Kamis, 07 Juni 2018
Every Android application works in a so-called process sandbox. These silos offer a unique advantage to Android apps, as malicious software can be more efficiently captured and recognized. If the app requires data resources other than a one-to-one sandbox, a usage permit is required. An Android app in its most basic form has no standard permissions and can not affect the user experience. To access protected device data, authorization tags must be written to the app manifest. From today, applications are required to install applications that are compatible with older Android operating systems - Android Lollipop and lower - permissionscompatible. If anew authority is added, the user status is notified when updating the application. Once the software is installed, the permission can not be revoked, unless the app is completely uninstalled. However, in the second half of 2018, Android will need new apps to work at the latest API level. This requirement ensures that apps are designed for improved security and performance features.
After this change, the usage permissions are sent to the user at run time and may be withdrawn to the user as needed. This extension gives users full control over which private data their most frequently used apps access. Restrictions on accessibility features The restrictions that Android imposes on system permissions are intended to limit apps' access to potentially dangerous permissions. Android categorizes system permissions into a series of protection levels, but the best-known levels of protection are what Android calls normal and dangerous. Requests for a user's calendar, camera, contacts, location, microphone, SMS, or memory are placed in the group of dangerous permissions. When an app obtains access to a particular function that is in a dangerous entitlement category, the system automatically grants access to any other function within that group - initially. For example, if an app is authorized to read a user's contact information and then the user's contact information is requested, the system automatically grants the permission. However, by the year 2019, developers will need to publish and update apps to be compatible with any new Android dessert version (eg, Oreo). Therefore, each private data entry is made dependent on user authorization.
While this decision limits important safety risks, it may provide some insight into the limited functionality and interference. By building software on Android, developers can leverage data-grabber access to manipulate, optimize, and improve functionality to enhance usability. Developers can use these permissions, which were originally used to simplify a particular function or function for people with disabilities, to enhance the universal user experience. Functional details such as remembering passwords, capturing text, simplified copying and pasting, and even personalization of colors, graphics, and animations are subject to the limitations of the new Android security restrictions. Skepticism of certification bodies Another component of Android's security auditing is the feature that prevents the operating system from trusting users-assigned Certification Authorities (CAs) by default. The goal of how Android can handle CAs is secure app traffic. Starting with Android Nougat, this safe-by-default setting was implemented to promote consistency in the management of file-based application data.