Cryptography professor warns about Android security, says some of it is six years behind the iPhone

14comments
Cryptography professor warns about Android security, says some of it is six years behind the iPhone
We are constantly barraged with sensationalist headlines of the "millions of Android phones are under threat" type that inform about this and that malware or security lapse that is usually pretty easy to avoid if you install decent apps from legit sources. 

The sole reason for so many Android security news, however, is that Android's encryption is still not up to par, even the latest 7.0 Nougat version, reveals a cryptography professor from Johns Hopkins university.

According to Matthew Green, while Nougat devices have moved away from the full-disk encryption (FDE) of yesteryear that is easier to hack, and employ file-level protection if you set a passcode, there are scenarios where you can still access some files directly as the encryption keys are being stored in memory. 

Apparently, while Apple provides no less than four protection levels for developers to choose from, Android N has only two, and even if it adds more down the road, this will still leave millions of legacy apps somewhat vulnerable. In a nutshell, the cryptography professor's disheartening conclusion is that the current state of Android's security is only good for Google to keep the FBI at arm's length.


source: Matthew Green (Cryptography Engineering)
Create a free account and join our vibrant community
Register to enjoy the full PhoneArena experience. Here’s what you get with your PhoneArena account:
  • Access members-only articles
  • Join community discussions
  • Share your own device reviews
  • Build your personal phone library
Register For Free

Recommended Stories

Loading Comments...
FCC OKs Cingular\'s purchase of AT&T Wireless