July 4, 2025 • 15 mins
Fortify Your Phone: Android 16's Advanced Security Features
In this episode, we'll explore two of the most impactful security features in Android 16 that you need to know about: Advanced Protection and Identity Check, along with other significant API security improvements.
Key Features and Insights:
In this episode, we'll explore two of the most impactful security features in Android 16 that you need to know about: Advanced Protection and Identity Check, along with other significant API security improvements.
Key Features and Insights:
- Android 16's Focus on Security: Despite foundational work for future design and multitasking changes, Android 16's initial rollout emphasizes "significant security enhancements" designed to make a "meaningful difference" in data protection. Android 16 sets the stage for the platform's most dramatic reinvention in ages, and while some elements are part of a future update, this new software features a slew of significant security enhancements. The Android 16 Security Release Notes, published June 10, 2025, detail vulnerabilities addressed in this version. Devices with a security patch level of 2025-07-01 or later are protected against these issues. The Android security team actively monitors for abuse through Google Play Protect, which is enabled by default on devices with Google Mobile Services, and warns users about potentially harmful applications.
- Advanced Protection: This is a new, all-encompassing Android security "supermode" activated by a single switch within your system settings. On Google Pixel phones, it's an added section within the main Security & Privacy settings. Enabling Advanced Protection simplifies the process of activating a bundle of advisable Android security settings at once, rather than requiring you to find and enable them individually.
- Bundled Safeguards: Advanced Protection activates a suite of protections, including:
- Extra theft protection: Utilizes Theft Detection Lock and Offline Device Lock, which were introduced previously, to automatically lock your device if it detects it's fallen into the wrong hands.
- Enhanced app protection: Ensures Android's Google Play Protect on-demand scanning system is in place, restricts app installations to official Play Store (and any other preloaded app stores), and incorporates Memory Tagging Extension, making it less likely for an app to corrupt your device's memory.
- Smarter web protection: Provides live scanning for browser-based threats, forces the more secure HTTPS encrypted web standard, and adds additional protections around Javascript processing within Chrome.
- Advanced calling and messaging protection: Offers real-time scanning and warnings about likely scams and spam within Google Messages, detects and warns about unsafe links in incoming texts, and includes spam detection, scam detection, and call screening systems for incoming calls in the Google Phone app.
- Heightened network protection: Actively rejects any less secure 2G-level network connections that may come along over time. This feature can also be individually activated to disable 2G connections.
- Future Updates: Google's goal is to keep Advanced Protection updated with all the latest Android security features over time, so once activated, you don't have to manually enable new options as they arrive. Confirmed upcoming features expected "later this year" include:
- Inactivity Reboot: Automatically restarts your device if it remains locked for 72 consecutive hours, re-encrypting all data to require a full password or pattern unlock.
- Intrusion Logging: Securely stores encrypted logs of sensitive system actions in the cloud, connected solely to your Google account, for investigating suspicious activity.
- USB Protection: Sets your phone's USB port to allow only charging by default, preventing unauthorized data transfers via physical connection.
- Disable Auto-Reconnect to Insecure Networks: Your phone will not automatically reconnect to networks that are not secure, even if you manually connected to them once.
- Bundled Safeguards: Advanced Protection activates a suite of protections, including:
- Identity Check: This feature, gaining prominence with Android 16, requires biometric authentication (e.g., fingerprint, face unlock) to access critical security settings or sensitive information like saved passwords, especially when your device is outside of a designated "trusted location". While you can set trusted locations where biometrics aren't required, for maximum security, it's recommended not to add any. The feature should be enabled by default but can be found by searching for "identity check" in your Settings app.
- Overall API Security Weaknesses: Android 16 introduces several enhancements that directly improve mobile API security.
- Intent Redirection Protection: Android 16 features stronger security against Intent redirection attacks, which are a common vulnerability where malicious applications can intercept or manipulate Intents. Developers are encouraged to test their Intent handling and should only opt out of these prote
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:00):
Welcome back everyone to our exploration of mobile platform updates.
Great to be here today. We're really going to unpack
the security side of things for the new Android sixteen.
We've gathered quite a bit of material analyses from places
like computer World, the official Android docs, security notes, the works.
Our goal is to sort of pull out the key
(00:20):
bits about how Android sixteen is aiming to make your
devices safer, what these changes actually mean for you, and
maybe what steps you can take too. Because Android sixteen
is here now officially, and while there's talk of big
design changes, new multitasking stuff coming later, this initial release
seems well heavily focused on security, doesn't it protecting data
(00:41):
both personal and professional?
Speaker 2 (00:43):
It really does. And what's interesting, I think is how
Google is both streamlining things, making existing security easier to use,
and adding new layers. They're clearly responding to well the
threats we're all seeing evolve constantly. So this conversation should
help understand not just what's changed, but you know why
it actually mapped for your digital safety.
Speaker 1 (01:01):
Okay, let's get into it. Then. Android sixteen has landed,
but it feels different this time, like it's laying the
groundwork for a bigger shift, new look, multitasking. Maybe even
that phone is a computer idea. But the really flashy
stuff that seems like it's coming down the line, maybe
a quarterly update or Androids seventeen.
Speaker 2 (01:20):
Even that's exactly the picture yet. But the key thing
right now for everyone using these devices is that this
initial release is already packed with some pretty significant security upgrades.
The official Android sixteen security release notes that came out
June tenth, twenty twenty five, that get quite specific. They
talk about how devices getting the July first, twenty twenty
five patch level or later are protected against a whole
(01:41):
list of vulnerabilities, things like elevation of privilege that's serious
where someone could get higher access on your phone, and
information disclosure issues too. Some are even readed critical wow,
which yeah, it really raises the question, how is Google
making it simpler for people to actually turn these protections on?
Speaker 1 (01:57):
Right? Because having the feature is one thing, using it is.
And this is where it gets pretty interesting. I think
Android sixteen is introducing something called advanced Protection. Sources are
calling it a new security supermode. Sounds like it's meant
to be really simple, like a single switch in your settings,
probably under security and privacy on a pixel, for instance,
(02:19):
you just flip one toggle and bam, a whole bunch
of protections.
Speaker 2 (02:22):
Kick in exactly. And what's quite clever here is that
advanced protection isn't necessarily a load of brand new individual features.
It's more about simplification. It gathers a collection of let's say,
advisable Android security settings that already existed, okay, but they
were buried in different menus, different screens. You had to
know where to look. This really tackles a common problem, right.
(02:44):
Users hear about security settings, but finding and enabling every
single one is well a hassle.
Speaker 1 (02:49):
So it's less about invention, more about accessibility and making
sure people actually use the tools available.
Speaker 2 (02:54):
Precisely, it's making a baseline level of strong security much
easier to achieve.
Speaker 1 (02:59):
So exactly gets turned on when you flip that switch.
What are we talking about in terms of protection?
Speaker 2 (03:05):
Okay, so enabling advanced protection activates quite a few things.
Let's break it down. First, you get extra theft protection.
This uses features like theft detection lock and offline device lock. Basically,
your phone uses its sensors, accelerometer, gyroscope, maybe others to
figure out if it's been snatched or dropped and is
(03:25):
now potentially with someone.
Speaker 1 (03:27):
Else, like if someone grabs it and runs.
Speaker 2 (03:29):
Exactly or if it's offline when it shouldn't be. It
can then automatically lock itself down. Pretty neat.
Speaker 1 (03:34):
Okay, that sounds useful. What else?
Speaker 2 (03:36):
Then? There's enhanced app protection. This makes sure Google Play
protects on demand scanning as running, so you can manually
trigger scans. It also pushes you towards installing apps only
from official app stores, you know, reducing side loading risks.
And importantly, it includes something called memory Tagging Extension or
ate EMPTE.
Speaker 1 (03:54):
Sounds technical, it is.
Speaker 2 (03:56):
A bit, but the core idea is simple. It helps
prevent certain types of me memory related bugs in apps
from being exploited by attackers. Makes it harder for a
dodgy app to corrupt your phone's memory.
Speaker 1 (04:06):
Got it so safer apps? What about browsing?
Speaker 2 (04:10):
Yep, Smarter web protection. This involves live scanning for dangerous
websites or downloads as you browse. It also strongly encourages
or even forces the use of the secure HTTPS standard
for websites, and adds extra checks around how JavaScript runs
in Chrome, which can block some sneaky attack.
Speaker 1 (04:28):
Okay, Web safety covered. Calls and texts. Scams are everywhere.
Speaker 2 (04:31):
There, right, so you get advanced calling and messaging protection
in Google Messages this means real time scanning for scams
and spam. It'll look for unsafe links and text and
warn you. And in the Google Phone app you get
enhanced spam detections, scam warnings during calls, and call screening
features activated.
Speaker 1 (04:47):
That sounds very comprehensive. Anything else in the bundle.
Speaker 2 (04:51):
One more key area, heightened network protection. Your phone will
actively avoid connecting to older, less secure two G networks
if possible. Those two G networks are known to be
much easier to intercept or spoof.
Speaker 1 (05:02):
Wow. Okay, that is a lot paged into one switch.
My sources also mentioned Google plans to keep this evolving,
like new security features they develop will just get added
into this supermode if you've already turned it on, what's
coming next?
Speaker 2 (05:16):
That's the plan? Yeah, yeah, they want it to be
a living feature set. A few things are confirmed for
later this year. One is inactivity reboot. If your phone
stays locked and untouched for seventy two hours straight, it'll
automatically restart itself.
Speaker 1 (05:31):
Why what does restarting do.
Speaker 2 (05:33):
It forces the phone to re encrypt data that might
be held in memory, and it requires your full pian
pattern or password to unlock. Again, not just biometrics adds
another hurdle if someone has.
Speaker 1 (05:43):
Your locked phone clever, Okay, what else is coming?
Speaker 2 (05:46):
There's intrusion logging. This sounds a bit intense, but it
securely logs certain sensitive system actions. These logs are encrypted
and stored securely linked to your Google account. Could be
useful if you suspect someone's tampered with your device.
Speaker 1 (06:00):
Like a black box recorder for your phone security events.
Speaker 2 (06:03):
Kind of Yeah. Then there's USB protection. This will make
the default mode for your USB port charging only when
you connect to an unknown device like a public charger
or unfamiliar computer.
Speaker 1 (06:14):
Ah. To stop juice checking.
Speaker 2 (06:16):
Exactly prevents accidental data transfer or malware installation through the
USB port, You'd have to actively change the setting to
allow file transfers and finally disable auto reconnect to insecure networks.
Pretty self explanatory. Your phone won't automatically jump back onto
Wi Fi networks it knows aren't properly secured.
Speaker 1 (06:35):
Okay, those all sound like sensible additions. Now something that
might confuse people Google already has an advanced protection program
right for your Google account. How does this new device
level advanced protection relate to that? Are they the same thing?
Speaker 2 (06:49):
That's a really important clarification. No, they are distinct, though complementary.
The advanced protection we've been discussing is for your device,
It hardens the phone's OS and settings. Google's up other
advanced protection program, the one that often requires physical security keys,
that's for your Google account. That account program is much
more stringent, really aimed at high risk individuals, journalists, activist politicians,
(07:11):
et cetera. It severely limits third party app access and
mandates strong authentication.
Speaker 1 (07:17):
So different targets, different layers of protection exactly.
Speaker 2 (07:20):
The device protection is broader for everyday users wanting better
security with minimal fuss. The account protection is for those
needing the absolute highest level of account security. But using
both together that would offer you know, incredibly robust protection
across your device and your online Google identity.
Speaker 1 (07:38):
Got it? Okay, Moving on slightly. Another security feature getting
more spotlight with Android sixteen is identity check. My sources
say it actually arrived back in twenty twenty four, but
maybe wasn't widely noted. What's the deal with identity check
and why is it important now? Right?
Speaker 2 (07:52):
Identity check it's becoming more central, it seems. It essentially
requires you to reauthenticate using biometrics your fingerprint or face
for certain sensitive actions, things like changing critical security settings,
viewing saved passwords, that sort of thing. Even if your
phone is already.
Speaker 1 (08:09):
Unlocked, okay, so an extra layer after the.
Speaker 2 (08:11):
Main unlocked precisely, and the key context here is where
you are. This reauthentication prompt is especially likely to appear
when your device is outside of any trusted locations.
Speaker 1 (08:21):
You might have set up trusted locations like home or
work exactly.
Speaker 2 (08:26):
The idea is, if your phone is lost or stolen
while you're out and about, the thief might guess or
bypass your screen lock, right, but then they'll immediately hit
this identity check wall when they try to access your
password manager or change your account recovery settings. They can't
proceed without your fingerprint or face.
Speaker 1 (08:44):
So you can set trusted locations like your home where
this extra check might not happen.
Speaker 2 (08:49):
You can, yes, Android allows that for convenience, but honestly,
for maximum security, the recommendation is usually not to set
up trusted locations that way the biometric check is always
required for those sensitive actions no matter where you are makes.
Speaker 1 (09:03):
Sense better safe than sorry, and this should be on
by default. In Android sixteen.
Speaker 2 (09:08):
It should be yes, but it never hurts to double check.
You can usually just search for identity check in your
main settings app to find it and confirm its active.
Speaker 1 (09:15):
Good tip okay, let's sift gears a bit for our
listeners who are actually building apps iOS, Android, HarmonyOS Flutter
React native developers. Androids sixteen also brings changes that directly
touch on mobile API security. What are the key things
developers need to be aware of here? Right?
Speaker 2 (09:33):
This is crucial for the builders. Android sixteen definitely continues
the trend of tightening things up, pushing developers towards more
secure practices. A few key enhancements stand out. First. Stronger
intent redirection protection intents are you know how different parts
of an app or different apps talk to each other
on Android? Android sixteen makes it harder for malicious apps
(09:54):
to intercept or mess with these intents to trick users
or steal data. Developers really need to test their apps
tent handling carefully with Android sixteen, opting out of the
new protections as possible, but frankly discouraged and less absolutely unavoidable.
Speaker 1 (10:07):
So more secure inner app communication.
Speaker 2 (10:09):
What else a new local network permission. If your app
targets Android sixteen or later, it will now need to
explicitly ask the user for permission to access the local
network like the user's.
Speaker 1 (10:20):
WIFIH limiting snooping on the local network.
Speaker 2 (10:23):
Exactly better privacy, less chance of unauthorized discovery of other devices.
Then more granular permissions, especially for sensitive data like health
info from body sensors. Apps have to be more specific
about exactly what health data they need rather than asking
for broad access. Gives users more control.
Speaker 1 (10:40):
More user control is always.
Speaker 2 (10:41):
Good, agreed. Also tighter dynamic code loading restrictions. This makes
it harder for an app to download and run new,
potentially malicious code after it's been installed. It helps combat
malware that tries to sneak past initial App Store reviews
by downloading its harmful parts later.
Speaker 1 (10:57):
That sounds like a significant defense improvement it is.
Speaker 2 (11:00):
And one last slightly indirect point changes around predictiveback navigation.
This is mainly a user experience change making the back
gesture smoother, but the technical changes under the hood, like
deprecating the old on backpress method might subtly push developers
towards coding patterns that are less vulnerable to certain types
of navigation based attacks if they adopt the new methods correctly.
Speaker 1 (11:23):
Okay, lots for developers to digest there, So pulling back
a bit Android sixteen clearly offers a big security boost overall,
But as often as the case with Android, my sources
suggests the actual protection someone gets can really vary depends
on the device, maybe how the user behaves. Can you
elaborate on that?
Speaker 2 (11:40):
Absolutely, that's a critical point about the Android ecosystem's diversity.
The experience isn't uniform. So first you have GMS devices
to Google Mobile services think pixels, most Samsung phones devices
with the Play Store and Google apps. These benefit the
most directly. They get Google play Protect scanning apps even
side loaded ones. They tend to get security updates fast,
(12:02):
both from Google and the manufacturer. Features like secure lock
the theft protection we discussed are usually well implemented.
Speaker 1 (12:08):
Okay, the standard Android experience pretty much.
Speaker 2 (12:11):
Then you have aosp Devices Android Open Source project. These
are built from the core Android code, but without Google services.
They get the underlying OS security improvements from Android sixteen, Yes,
but their actual security level really hinges on the manufacturer
or the custom ROM developer. Are they applying patches quickly?
Are they configuring things securely? It can be much more variable.
(12:34):
Updates might be slow or non existent.
Speaker 1 (12:36):
Right, more dependent on who made the device a ROM definitely.
Speaker 2 (12:40):
Then there are non GMS Android devices, maybe device sold
in certain regions or specific custom builds. They lack play
protect They don't get direct Google security updates. Their security
is almost entirely down to the manufacturer's own efforts and
patching schedule, which can be well inconsistent. Often a higher
risk profile there.
Speaker 1 (12:57):
Okay, and what about side loading apps? Regardless of the
device type. People still do that.
Speaker 2 (13:02):
They do, and Android sixteen does try to make it safer.
Play protects scanning of apps from unknown sources is enhanced.
There are blocks on changing sensitive settings during calls to
stop scams, but sideloading installing apps from outside official stores
always carries more risk. Always, users can still ignore warnings,
They can still choose to install something untrusted. The OS
(13:23):
can only do so much if the user actively bypasses
the safeguards.
Speaker 1 (13:27):
So the platform is getting stronger, but user actions and
manufacturer support still matter.
Speaker 2 (13:32):
A lot, exactly. It boils down to this, Android sixteen
raises the security baseline significantly, which is great, but your
ultimate level of protection it's still a mix of the platform,
the manufacturers, diligence with updates, and your own behavior as
a user. It's a shared responsibility.
Speaker 1 (13:48):
Really. We've certainly covered a lot of ground today on
Android sixteen security, from that big advanced protection switch simplifying things,
to the extra biometric checks with Identity Check and those
important API changes for develop It's clear Google is putting
sustained effort into hardening the platform.
Speaker 2 (14:04):
They are, indeed and looking at the bigger picture. It
just reinforces that technology alone isn't the whole answer to security.
Is it user awareness, taking those proactive steps, being cautious.
It's all part of the equation.
Speaker 1 (14:16):
Absolutely. For you listening, our sources generally recommend doing a
full security checkup on your Android device at least once
a year. Just run through the settings, make sure things
look right. Considering everything we've talked about, what's the one
thing that stands out most to you from today's discussion.
Speaker 2 (14:31):
That's a good question for me. Maybe it's that simplification
aspect with advanced protection, making strong security easier feels like
a really impactful step for the average person. But as
a final thought to leave people with, given how quickly
mobile threats are evolving, especially with AI getting involved, how
might device security need to change next? Could we see
(14:52):
systems that are even more dynamic, Perhaps phones that automatically
adjust their security level based on detected risks or unusual activity,
going beyond even a supermode, something that learns and adapts
in real time.
Speaker 1 (15:04):
Hmmm, continuous adaptive security. That's definitely something to think about.
A fascinating place to leave it. This has been another
look into the evolving world of mobile platforms. Thanks for
joining us.
Welcome back everyone to our exploration of mobile platform updates.
Great to be here today. We're really going to unpack
the security side of things for the new Android sixteen.
We've gathered quite a bit of material analyses from places
like computer World, the official Android docs, security notes, the works.
Our goal is to sort of pull out the key
(00:20):
bits about how Android sixteen is aiming to make your
devices safer, what these changes actually mean for you, and
maybe what steps you can take too. Because Android sixteen
is here now officially, and while there's talk of big
design changes, new multitasking stuff coming later, this initial release
seems well heavily focused on security, doesn't it protecting data
(00:41):
both personal and professional?
Speaker 2 (00:43):
It really does. And what's interesting, I think is how
Google is both streamlining things, making existing security easier to use,
and adding new layers. They're clearly responding to well the
threats we're all seeing evolve constantly. So this conversation should
help understand not just what's changed, but you know why
it actually mapped for your digital safety.
Speaker 1 (01:01):
Okay, let's get into it. Then. Android sixteen has landed,
but it feels different this time, like it's laying the
groundwork for a bigger shift, new look, multitasking. Maybe even
that phone is a computer idea. But the really flashy
stuff that seems like it's coming down the line, maybe
a quarterly update or Androids seventeen.
Speaker 2 (01:20):
Even that's exactly the picture yet. But the key thing
right now for everyone using these devices is that this
initial release is already packed with some pretty significant security upgrades.
The official Android sixteen security release notes that came out
June tenth, twenty twenty five, that get quite specific. They
talk about how devices getting the July first, twenty twenty
five patch level or later are protected against a whole
(01:41):
list of vulnerabilities, things like elevation of privilege that's serious
where someone could get higher access on your phone, and
information disclosure issues too. Some are even readed critical wow,
which yeah, it really raises the question, how is Google
making it simpler for people to actually turn these protections on?
Speaker 1 (01:57):
Right? Because having the feature is one thing, using it is.
And this is where it gets pretty interesting. I think
Android sixteen is introducing something called advanced Protection. Sources are
calling it a new security supermode. Sounds like it's meant
to be really simple, like a single switch in your settings,
probably under security and privacy on a pixel, for instance,
(02:19):
you just flip one toggle and bam, a whole bunch
of protections.
Speaker 2 (02:22):
Kick in exactly. And what's quite clever here is that
advanced protection isn't necessarily a load of brand new individual features.
It's more about simplification. It gathers a collection of let's say,
advisable Android security settings that already existed, okay, but they
were buried in different menus, different screens. You had to
know where to look. This really tackles a common problem, right.
(02:44):
Users hear about security settings, but finding and enabling every
single one is well a hassle.
Speaker 1 (02:49):
So it's less about invention, more about accessibility and making
sure people actually use the tools available.
Speaker 2 (02:54):
Precisely, it's making a baseline level of strong security much
easier to achieve.
Speaker 1 (02:59):
So exactly gets turned on when you flip that switch.
What are we talking about in terms of protection?
Speaker 2 (03:05):
Okay, so enabling advanced protection activates quite a few things.
Let's break it down. First, you get extra theft protection.
This uses features like theft detection lock and offline device lock. Basically,
your phone uses its sensors, accelerometer, gyroscope, maybe others to
figure out if it's been snatched or dropped and is
(03:25):
now potentially with someone.
Speaker 1 (03:27):
Else, like if someone grabs it and runs.
Speaker 2 (03:29):
Exactly or if it's offline when it shouldn't be. It
can then automatically lock itself down. Pretty neat.
Speaker 1 (03:34):
Okay, that sounds useful. What else?
Speaker 2 (03:36):
Then? There's enhanced app protection. This makes sure Google Play
protects on demand scanning as running, so you can manually
trigger scans. It also pushes you towards installing apps only
from official app stores, you know, reducing side loading risks.
And importantly, it includes something called memory Tagging Extension or
ate EMPTE.
Speaker 1 (03:54):
Sounds technical, it is.
Speaker 2 (03:56):
A bit, but the core idea is simple. It helps
prevent certain types of me memory related bugs in apps
from being exploited by attackers. Makes it harder for a
dodgy app to corrupt your phone's memory.
Speaker 1 (04:06):
Got it so safer apps? What about browsing?
Speaker 2 (04:10):
Yep, Smarter web protection. This involves live scanning for dangerous
websites or downloads as you browse. It also strongly encourages
or even forces the use of the secure HTTPS standard
for websites, and adds extra checks around how JavaScript runs
in Chrome, which can block some sneaky attack.
Speaker 1 (04:28):
Okay, Web safety covered. Calls and texts. Scams are everywhere.
Speaker 2 (04:31):
There, right, so you get advanced calling and messaging protection
in Google Messages this means real time scanning for scams
and spam. It'll look for unsafe links and text and
warn you. And in the Google Phone app you get
enhanced spam detections, scam warnings during calls, and call screening
features activated.
Speaker 1 (04:47):
That sounds very comprehensive. Anything else in the bundle.
Speaker 2 (04:51):
One more key area, heightened network protection. Your phone will
actively avoid connecting to older, less secure two G networks
if possible. Those two G networks are known to be
much easier to intercept or spoof.
Speaker 1 (05:02):
Wow. Okay, that is a lot paged into one switch.
My sources also mentioned Google plans to keep this evolving,
like new security features they develop will just get added
into this supermode if you've already turned it on, what's
coming next?
Speaker 2 (05:16):
That's the plan? Yeah, yeah, they want it to be
a living feature set. A few things are confirmed for
later this year. One is inactivity reboot. If your phone
stays locked and untouched for seventy two hours straight, it'll
automatically restart itself.
Speaker 1 (05:31):
Why what does restarting do.
Speaker 2 (05:33):
It forces the phone to re encrypt data that might
be held in memory, and it requires your full pian
pattern or password to unlock. Again, not just biometrics adds
another hurdle if someone has.
Speaker 1 (05:43):
Your locked phone clever, Okay, what else is coming?
Speaker 2 (05:46):
There's intrusion logging. This sounds a bit intense, but it
securely logs certain sensitive system actions. These logs are encrypted
and stored securely linked to your Google account. Could be
useful if you suspect someone's tampered with your device.
Speaker 1 (06:00):
Like a black box recorder for your phone security events.
Speaker 2 (06:03):
Kind of Yeah. Then there's USB protection. This will make
the default mode for your USB port charging only when
you connect to an unknown device like a public charger
or unfamiliar computer.
Speaker 1 (06:14):
Ah. To stop juice checking.
Speaker 2 (06:16):
Exactly prevents accidental data transfer or malware installation through the
USB port, You'd have to actively change the setting to
allow file transfers and finally disable auto reconnect to insecure networks.
Pretty self explanatory. Your phone won't automatically jump back onto
Wi Fi networks it knows aren't properly secured.
Speaker 1 (06:35):
Okay, those all sound like sensible additions. Now something that
might confuse people Google already has an advanced protection program
right for your Google account. How does this new device
level advanced protection relate to that? Are they the same thing?
Speaker 2 (06:49):
That's a really important clarification. No, they are distinct, though complementary.
The advanced protection we've been discussing is for your device,
It hardens the phone's OS and settings. Google's up other
advanced protection program, the one that often requires physical security keys,
that's for your Google account. That account program is much
more stringent, really aimed at high risk individuals, journalists, activist politicians,
(07:11):
et cetera. It severely limits third party app access and
mandates strong authentication.
Speaker 1 (07:17):
So different targets, different layers of protection exactly.
Speaker 2 (07:20):
The device protection is broader for everyday users wanting better
security with minimal fuss. The account protection is for those
needing the absolute highest level of account security. But using
both together that would offer you know, incredibly robust protection
across your device and your online Google identity.
Speaker 1 (07:38):
Got it? Okay, Moving on slightly. Another security feature getting
more spotlight with Android sixteen is identity check. My sources
say it actually arrived back in twenty twenty four, but
maybe wasn't widely noted. What's the deal with identity check
and why is it important now? Right?
Speaker 2 (07:52):
Identity check it's becoming more central, it seems. It essentially
requires you to reauthenticate using biometrics your fingerprint or face
for certain sensitive actions, things like changing critical security settings,
viewing saved passwords, that sort of thing. Even if your
phone is already.
Speaker 1 (08:09):
Unlocked, okay, so an extra layer after the.
Speaker 2 (08:11):
Main unlocked precisely, and the key context here is where
you are. This reauthentication prompt is especially likely to appear
when your device is outside of any trusted locations.
Speaker 1 (08:21):
You might have set up trusted locations like home or
work exactly.
Speaker 2 (08:26):
The idea is, if your phone is lost or stolen
while you're out and about, the thief might guess or
bypass your screen lock, right, but then they'll immediately hit
this identity check wall when they try to access your
password manager or change your account recovery settings. They can't
proceed without your fingerprint or face.
Speaker 1 (08:44):
So you can set trusted locations like your home where
this extra check might not happen.
Speaker 2 (08:49):
You can, yes, Android allows that for convenience, but honestly,
for maximum security, the recommendation is usually not to set
up trusted locations that way the biometric check is always
required for those sensitive actions no matter where you are makes.
Speaker 1 (09:03):
Sense better safe than sorry, and this should be on
by default. In Android sixteen.
Speaker 2 (09:08):
It should be yes, but it never hurts to double check.
You can usually just search for identity check in your
main settings app to find it and confirm its active.
Speaker 1 (09:15):
Good tip okay, let's sift gears a bit for our
listeners who are actually building apps iOS, Android, HarmonyOS Flutter
React native developers. Androids sixteen also brings changes that directly
touch on mobile API security. What are the key things
developers need to be aware of here? Right?
Speaker 2 (09:33):
This is crucial for the builders. Android sixteen definitely continues
the trend of tightening things up, pushing developers towards more
secure practices. A few key enhancements stand out. First. Stronger
intent redirection protection intents are you know how different parts
of an app or different apps talk to each other
on Android? Android sixteen makes it harder for malicious apps
(09:54):
to intercept or mess with these intents to trick users
or steal data. Developers really need to test their apps
tent handling carefully with Android sixteen, opting out of the
new protections as possible, but frankly discouraged and less absolutely unavoidable.
Speaker 1 (10:07):
So more secure inner app communication.
Speaker 2 (10:09):
What else a new local network permission. If your app
targets Android sixteen or later, it will now need to
explicitly ask the user for permission to access the local
network like the user's.
Speaker 1 (10:20):
WIFIH limiting snooping on the local network.
Speaker 2 (10:23):
Exactly better privacy, less chance of unauthorized discovery of other devices.
Then more granular permissions, especially for sensitive data like health
info from body sensors. Apps have to be more specific
about exactly what health data they need rather than asking
for broad access. Gives users more control.
Speaker 1 (10:40):
More user control is always.
Speaker 2 (10:41):
Good, agreed. Also tighter dynamic code loading restrictions. This makes
it harder for an app to download and run new,
potentially malicious code after it's been installed. It helps combat
malware that tries to sneak past initial App Store reviews
by downloading its harmful parts later.
Speaker 1 (10:57):
That sounds like a significant defense improvement it is.
Speaker 2 (11:00):
And one last slightly indirect point changes around predictiveback navigation.
This is mainly a user experience change making the back
gesture smoother, but the technical changes under the hood, like
deprecating the old on backpress method might subtly push developers
towards coding patterns that are less vulnerable to certain types
of navigation based attacks if they adopt the new methods correctly.
Speaker 1 (11:23):
Okay, lots for developers to digest there, So pulling back
a bit Android sixteen clearly offers a big security boost overall,
But as often as the case with Android, my sources
suggests the actual protection someone gets can really vary depends
on the device, maybe how the user behaves. Can you
elaborate on that?
Speaker 2 (11:40):
Absolutely, that's a critical point about the Android ecosystem's diversity.
The experience isn't uniform. So first you have GMS devices
to Google Mobile services think pixels, most Samsung phones devices
with the Play Store and Google apps. These benefit the
most directly. They get Google play Protect scanning apps even
side loaded ones. They tend to get security updates fast,
(12:02):
both from Google and the manufacturer. Features like secure lock
the theft protection we discussed are usually well implemented.
Speaker 1 (12:08):
Okay, the standard Android experience pretty much.
Speaker 2 (12:11):
Then you have aosp Devices Android Open Source project. These
are built from the core Android code, but without Google services.
They get the underlying OS security improvements from Android sixteen, Yes,
but their actual security level really hinges on the manufacturer
or the custom ROM developer. Are they applying patches quickly?
Are they configuring things securely? It can be much more variable.
(12:34):
Updates might be slow or non existent.
Speaker 1 (12:36):
Right, more dependent on who made the device a ROM definitely.
Speaker 2 (12:40):
Then there are non GMS Android devices, maybe device sold
in certain regions or specific custom builds. They lack play
protect They don't get direct Google security updates. Their security
is almost entirely down to the manufacturer's own efforts and
patching schedule, which can be well inconsistent. Often a higher
risk profile there.
Speaker 1 (12:57):
Okay, and what about side loading apps? Regardless of the
device type. People still do that.
Speaker 2 (13:02):
They do, and Android sixteen does try to make it safer.
Play protects scanning of apps from unknown sources is enhanced.
There are blocks on changing sensitive settings during calls to
stop scams, but sideloading installing apps from outside official stores
always carries more risk. Always, users can still ignore warnings,
They can still choose to install something untrusted. The OS
(13:23):
can only do so much if the user actively bypasses
the safeguards.
Speaker 1 (13:27):
So the platform is getting stronger, but user actions and
manufacturer support still matter.
Speaker 2 (13:32):
A lot, exactly. It boils down to this, Android sixteen
raises the security baseline significantly, which is great, but your
ultimate level of protection it's still a mix of the platform,
the manufacturers, diligence with updates, and your own behavior as
a user. It's a shared responsibility.
Speaker 1 (13:48):
Really. We've certainly covered a lot of ground today on
Android sixteen security, from that big advanced protection switch simplifying things,
to the extra biometric checks with Identity Check and those
important API changes for develop It's clear Google is putting
sustained effort into hardening the platform.
Speaker 2 (14:04):
They are, indeed and looking at the bigger picture. It
just reinforces that technology alone isn't the whole answer to security.
Is it user awareness, taking those proactive steps, being cautious.
It's all part of the equation.
Speaker 1 (14:16):
Absolutely. For you listening, our sources generally recommend doing a
full security checkup on your Android device at least once
a year. Just run through the settings, make sure things
look right. Considering everything we've talked about, what's the one
thing that stands out most to you from today's discussion.
Speaker 2 (14:31):
That's a good question for me. Maybe it's that simplification
aspect with advanced protection, making strong security easier feels like
a really impactful step for the average person. But as
a final thought to leave people with, given how quickly
mobile threats are evolving, especially with AI getting involved, how
might device security need to change next? Could we see
(14:52):
systems that are even more dynamic, Perhaps phones that automatically
adjust their security level based on detected risks or unusual activity,
going beyond even a supermode, something that learns and adapts
in real time.
Speaker 1 (15:04):
Hmmm, continuous adaptive security. That's definitely something to think about.
A fascinating place to leave it. This has been another
look into the evolving world of mobile platforms. Thanks for
joining us.
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
The Joe Rogan Experience
The official podcast of comedian Joe Rogan.
24/7 News: The Latest
The latest news in 4 minutes updated every hour, every day.