Copperhead OS wants to do much safer to Android

Most recent:
  • Dragon Ball Z: Kakarot presents to Bonyu of the Special Forces Ginyu
  • Wellness Digital Google launches the mode ‘Without distraction’: a new aid to concentrate
  • Zagg launches its Rugged Book for iPad mini 5 with keyboard detachable
    Trailer of 'The truth': the first film from Hirokazu Koreeda in English brings us another interesting family history


    Copperhead Os

    We all know Google, the company incalculable size winning a fortune each year in advertising, not counting the different products can get to market. However, the Mountain View company also invests a lot of money on different projects that will take us by the hand to the future.

    Even also invest money in the security of our favorite OS, Android . Still, for some reason, Android still has a lot of vulnerabilities that can endanger our phones and data that keep them (often personal and non-transferable)

    .

    What is Copperhead and what phones support?

    Nexus 9

    Copperhead is a team of two people who are working on making Android a lot safer in your spare time (ie, have their own work paid, this is more a ‘hobby’), and make it to the level that more security can give, in the Linux kernel that bring Android phones.

    This two-person team has created a variant of Android operating system, OS Copperhead , which only implements all the progress they have achieved in kernel security. These developments focus on cover vulnerabilities that presents the core operating system, at least mostly.

    implementing Grsecurity and PaX , which would improve SELinux policies, edurecería the compiler, among other things that come into an area too technical. Now if this seems very positive, ready for the bump, because today only supports terminals Nexus .

    Terminal Nexus Only because of the fragmentation

    Nexus Sailfish

    The team Copperhead, when choosing which phones work, he has had to travel to each of the manufacturers, looking its layers of customization, policy updates and, above all, the speed with which security patches are applied . We know that Motorola, although they apply security patches, does not every month .

    Given that there are few manufacturers that use pure Android and only one of them apply monthly patches promptly, the choice was clear, had to bet on the Nexus . And why do I say that is because of the fragmentation? No need to explain much, just looks at manufacturers and policy support.

    It should be noted that within the code base AOSP there are several patches of Copperhead accepted by the team Android security , but it is very possible that many of the other patches ever reach implemented due to compatibility issues and performance.

    Google and its dealings with manufacturers, a sensitive issue for safety

    Smartphones

    it is said that Google has agreed with the devil when he started dealing with the different manufacturers, it is that the give up some control to manufacturers and service providers on the end-user experience, manufacturers can differentiate their products and providers disable features they believed could jeopardize its business model .

    the only power of Google on manufacturers is the Android license and access to Google Play . The base AOSP code is licensed under Apache 2.0, while the kernel uses GPL 2, which would allow a manufacturer to deploy Android stock under another name without problems, although this would make lose access to Google Play .

    the problem comes if Google gets too hard to cut access to Google Play and other services of the company not comply with what they want to manufacturers, who would not harm the manufacturer but Google itself because for each phone that does not have YouTube, Google Mail and other services, is money on advertising that do not win the Mountain View .

    Grsecurity and Android, a difficult relationship

    Andy Catty

    Grsecurity and its subset PaX make the Android kernel is harder , making vulnerabilities that have are very difficult to be used, if not impossible. But the team Copperhead has encountered a difficult wall to overcome, architecture known as ARM64 (full compatibility between system and 64-bit processors).

    It has a time, both Nexus devices, as virtually any new device, use the 64-bit architecture, while almost all Grsecurity code is ported to the architecture ARM32 , leaving little for ARM64. However, have left a small piece of code that does not need a specific architecture to deploy .

    Porting Grsecurity to ARM64 is something the team does not consider important , especially because that fact would take them many months considering that only have time for this, and are unwilling to get into that quagmire without Google compensate them financially.

    Remember that Google is a company that generates brutal benefits, and that a team of two people, in their spare time (which could be devoted to learn how to install toilets or be with your family) are doing work an entire Android security team has not been able to do. Yes, yes any financial compensation they deserve , do not you think?

    Android Nougat and partly Grsecurity …

    Android Nougat

    Android Nougat will mean an advance security more important than in previous versions, and is incorporating Grsecurity, although only a small percentage, in fact, as a member of the Copperhead team, less than 1% . And, according declare, Google is not giving the importance that the kernel for security deserve.

    Recall (if someone does not know) that the kernel is the kernel ( Android in this case), and if the kernel is going to hell, the system is going to hell also . That is why, according Copperhead, the big G is taking baby steps in terms of security kernel while other aspects progresses infinitely faster.

    Nexus

    Yes, it is, the team sells Nexus terminals Copperhead OS installed and, as one of the team members are in talks with companies that are potential customers and resellers who would benefit these hardened terminals so that users could enjoy extra security.

    those Nexus users feel good flashing ROMs may, of course, download and install OS Copperhead themselves. Moreover, this small team accepts donations offers subscriptions in Patreon . If Copperhead get succeed where others have failed is something we’ll have to see over time

    Via. | Ars Technica
    Engadget Android | La vulnerability ‘Quadrooter’ affecting Qualcomm chips would be settled in September


    The news Copperhead OS wants to do much safer Android was originally published in ​​ Engadget Android by Santiago Luque .


    Xataka Android

    Copperhead OS wants to do much safer to Android

    Source: www.xatacandroid.com  
    August 10, 2016

    Next Random post