Google has begun rolling out the latest version of Android to some devices and manufacturers, and the release comes with a number of significant security and privacy enhancements, including a feature that allows for private web browsing.
Android P (or Pie or Android 9) is already available for several phone models, including Google’s own Pixel devices, and will be available for phones from other manufacturers in the next couple of months. Google added a variety of new features to the operating system, as per usual, and it didn’t skimp on the security upgrades, either. Perhaps the biggest change is one that won’t necessarily be noticeable to many users but could make a significant difference in their privacy and security.
In Android P Google has enabled a service called DNS over TLS that will automatically send all of the DNS queries from the device over an encrypted connection. The feature is designed to prevent attackers from snooping on users’ DNS requests, something that can give them information about a target user’s online activities. This could be done through large-scale passive surveillance by an intelligence agency, or through more targeted surveillance on an individual or small group of users. The Private DNS feature in Android P, which is enabled by default, implements DNS over TLS and gives users a new layer of protection against passive monitoring of their activities.
“By default, devices automatically upgrade to DNS over TLS if a network's DNS server supports it. But users who don't want to use DNS over TLS can turn it off,” Erik Kline and Ben Schwartz, software engineers at Google and Jigsaw, respectively, wrote in a blog detailing the feature.
“DNS over TLS mode automatically secures the DNS queries from all apps on the system. However, apps that perform their own DNS queries, instead of using the system's APIs, must ensure that they do not send insecure DNS queries when the system has a secure connection.”
Apps can now take advantage of tamper-resistant hardware to protect their private keys.
Android P also comes with some other, more obvious, security upgrades. One of those is the ability of apps to use a hardware-based security module to protect sensitive data such as encryption keys. On supported devices, such as the Pixel 2, Android P apps can use the tamper-resistant hardware module in the devices to store confidential data. The module sits on a separate chip and has its own memory, and it designed to be resistant to both hardware and software attacks.
“On compatible hardware, apps can now take advantage of tamper-resistant hardware to protect their private keys, making it harder than ever for malware to steal their credentials,” Google said.
The new version of the OS also includes a feature that will restrict apps’ access to a device’s sensors--microphone, camera, etc.--when the apps are running in the background or are idle. A common trick used by malware and some sketchy apps is to gain permission to access those sensors, either through deception or other means, and then maintain access permanently. The new feature will allow users to stop apps from accessing the mic or camera unless they’re actively in use.