downgraded to an older or more vulnerable version.
This is done by storing the operating system version inside a special hardware. Currently, Pixel 2 and Pixel 2 XL are two phones with this protection feature. Google strongly recommends that all device manufacturers will incorporate this feature in the future.
3. Project Treble allows you to improve the sandbox better
Project Treble is primarily designed to help device manufacturers quickly roll out new versions of Android. This is mainly redesigning the Android framework, separating specific device code from the operating system framework. Along with faster updates, it also plays an important role when it comes to security. Because the framework is redesigned and the sandbox is better, the exploitation of part less affects other parts of the system.
Hardware abstraction layer (Hardware Abstraction Layer - HAL) provides an interface between system hardware and software. Usually, it includes direct access to the kernel driver, resulting in HAL having additional access and access to hardware that is not entirely mandatory. In Oreo, each HAL runs in its own sandbox, making application access and hardware drivers less misused.
Improved security to protect users on the network
Here are some security enhancements in Oreo that help users be safe when browsing the Internet
4. Android stops supporting unsecured SSL versions
SSL / TLS are network protocols used to provide secure communication over the Internet. In 2014, Google researchers discovered a security vulnerability in SSL v3.0. With Oreo, Android stopped supporting old and unsafe versions of SSL.
Oreo also reduced support for the TLS backup version, which is a compatible solution to connect to servers deploying TLS incorrectly. Google said this solution was removed because it weakened the security system. For end users, this will make them more protected when communicating on the Internet.
Oreo also brings some security changes to the WebView element. In simple terms, WebView is considered as a browser wrapped in an application.
First, the components of WebView have been divided into separate processes, helping to handle unreliable content securely with the Sandbox. Now it also supports secure browsing and warning users about phishing sites.
5. Users are protected on public Wi-Fi
Not surprisingly, there are risks involved when connecting to public Wi-Fi is not guaranteed. Its open nature makes it easy for users to steal personal information from users.
- Instructions for use and security of Wifi network
Thankfully, the WiFi Assistant feature in Oreo can help you connect to a high-quality Wi-Fi network and secure it with VPN. However, this feature seems to be only available to Project Fi and Nexus / Pixel users.
Hardware-related security improvements
In addition to software enhancements, Google went even further to introduce some great hardware-related security features in Oreo.
6. Support for counterfeit hardware
Android Oreo allows support for dedicated security modules for hardware lock screen protection against physical attacks. Pixel 2 is the first phone that comes with such a security module.
Counterfeit hardware has its own RAM and other components, so it can completely control execution. Google says that it can also detect and protect against external tampering efforts. Counterfeit hardware complements software security mechanisms and provides enterprise-class security.
7. Support physical security keys
If you have enabled two-factor authentication, you may find that entering the code for the second authentication is quite complicated. In that case, the physical U2F security key can act as a second form of authentication, eliminating the hassle of manually entering the code.
- How to set up two-factor authentication on all social networks
Fortunately, Android Oreo supports physical security keys to be able to connect to your phone using Bluetooth or NFC.
Other security improvements
Besides the above features, here are a few other minor tweaks to security made in Android Oreo.
8. Lock the operating system kernel
Android Oreo limits access to the operating system kernel with the help of the new Seccomp filter. By using this filter, Google says that it can turn off unused system calls, thereby reducing operating system attacks. For the end user, this means that the operating system kernel is less exploited by malicious applications.
9. System notification overlays
Normally, Android allows applications to create ads on top of other Android applications. Developers have used this feature to build some creative concepts like picture-in-picture mode inside applications.
However, some hackers have also exploited this feature to display a ransom request window or even trick users into giving out their confidential information. In Oreo, there is a continuous notification whenever there is a System Alert Overlay. It also allows users to easily remove this notification and overlay.
See more:
- How to customize battery saving mode on Android Oreo
- Install Android Oreo now
- Instructions on how to customize the notification center on Android Oreo - No need to root
You should read it
- 5 certain tricks must know if you are using Android 8 Oreo
- Install Android Oreo now
- Google released Android Oreo Go for low-profile smartphones
- How to stop receiving continuous 'Apps running in background' notifications on Android 8.0 Oreo
- How to turn off automatically add the application icon to the Home screen Android Oreo
- How to customize battery saving mode on Android Oreo
- How to turn off the 'Is Displaying Over Other Apps' notification on Android Oreo
- Bring Android 8 Oreo to your phone with Action Launcher
- Emulator Android 8.1 Oreo running Windows Launcher was officially released, invited to experience
- How to bring Android 8.0 Oreo to old phones
- List of Xiaomi smartphones to Android 8 Oreo and Android 9 Pie
- Google officially launched Android O 8.0
Maybe you are interested
iPhone security tips you're missing out on
This list of common passwords shows how little we understand about online security
Download free Windows Server 2025 security guide
5 Misconceptions About Password Security
Should I buy a USB, Bluetooth or NFC security key?
4 Security Steps to Follow When Using Remote Access Applications