Google’s decision to integrate Samsung’s Knox security service into Android L is a step in the right direction, but not enough to fully protect the mobile operating system against hackers, who are hitting it with more malware than the firm is willing to admit, according to security experts.
F-Secure security analyst Sean Sullivan told V3 he expects Knox integration to prove a hit with IT managers, making it far easier for them to safely deploy and manage Android devices.
“This is a good move in the right direction if Google wants to help IT managers who need to deal with ‘herding cats’ [managing employees],” he said.
“Based on what I’ve read – Knox should provide some IT managers with what they need to lock down devices owned by the organisation. I don’t think it will make a very big impact on the personally owned devices yet.”
Samsung Knox builds on the Security-Enhanced Linux (SE Linux) technology developed by the US National Security Agency (NSA). At a basic level, Knox is a sandboxing service that lets users create separate work and personal areas on their device.
The work area is password protected and encrypts any data stored on it. The feature also allows IT managers to perform tasks such as remotely wiping files stored on the work side without deleting content on the personal side.
Google senior vice president for Android, Chrome and Apps Sundar Pichai announced Google’s Knox plans at the company’s I/O keynote on Wednesday, listing it as a key step in the firm’s battle to secure Android, which he claims has a miniscule 0.5 percent “malware encounter” rate.
FireEye senior software research engineer at Yulong Zhang questioned Pichai’s claim. “’0.5 percent of malware’ – it’s a little bit incorrect. The stats apply only for Google Play store; for third-party app markets, the ratios are way higher. What’s more, for enterprise customers, they should care about not only malware, but also apps with vulnerabilities,” he said.
“Adding on to the third-party markets. It is worthwhile to note that even though Google Play forms a big part of the consumer usage in the USA, UK and others, third-party market stores are very much prevalent in the Asian subcontinent (China, Korea, Russia).”
He added that the higher-than reported malware encounter rate, combined with the high number of vulnerabilities in legitimate Android apps means that even with Knox the platform will not be fully secure.
“Based on our experience, there’s no way to 100 percent guarantee the non-existence of loopholes. So far we haven’t seen any existing security solutions that can be marked as ‘enough’ for corporate use,” he said.
Knox is one of many security updates promised for Android L during Wednesday’s I/O keynote. Android L will also include advanced data-privacy controls and a killswitch function that lets users disable any device running Android L if it is lost or stolen.