Here's how Google made 95% of all Android devices more secure
With the latest so called “Master Key” exploit attracting widespread attention, Google had to act quick, and it really did. It issued a patch that took care of the vulnerability to its OEM partners, and patched the Play Store almost immediately. Problem solved, right? Not quite, as you probably thought. Despite Google's best intentions, OEMs are infamous for their slow update cycles, and there was no telling exactly when the critical mass of Android devices would be protected from a threat that was already spreading in the wild.
"We wanted to make sure those protections were available even for users who were choosing to install applications from a source other than Google Play," Android Security Engineer Adrian Ludwig told ComputerWorld. "It's always been a focus for Android to make sure that we're supporting an open ecosystem and that it's possible for users to get applications that developers, for any number of reasons, aren't distributing through [the official Play Store channel]."
The ramifications of this are huge, folks! By deconstructing Android in this way, Google will be able to skip the glacier-slow OEMs and be able to issue security updates largely on its own. With this, and the recently unearthed “Apps Ops” feature making its debut in Android 4.3, Google really seems to have stepped up its game in terms of security, and we're the happier for it.
source: ComputerWorld
