Android is the most widely used mobile operating system in the world. It currently holds more than 65 percent of market shares globally with over a billion users. As evidenced by the Stagefright bug scare and the recent HummingBad infections, hackers are shifting their attention to mobile platforms and the security of these devices is as critical as ever.
Google understands this very well so they are shoring up the defenses of the Android operating system on its next iteration. Android 7.0 "Nougat," the next stable build, will have significant security enhancements to protect users against major exploits and attacks.
The improvements are based on Linux security models that protect the kernel from malicious code. Linux is the operating system from which Android is derived.
In a Google Security Blog posted on Wednesday, Jeff Vander Stoep of the Android Security team detailed two categories of high-level protections that will be enabled within Android. These are memory protections and attack surface reduction.
Included with memory protection is the segmentation of kernel memory space into logical spaces with specific permissions on each section. These sections will have code marked as no-execute, read-only and read-write so existing code can't be modified. This means malware can no longer execute in these critical kernel memory spaces.
They will also restrict kernel access to the userspace. By shielding the userspace from direct access by the kernel, attacks will be harder to execute since hackers have less control over kernel memory that is exploitable.