aboutsummaryrefslogtreecommitdiff
path: root/src/devices/tech
diff options
context:
space:
mode:
Diffstat (limited to 'src/devices/tech')
-rw-r--r--src/devices/tech/security/enhancements44.jd48
1 files changed, 48 insertions, 0 deletions
diff --git a/src/devices/tech/security/enhancements44.jd b/src/devices/tech/security/enhancements44.jd
new file mode 100644
index 00000000..ec0aee8b
--- /dev/null
+++ b/src/devices/tech/security/enhancements44.jd
@@ -0,0 +1,48 @@
+page.title=Security Enhancements in Android 4.4
+@jd:body
+
+<p>
+Every Android release includes dozens of security enhancements to protect
+users. The following are some of the security enhancements available
+in Android 4.4:
+</p>
+
+<ul>
+ <li><strong>Android sandbox reinforced with SELinux.</strong>
+ Android now uses SELinux in enforcing mode. SELinux is a mandatory
+ access control (MAC) system in the Linux kernel used to augment the
+ existing discretionary access control (DAC) based security model.
+ This provides additional protection against potential security
+ vulnerabilities.</li>
+
+ <li><strong>Per User VPN.</strong>
+ On multi-user devices, VPNs are now applied per user.
+ This can allow a user to route all network traffic through a VPN
+ without affecting other users on the device.</li>
+
+ <li><strong>ECDSA Provider support in AndroidKeyStore.</strong>
+ Android now has a keystore provider that allows use of ECDSA and
+ DSA algorithms.</li>
+
+ <li><strong>Device Monitoring Warnings.</strong>
+ Android provides users with a warning if any certificate has been
+ added to the device certificate store that could allow monitoring of
+ encrypted network traffic.</li>
+
+ <li><strong>FORTIFY_SOURCE.</strong>
+ Android now supports FORTIFY_SOURCE level 2, and all code is compiled
+ with these protections. FORTIFY_SOURCE has been enhanced to work with
+ clang.</li>
+
+ <li><strong>Certificate Pinning.</strong>
+ Android 4.4 detects and prevents the use of fraudulent Google
+ certificates used in secure SSL/TLS communications.</li>
+
+ <li><strong>Security Fixes.</strong>
+ Android 4.4 also includes fixes for Android-specific vulnerabilities.
+ Information about these vulnerabilities has been provided to Open
+ Handset Alliance members and fixes are available in Android Open Source
+ Project. To improve security, some devices with earlier versions of
+ Android may also include these fixes.</li>
+
+</ul>