Andriod 4.3 new security features

Android 4.3 was released today. Here’s a list of security related changes or new features and some comments, provided by our colleague, John Kozyrakis:

–          /system is now mounted as nosuid. Not sure how this makes things more secure since there are no setuid binaries in /system by default afaik

–          New system to revoke individual permissions from applications. Seems to gather a list of used permissions at runtime. That list could be useful in testing.

–          SELinux mandatory access control system

–          KeyChain is now hardware-backed (if appropriate hardware exists). It uses a hardware root of trust (Secure Element/TrustZone/TPM) to encrypt keys, so keychain data would be unusable outside the phone

–          There’s now a Keystore Provider API that creates and stores app-private keys for use by applications.

–          Multi-user is more polished

–          ‘restricted profiles’ can be created on tables – this is basically customised guest accounts with access to specific installed apps

–          Capability bounding using prctl(PR_CAPBSET_DROP) to drop sensitive capabilities from apps – should research which ones are dropped

–          Apps use prctl(PR_SET_NO_NEW_PRIVS) to block addition of new privileges after application start

–          More FORTIFY_SOURCE enhancements

–          A number of other undisclosed security fixes