diff --git a/docs/android/overview.en.md b/docs/android/overview.en.md index 7f5873a2..642d0f29 100644 --- a/docs/android/overview.en.md +++ b/docs/android/overview.en.md @@ -2,9 +2,19 @@ title: Android Overview icon: material/cellphone-check --- -Android is a secure operating system that has strong [app sandboxing](https://source.android.com/security/app-sandbox), [Verified Boot](https://source.android.com/security/verifiedboot), and a robust [permission](https://developer.android.com/guide/topics/permissions/overview) control system. +Android is a secure operating system that has strong [app sandboxing](https://source.android.com/security/app-sandbox), [Verified Boot](https://source.android.com/security/verifiedboot) (AVB), and a robust [permission](https://developer.android.com/guide/topics/permissions/overview) control system. -The main privacy concern with most Android devices is that they usually include [Google Play Services](https://developers.google.com/android/guides/overview). This component is proprietary (closed source), has a privileged role on your phone, and may collect private user information. It is neither a part of the [AOSP](https://source.android.com/) nor is it included with the below derivatives. +The main privacy concern with most Android devices is that they usually include [Google Play Services](https://developers.google.com/android/guides/overview). This component is proprietary (closed source), has a privileged role on your phone, and may collect private user information. It is neither a part of the [Android Open Source Project](https://source.android.com/) nor is it included with the below derivatives. + +## Choosing an Android Distribution + +When you buy an Android phone, the device's default operating system often comes with invasive integration with apps and services which are not part of the [Android Open Source Project](https://source.android.com/). An example of such is Google Play Services, which has unrevokable privileges to access your files, contacts storage, call logs, SMS messages, location, camera, microphone, hardware identifiers, and so on. These apps and services increase the attack surface of your device and are the source of various privacy concerns with Android. + +This problem could be solved by using a custom Android distribution that does not come with such invasive integration. Unfortunately, many custom Android distributions often break the Android security model by not supporting critical security features such as AVB, rollback protection, firmware updates, and so on. Some distributions also ship with [`userdebug`](https://source.android.com/setup/build/building#choose-a-target) builds which expose root via the [Android Debug Bridge](https://developer.android.com/studio/command-line/adb) (ADB) and requires [more permissive](https://github.com/LineageOS/android_system_sepolicy/search?q=userdebug&type=code) SELinux policies to accomodate debugging features, resulting in a further increased attack surface and weakened security model. + +Ideally, when choosing a custom Android distribution, you should make sure that it upholds the Android security model. At the very least, the distribution should have production builds, support for AVB, rollback protection, timely firmware and operating system updates, and SELinux in enforcing mode. All of our recommended Android distributions satisfy these criteria. + +[Our Android System Recommendations :material-arrow-right:](../android.md){ .md-button } ## Avoid Root @@ -33,3 +43,5 @@ It's important to not use an [end-of-life](https://endoflife.date/android) versi [Permissions on Android](https://developer.android.com/guide/topics/permissions/overview) grant users control over what apps are allowed to access. Google regularly makes [improvements](https://developer.android.com/about/versions/11/privacy/permissions) on the permission system in each successive version. All user installed apps are strictly [sandboxed](https://source.android.com/security/app-sandbox), therefore there is no need to install any antivirus apps. The savings you make from not purchasing or subscribing to security apps is better spent on paying for a supported device in the future. Should you want to run an app that you're unsure about, consider using a user or work [profile](android/#android-security-privacy). + +--8<-- "includes/abbreviations.en.md" diff --git a/docs/android/security.en.md b/docs/android/security.en.md index 5cc385dd..f8386700 100644 --- a/docs/android/security.en.md +++ b/docs/android/security.en.md @@ -1,5 +1,5 @@ --- -title: "Android Security and Privacy Features" +title: "Security and Privacy Features" icon: 'material/cellphone-lock' --- diff --git a/includes/abbreviations.en.md b/includes/abbreviations.en.md index 14a6fe20..1afda0d6 100644 --- a/includes/abbreviations.en.md +++ b/includes/abbreviations.en.md @@ -33,6 +33,7 @@ *[P2P]: Peer-to-Peer *[QNAME]: Qualified Name *[SaaS]: Software as a Service (cloud software) +*[SELinux]: Security-Enhanced Linux *[SMS]: Short Message Service (standard text messaging) *[SMTP]: Simple Mail Transfer Protocol *[SNI]: Server Name Indication diff --git a/mkdocs.yml b/mkdocs.yml index bfac3542..f98eafb3 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -115,7 +115,7 @@ nav: - 'threat-modeling.md' - 'technology/dns.md' - 'security/multi-factor-authentication.md' - - 'Mobile Devices': + - 'Android': - 'android/overview.md' - 'android/security.md' - 'android/grapheneos-vs-calyxos.md'