Google has already made Android 15 Beta 1.1 available to download. The stable version of this latest iteration is expected to bring a new Enhanced Confirmation Mode that makes it harder for malicious applications to exploit an OS loophole.
Android users typically download applications from Google Play, but some users obtain their applications from alternative online sources known as sideloading. Android permits installing applications except in the official Google Play Store, making it quite open as compared to iOS. Unfortunately, this is one of the main reasons people mistakenly think Android is less secure than iOS.
Unverified application sources may port malicious applications that bypass Google Play’s security checks. Malicious applications, nevertheless, pursue access to accessibility and notification listener APIs. Android provides quitea bit of flexibility, so it’s necessary to be cautious about sideloading applications.
Google Play has some measures to make sure these APIs are used for their intended purposes; Android itself depends mostly on the application’s own declaration to decide how much access to grant. To improve security, Android 13 makes it stronger to authorize these risky permissions for sideloaded applications, and now these permissions are known as’restricted settings.’
Finally, Google is working on closing this obvious loophole in Android’s Restricted Settings feature. With Android 15, the giant is gearing up to introduce a new “Enhanced Confirmation Mode” feature to add an extra layer of security. Although this feature is yet to be enabled in the latest Android 15 Beta 1.1 update,.
Initially, the wording in the Enhanced Confirmation Mode dialog closely matches the existing Restricted Settings dialog. One essential difference between Android 15’s new Enhanced Confirmation Mode and Android 13’s Restricted Settings feature is the way they are enforced. In place of differentiating based on what installation APIs were used, this new feature in Android 15 will check an allowlist that is preloaded in the factory image.
This allowlist, an XML file in the /system/etc/sysconfig path of Android 15, determines which packages and installers are exempt from any restrictions. Any packages that are specifically listed in the XML file are considered “trusted packages” and are protected from ECM restrictions.
An application installed by a “trusted installer” is protected from ECM restrictions if it’s marked as coming from a “trustworthy” package source. It’s also worth mentioning that presently, zero packages and installers are allowlisted by the system as of Android 15 Beta 1.1, but if ECM were authorized, this would mean that all applications would be protected from ECM limitations, except those marked as coming from an untrustworthy source.
Source – Android Authority
