The 27 biggest tech scandals of 2019 - Business Insider

The 27 biggest tech scandals of 2019 - Business Insider
Android Q: All the new security and privacy features coming to Android 10 - XDA Developers
What you need to know about encryption on your phone - CNET

Posted: 30 Dec 2019 06:40 AM PST

November: TikTok suspends the account of a user who posted a video critical of China's treatment of Muslims.

feroza aziz tiktok uighur — Feroza Aziz's videos protesting the Chinese government over its treatment of Uighur Muslims went viral. Then she got notified that her account was suspended.

In November, an American teenager named Feroza Aziz posted a TikTok video that, from the outset, appeared to be just another online makeup tutorial. But in between showing how to correctly curl your eyelashes, Aziz called out the Chinese government for its treatment of Muslims.

The video went viral, but soon after, TikTok suspended Aziz's account. After public outcry, TikTok reinstated Aziz's account and apologized for suspending it in the first place.

But the controversy came after the video-sharing app has faced scrutiny in 2019 over its connection to China. While the app isn't available in China, it is owned by Chinese company ByteDance, and employees, users, and government officials have all questioned whether the company censors anti-China content on the app.

TikTok has denied these claims, arguing that none of the company's content moderators are based in China and that no "foreign government" pressures it to censor content.

A September report from The Guardian, citing leaked documents, said that TikTok instructed its moderators "to censor videos that mention Tiananmen Square, Tibetan independence, or the banned religious group Falun Gong." TikTok, in a statement to The Guardian, said those guidelines were no longer in use as of May 2019.

"In TikTok's early days we took a blunt approach to minimising conflict on the platform, and our moderation guidelines allowed penalties to be given for things like content that promoted conflict, such as between religious sects or ethnic groups, spanning a number of regions around the world," the company said. "As TikTok began to take off globally last year, we recognised that this was not the correct approach, and began working to empower local teams that have a nuanced understanding of each market. As we've grown we've implemented this localised approach across everything from product, to team, to policy development."

Android Q: All the new security and privacy features coming to Android 10 - XDA Developers

Posted: 17 May 2019 12:00 AM PDT

Each new version of the Android OS brings improvements to almost every aspect from the design, features, APIs, and more. At Google I/O earlier this month we learned about all the improvements that Android Q is going to bring, and of course, new privacy and security announcements were not left out from the conference. The platform security is one of the most important aspects of an OS, particularly for an OS that we bring everywhere with us in our pockets. If Android wasn't secure, we wouldn't trust it with half as many functions as we do. NFC payments would be out of the question, file sharing would be dubious at best, and connecting to other devices would be downright madness. In spite of the long-standing issue of version fragmentation, Google has done extremely well to keep the number of security issues to a minimum.

Android has matured into an OS that is both feature-rich and highly secure. But there is, of course, always room for improvement. There are many contributing factors to this security, and a few of them are being improved in some way with Android Q.

Encryption

Being one of the most basic security methods, it's important that every device supports strong encryption. Many OEMs these days ship their devices with dedicated encryption hardware. While this is beneficial, it's also expensive. As such, dedicated hardware has typically been restricted for mid to high tier devices. This is not to say that low-end devices cannot support encryption, but without hardware accelerated encryption the overall user experience is degraded because of slow read/write times. That's where Adiantum comes in.

Adiantum

Adiantum encryption

In February, Google announced Adiantum as an alternative encryption algorithm for lower-end phones that don't support regular AES instruction sets. Adiantum is specifically designed to run without any dedicated hardware. It serves as a lighter alternative to Android's regular AES encryption. Google's benchmarks tell us that it's actually 5x faster than AES, with the downside being that it slightly compromises on security. This makes it the ideal candidate for lower-end phones, such as those powered by Android Go Edition. Adiantum is also for products like smartwatches and a variety of Internet of Things devices.

Up until now, Adiantum was optional; manufacturers could enable it on devices launching with Android Pie, but it was not the default encryption algorithm. Now, Adiantum is included natively as part of Android Q. This means that all devices launching with Q will be required to encrypt user data, with no exceptions. As a result, devices launching with Android Q are guaranteed to have storage encryption, be it via Adiantum or not.

Jetpack Security Library

Jetpack is a set of Android support libraries, and one of the newest additions is in alpha: the Jetpack Security Library. The library simplifies the process of securing your application by handling things like the management of hardware-backed keystores and generating and validating keys.

TLS 1.3

Storage is not the only area encryption has been improved in, however. Communicating with other devices has been much improved, with the introduction of TLS 1.3 support by default. TLS 1.3 is the latest network cryptographic standard, finalized by the IETF in August of 2018. TLS 1.3 provides more privacy for data exchanges by encrypting more of the negotiation handshakes. On top of this, it's faster than TLS 1.2 due to an entire round trip being shaved off from the connection establishment handshake. Coupled with more efficient modern algorithms this makes for an up to 40% increase in speed.

TLS 1.3 in Google Chrome. Source: Google.

TLS is now updatable directly from Google Play because it's part of the "Conscrypt" component. You can read more about that and Project Mainline here.

Given that we trust so many sensitive transactions on our devices daily, the upgraded TLS is more important than ever. Storing the likes of boarding passes – and even digital drivers licenses at some point in the future – on Android means that all devices should encrypt user data as best they possibly can. Adiantum and forced encryption will pave the way for even the most sensitive of data to be stored on the cheapest of devices. But encryption is not the only way Google is increasing the security of Android in the Q release.

Permissions and Privacy changes in Android Q

Scoped Storage

Scoped Storage is a new safeguard being employed to restrict apps from reading/writing files in external storage that are not contained within their own sandboxed app-specific directory. Google's goal is three-fold: better attribution of which apps have control over which files, the protection of app data, and the protection of user data.

Google is doubling down on the MediaStore API for shared audio, video, and picture content. By default, all apps can insert, modify, or delete their own files to the MediaStore.Images, MediaStore.Video, and MediaStore.Audio collections without needing any permissions. Android Q also adds a new MediaStore.Downloads collection to store user-downloaded content, which all apps using the MediaStore API can contribute to. While files stored in sandboxed app-specific directories are deleted upon uninstallation, all files contributed to the MediaStore collections persist beyond uninstallation.

To access any files created by another app—whether the file is in one of the MediaStore collections or outside of them—the app must use the Storage Access Framework. Furthermore, EXIF metadata of images is redacted unless your app has the new ACCESS_MEDIA_LOCATION permission granted. In Android Q, apps can also control which storage device to land media on by querying its volume name using getExternalVolume().

Google initially imposed Scoped Storage restrictions on all apps in Android Q regardless of their target API levels, but after feedback, the company is giving developers more time to make adjustments. The full details on the Scoped Storage changes can be found on this page, and you can find out more about Google's recommendations on the best practices for shared storage by watching this Google I/O talk.

Warnings for apps targeting API level < 23

Permission restrictions don't end there, however. Installing an app which targets an API level lower than 23 (Android Lollipop or older) will cause the OS to display a warning to the user if said app requests sensitive permissions upon installation. Before installation, users will have the opportunity to manually specify which permissions they want to grant the app before proceeding. Thus, Android Q no longer allows apps to get around runtime permissions.

Like CopperheadOS, stock Android Q now lets the user disable all requested dangerous permissions before running an app for the first time. This only applies to apps targeting API level 22 or below, which is before runtime permissions were introduced (in Android Marshmallow.)

Eventual SYSTEM_ALERT_DEPRECATION in favor of the Bubbles API

Bubbles API in action. Source: Google.

The overlay permission (SYSTEM_ALERT_WINDOW) can no longer be granted for apps running on Android Q (Go Edition). For non-Go Edition devices, Google is pushing developers towards the new Bubbles API. Bubbles API is a feature introduced in Android Q Beta 2 which allows for functionality that's like Facebook Messenger's chat heads. Notifications from apps appear as little bubbles at the edges of the screen, which expand when tapped by the user. Within the bubble, an app can display an Activity.

This change was necessary because allowing apps to freely draw overlays over other apps poses obvious security risks. The infamous "Cloak and Dagger" exploit used this weakness extensively. The functionality of the overlay API has been restricted as early as Android Oreo, but now the Go edition of Android Q has fully removed access to the API with a future release to fully deprecate it.

Background Activity Launch Restrictions

Apps in the background can no longer automatically launch an Activity while the phone is unlocked, regardless of their target API level. There is a whole list of conditions under which apps can now launch activities, which you can read here. Background apps which do not meet these conditions and wish to urgently launch an activity will now have to tell the user via a notification. If the notification is created with a pending full-screen intent, then the intent is launched immediately if the screen is off—useful for alarms or incoming calls.

Background Clipboard Access Restriction

Background clipboard access is no longer possible. Any application that is not in the foreground or set as the default input method will not be able to read your clipboard in any way. This hits apps like clipboard managers especially hard. Google says that this change only affects apps that exclusively target Android Q, but our testing indicates that the restriction doesn't discriminate; any app we tried couldn't see the clipboard.

This change, of course, does make sense. We often copy sensitive information to the clipboard—things like passwords and credit card details—but it's still a shame to see clipboard managers go down the drain.

Location access only while an app is in use

New location permission options

A new user-enabled setting only allows apps to reach your location while the app is in use. The latest Android Q beta has also added a notification reminding you if you have granted an app permanent access to the location.

Roles

A new "Roles" API has been added. Roles are essentially groups with preset permissions access. For example, apps with the gallery role might have access to your media folders, while apps with the dialer role might be able to handle calls. Apps that are granted a certain role by the user must also have the required components. Apps with the gallery role, for example, must have the action intent filter android.intent.action.MAIN and the category intent filter android.intent.category.APP_GALLERY to show up as a gallery app in settings.

Sensors Off Quick Settings tile

Sensors Quick Settings tile

There is a new "Sensors off" quick settings tile which turns off readings from all sensors (accelerometer, gyroscope, etc.) on your device for true privacy. This Quick Settings tile is hidden by default but can be enabled by going to the "quick settings developer tiles" in Developer options.

Restrictions to /proc/net

Apps can no longer access proc/net, making services like netstat no longer viable. This protects users from malicious apps monitoring what websites and services they connect to. Apps that need continued access, such as VPNs, need use the NetworkStatsManager and ConnectivityManager classes.

Randomized MAC Addresses

: Randomized MAC address

: Randomized MAC address

Your MAC address is a unique identifier that networks use to remember which device is which. In Android Q, every time you connect to a new network, your device will use a new, randomized MAC address. As a result, networks can't track your location by matching what WiFi networks you connect to with the MAC address of your phone. The device's actual, factory MAC address can still be obtained by apps via the getWifiMacAddress() command.

Platform Hardening in Android Q

A single bug within Android does not mean that attackers now have full access to the OS or that they can bypass any security systems. This is in part due to a number of safeguards such as process isolation, attack surface reduction, architectural decomposition, and exploit mitigations. These safeguards render vulnerabilities more difficult or even impossible to exploit. As a result, attackers typically need a multitude of vulnerabilities before they can achieve their goals. In the past, we have seen attacks such as DRAMMER that work by chaining multiple exploits together.

Android Q takes safeguards such as these and applies them to more sensitive areas such as the media and Bluetooth components along with the kernel too. This brings some marked improvements.

A constrained sandbox for software codecs.
Increased production use of sanitizers to mitigate entire classes of vulnerabilities in components that process untrusted content.
Shadow Call Stack, which provides backward-edge Control Flow Integrity (CFI) and complements the forward-edge protection provided by LLVM's CFI.
Protecting Address Space Layout Randomization (ASLR) against leaks using eXecute-Only Memory (XOM).
Introduction of Scudo hardened allocator which makes a number of heap related vulnerabilities more difficult to exploit.

This is a lot of software jargon. The bones of it is that first, software codecs now run in sandboxes which have fewer privileges, meaning it's less likely that malicious software will be able to run commands that could harm your device, such as in the case of StageFright way back in 2015.

A constrained sandbox for software codecs. Source: Google.

Secondly, Android now checks for out-of-bounds array access in more places, as well as overflows. Preventing overflows and instructing processes to fail safely significantly decreases the percentage of userspace vulnerabilities. What this means is that if a malicious program tries to cause something to crash by deliberately attempting to get access to data that doesn't exist, Android will now recognize this and exit the program, instead of crashing.

Thirdly, Shadow Call Stack protects return addresses by storing them in a separate shadow stack, making them inaccessible to regular programs. Return addresses are typically pointers to functions, so protecting these addresses are important to make sure that attackers cannot access functions they shouldn't be able to.

Fourthly, ASLR is a protection method that randomizes where programs are stored in memory, making it harder to figure out where programs are being stored in memory based on the location of other programs. eXecute-only memory strengthens this by making code unreadable.

Finally, Scudo is a dynamic heap allocator which proactively manages memory in a way that makes heap-based vulnerabilities a lot harder to exploit. You can read more about it here.

Authentication

Updates to BiometricPrompt in Android Q

Google introduced the new BiometricPrompt API over a year ago, in Android P Developer Preview 2. It was intended to be a generic Android prompt for biometric unlock methods. The idea is that devices which support more than just fingerprint scanning, e.g. iris scanning on Samsung's Galaxy S line, will be able to use these methods when apps ask for verification.

Android Q adds robust support for face and fingerprint verification, as well as expanding the API to support implicit authentication. Explicit authentication requires that the user authenticates in some way before proceeding, while implicit does not need any more user interaction.

BiometricPrompt API changes in Android Q

BiometricPrompt API implicit and explicit flow. Source: Google.

On top of that, apps can now check if a device supports biometric authentication via a simple function call, allowing them to not waste time invoking a BiometricPrompt on devices that don't support it. An ideal use for this would be if apps want to give an "Enable biometric sign-in" setting based on whether or not a device supports biometric authentication.

The building blocks for Electronic ID support

Earlier this year, we discovered evidence that Google is working on support for electronic IDs in Android. At I/O, Google updated us on the progress of the feature. Google says they're working with the ISO to standardize the implementation of mobile driver's licenses, with electronic passports in the works. For developers, Google will provide a Jetpack library so identity apps can start being made.

Project Mainline in Android Q

Project Mainline is a major undertaking by Google to reduce the fragmentation of certain system modules and apps. Google will control updates for about 12 system components via the Play Store. We've talked about Project Mainline in-depth in a previous article if you're interested in reading more.

Conclusion

Security has always been a core part of Android's development. Google has done an impressive job of keeping Android up-to-date with the latest security features, as well as making some innovations of its own. They're continuing this development process with Android Q, packing it full of security features which are made to make sure your data is safer than ever before.

Source 1: What's New in Android Q Security [Google] Source 2: Security on Android: What's Next [Google] Source 3: Queue the Hardening Enhancements [Google]

With input from Mishaal Rahman and Adam Conway.

Want more posts like this delivered to your inbox? Enter your email to be subscribed to our newsletter.

What you need to know about encryption on your phone - CNET

Posted: 10 Mar 2016 12:00 AM PST

The heated and very public confrontation between the FBI and Apple has spurred a lot of talk about encryption, the technology that shields data on phones and other gadgets.

The feds are pushing Apple to find a way to prevent an iPhone 5C from erasing itself after 10 successive incorrect guesses at the passcode. The user of that phone, San Bernardino shooter Syed Farook, used a PIN code to secure his device, and without bypassing that code, the data stored on it is unreadable, thanks to encryption.

If Apple were to disable the auto-erase feature, the FBI could then connect the iPhone to a computer and quickly and repeatedly attempt to guess the passcode -- a technique commonly referred to as a brute force attack -- until the device is unlocked.

Should the FBI prevail and the courts force Apple to comply, the decision could have widespread implications for our daily lives. Apple and fellow technology companies would be forced to create permanent solutions for law enforcement to get around encryption, using what's commonly referred to as a back door.

Alternatively, companies could very well decide the financial burden of maintaining encryption and abiding by law enforcement requests is too much, and give up on adding security features to the devices we've come to rely upon.

With our personal devices carrying more and more of our lives than ever before, it's a good time to look at what is and isn't encrypted and what you can do to ensure your information is safe.

What is encryption?

A fancy word for a basic concept, encryption is the science behind protecting any information stored on an electronic device, be it a phone, a laptop or a server. On a phone that means your photos, text conversations, emails and documents.

Encryption stores information in a scrambled format, typically unreadable by computers or people without a key (which only the device's owner should know) to unlock the data. PIN codes (of numbers, letters or a combination of both) and fingerprints are just two of many examples of keys used to unlock an encrypted device.

Indeed, the practice of encryption is far more technical than requiring a PIN code or fingerprint to unlock a device. Some phone manufacturers, such as Apple, require multiple pieces of information -- one known to the device owner, another embedded in the processor inside the device unknown to anyone -- to unlock data stored within the device.

It's important to note, regardless of the device you're using, data created by third-party applications store information on their own servers, which may or may not be encrypted. Even then, the rules for decrypting data stored on a server are often different than data stored on a phone (see iCloud section below for more information).

In other words, most of what we do on a phone is backed up to a server at some point. That means a copy of your Facebook posts or photo albums, Snapchat conversations, or Twitter direct messages are stored on your device but also on the respective servers for each service.

Essentially, any information stored within an app on your phone that forgoes any sort of connection to a server is encrypted and inaccessible by law enforcement on a locked phone. For example, if an iOS user wanted to keep Notes or Contacts off of Apple severs, he or she would need to disable iCloud sync for the respective app in Settings.

If you've opted not to sync your contacts or calendars through Google or a similar service, relying instead on a local copy of information on your device, that data is encrypted and presumably inaccessible by law enforcement.

How does iOS handle encryption?

Apple began encrypting iOS devices in 2014 with the release of iOS 8. Prior to iOS 8, iOS users were able to set a PIN or passcode to prevent unauthorized access, but some of the data stored on the device was still accessible by Apple when law enforcement presented the company with a valid warrant. A total of 84 percent of iOS devices are running iOS 8 or later.

With iOS 8 and beyond, Apple no longer has the tools required to bypass a device's lock screen and gain access to any data stored on your iOS device. That means items such as call logs, photos, documents, messages, apps and notes are inaccessible to anyone without a device's PIN.

This is an important detail, as it has led to the current situation playing out in public view between the FBI and Apple.

How does iCloud factor in?

Another topic that's come up in the battle between the FBI and Apple is what data stored in an iCloud backup of an iOS can and cannot be accessed by Apple.

Apple's Legal Process Guidelines state iCloud backups are encrypted and stored on the company's servers. However, unlike an encrypted device, Apple can access information stored within a backup. Specifically, it's possible for Apple to provide authorities with "photos and videos in the users' camera roll, device settings, app data, iMessage, SMS, and MMS messages and voicemail," as detailed in Section J.

What about encryption on Android?

As with all things Android, there's a long list of caveats regarding encryption on an Android device.

Android manufacturers use different processors and components, each requiring custom software and backup services outside of what Google originally designed Android for. It's the key selling point of Android over iOS, as Android fans are quick to espouse. And they're not wrong. However, each change can introduce unintended security issues outside of Google's control.

Google first provided the option for users to opt into encrypting their devices in 2011. At the time, the option was strictly up to the user, leaving the manufacturer out of the equation.

Toward the end of 2014, though, the company released Android 5.0 Lollipop with the default setting of encryption turned on. But phone makers didn't have to enable encryption to be default when they made phones; it wasn't a requirement of Google, and in the end, most OEMs left the setting turned off, citing performance issues as the reason.

Then, with the release of Android 6.0 Marshmallow in 2015, Google started requiring manufacturers to enable encryption on all devices out of the box. There is, of course, an exception to the rule: Google allows phone makers to disable the feature on what amounts to entry level, and thus often slower devices. For those who want a more technical explanation, read section "9.9 Full-Disk Encryption" of this document.

Once an Android device is encrypted, all data stored on the device is locked behind the PIN code, fingerprint, pattern, or password known only to its owner.

Without that key, neither Google nor law enforcement can unlock a device. Android security chief Adrian Ludwig recently took to Google+ to refute a claim of a back door into Android: "Google has no ability to facilitate unlocking any device that has been protected with a PIN, password, or fingerprint. This is the case whether or not the device is encrypted, and for all versions of Android."

Nevertheless, each phone manufacturer is able to alter Android, customizing its look, adding or removing features, and in the process potentially introducing bugs or vulnerabilities authorities can use to bypass Android's security features.

So how do you know if you've got encryption working?

Android users can check the encryption status of a device by opening the Settings app and selecting Security from options. There should be a section titled Encryption that will contain the encryption status of your device. If it's encrypted, it will read as such. If not, it should read similar to "encrypt device." Tap on the option if you want to encrypt your device, but make sure to set aside some time -- encrypting a device can take upwards of an hour.

Google's backup service for Android devices is optional for device manufacturers and application developers. As with Apple's iCloud Backup practices, data within a backup stored on Google's servers is accessible by the company when presented with a warrant by law enforcement. However, because the backup service is opt-in by developers, it may not contain data from every app installed on your device.

What can you do to better protect your data?

Android users should enable encryption and set a PIN code or alphanumeric passcode. iOS users, setup Touch ID and use an alphanumeric passcode containing at least six digits. The longer password is a hassle, yes, but with Touch ID enabled, you shouldn't have to enter it too often.

If the FBI succeeds in forcing Apple to bypass a device's lock screen timeout, it would take five and a half years for a computer to crack a six-digit alphanumeric passcode, according to Apple's iOS Security Guide (see page 12).

As for protecting data stored in backups on Apple's or Google's servers, you can start by disabling iCloud backups by opening the settings app, selecting iCloud, followed by Backup and sliding the switch to the Off position. Apple also allows you to delete iCloud backups from your account through the iCloud settings on your iOS device by opening Settings > iCloud > Storage > Manage Storage.

On Android, the process for disabling backups will depend on the device you're using, but generally the setting is found in Settings app under Backup & Reset. You can remove backed-up data from Google's servers under the Android section in your Google Dashboard.

Search This Blog

Android Full Encryption