"Kaspersky Lab": what's new in the protection of Android KitKat

"Kaspersky Lab" analyzed the improvement in security in the new version of the operating system Android - 4.4 KitKat. Major changes in the system of protection of the updated platform touched digital certificates and enhance the OS, experts say. Now Android will warn the user if the device is placed on the Certificate Authority (CA). This makes it easier to keep track of attacks such as Man-in-the-Middle in local networks. Simultaneously, the system of Google Certificate Pinning complicates the task of intercepting network traffic sent and received services of Google, and ensures that only trusted SSL-certificates from the white list could be used when connecting to certain domains Google. Additionally, the new version of the platform is reinforced additional barrier for rutinga mobile devices, which is carried out by means of elevating privileges or buffer overflows. The access control system is now running SELinux in enforcing mode, but not like before - in recommended. This impedes attacks, for example, using the exploit task which provide root-privileges. Also in Android 4.4 has built-in FORTIFY_SOURCE level 2, which complicates the use of buffer overflow exploits. Now, as malware, and users themselves Android KitKat will be much more difficult to obtain root privileges on the device. However experts "Kaspersky Lab" came to the conclusion that from the point of view of cyber threats, these improvements did not significantly change the situation. The most popular source of infection Android is still the same - not legitimate applications that are downloaded from third-party resources and new tools to protect against this do not save. In the end, the most important innovation in the KitKat be called reduction of resource consumption. The new Android 4.4 is able to run on devices with just 512 MB ​​of RAM.