Android P to Restrict Apps From Monitoring Network Activity

The upcoming version of the Android OS — codenamed only Android P for the moment — will block applications from accessing and monitoring the operating system's network activity.

AndroidP-logo

Android project developers took this decision to improve the operating system's privacy and prevent user-installed apps from sniffing on the user's network activity outside the app.

/proc/net access abused by apps

Currently, apps can access networking data by requiring a simple permission, but the text of that permission is vaguely worded, and most users don't fully understand the breadth of the access an app is receiving.

For example, a user-installed app that obtains the permission to access the user's network data can tap into the Android OS "/proc/net" process and detect any time the user is initiating a network connection and to what server.

The app can't access the data in that network connection, but often enough, knowing where the user is connecting is enough for apps that collect user data to sell it to advertisers.

Android devs are plugging the leak

But over the weekend, Android developers have submitted a commit to the Android OS source code that "plugs the /proc/net leak" and restricts access to this core OS process, according to XDA Developers, a forum dedicated for Android developers.

Moving forward, Android engineers said that only VPN apps will be allowed access to this process and that any other app that needs it must undergo a code audit.

 

This update is just the latest security-focused change made to the upcoming Android P operating system. Below are others:

⮞ Android P will block cleartext (HTTP) traffic from apps. HTTPS is the new norm.

⮞ Android P will use the same UI when requesting fingerprint authentification across apps and devices.

⮞ Android P will block background apps from accessing the phone's camera and microphone.

⮞ Android P will encrypt backups on the device with a local secret key before sending the backup for storage on Google's servers.

⮞ Experimental support for MAC address randomization.

⮞ Support for DNS over TLS.