Android is a Linux-based operating system, running on a Linux kernel that is essentially the same as that used by desktop Linux PCs. The kernel can be likened to the heart of the operating system, the core code that keeps the device running. As such, it’s a key target for hackers. Malicious code injected into the kernel effectively becomes part of the OS.
With Android Nougat, set to launch this summer, Google will toughen the protections around the kernel with new mechanisms. This will make it harder for hackers to gain access, giving users better protection against dangerous kernel-level exploits. Two different categories of protection will be implemented, memory protections and attack surface reductions.
The kernel provides memory protection for processes started by the user, effectively isolating running apps and background tasks from each other. The kernel’s own processes run within one shared pool of memory though.
A vulnerability anywhere in the kernel could potentially affect other areas of memory, causing instabilities across the system. To avoid this, Google is introducing kernel memory protections to maintain the integrity of the kernel.
It will segment the kernel’s memory into different sections and use restrictive permissions to prevent flaws in one area causing issues in another. Code sections will only be able to read data and execute programs. Data storage regions will not be allowed to run code and will be split into read-only and read-write sections.
Additionally, Google will prevent the kernel accessing memory being used by running applications. Currently, attackers can infiltrate the kernel and then obtain access to the working memories of user processes, letting them steal data such as account details and network transfers.
From Android N, this will not be possible as the kernel won’t have direct access to memory being used by apps started by the user. This will make attacks more difficult because hackers will have “significantly less control” over the contents of system memory.
The second part of Google’s work involves limiting the number of possible entry points into the kernel, preventing hackers from injecting malware. This is known as attack surface reduction, restricting access to the kernel to prevent malicious code being inserted. A balance must be found between isolating the kernel and maintaining all legitimate functionality.
The first step Google’s taking is to block access to Android’s “perf” tool. This is used by developers to analyse the performance of the system but is left unused by the vast majority of platform users.
Because it allows developers to analyse kernel memory, it is a potential entry point. From Android N, perf will be disabled by default. Developers will be able to turn it back on if they require it. For most users, this move will result in increased security.
The improvements will help to make Android a safer ecosystem. It is currently known as the most vulnerable mobile platform, regularly attacked by malware and hackers due to its open nature.
Google is working to bolster security in Android N, using several techniques beyond kernel protections. Recently, it detailed how Nougat phones will refuse to boot if corrupt software is detected, preventing users from loading a malware-infested operating system. Google said it expects security to continue improving and welcomes suggestions on how it can keep protecting Android.
