Google's Advanced Protection for Vulnerable Users Comes to Android
1 min read
Summary
On Tuesday, Google announced an Advanced Protection mode for Android phones, which imposes strong security settings on all apps and services in order to silo data, reducing interactions with unsecured web services and untrusted individuals.
The mode will utilise Google’s on-device AI scanning capabilities to provide monitoring and alerts without eliminating features, meaning some restrictions cannot be turned off, such as blocking phones from connecting to historic 2G data networks and disabling Chrome’s Javascript optimizer.
One of the key features is Intrusion Logging, which uses end-to-end encryption to store logs on the cloud, making them indelible and unable to be accessed by Google or any other party, or deleted or modified, even if the device or Google account is compromised.
Android’s Memory Tagging Extension (MTE) is also on by default and cannot be turned off in Advanced Protection, which prevents an attacker exploiting a memory vulnerability, such as a buffer overflow, as it will cause the process to fail, stopping the attack.
