Google Adds Security Features To Ice Cream Sandwich

The new version of Google’s Android mobile operating system, code-named Ice Cream Sandwich (ICS), includes a new security feature designed to limit the damage that malicious code can cause, Google has said.

Android 4.0, officially announced last week, includes a feature called Address Space Layout Randomisation (ASLR), a technique that involves randomly rearranging the memory locations for various application components.

Blocking attacks

The technique, also integrated into software such as Windows, Mac OS X and iOS, makes it more difficult to execute attacks in which the hacker needs to be able to predict the memory location of a component.

ASLR is thought to be effective in preventing buffer overflow exploits, among others. In the mobile world it also makes the device more difficult to jailbreak. Apple introduced ASLR with iOS 4.3.

Other security features introduced in ICS include full device encryption, a new keychain application programming interface (API), and the ability to unlock a device using facial recognition technology.

Full encryption gives a user the option to lock down all his or her data with a password. The feature means users do not have to remotely wipe a device if it is lost or stolen, since without the password the device can only be accessible by resetting it.

The keychain API makes it easier for applications to manage authentication and secure sessions, Google said.

“A new keychain API and underlying encrypted storage let applications store and retrieve private keys and their corresponding certificate chains,” Google said in a statement. “Any application can use the keychain API to install and store user certificates and CAs securely.”

Unified experience

Google’s previous Android release, “Honeycomb”, was focused on tablets, while ICS brings tablet features to smartphones. It includes improved camera controls, support for near-field communication (NFC) and a redesigned interface.

“With Ice Cream Sandwich, our mission was to build a mobile OS that works on both phones and tablets, and to make the power of Android enticing and intuitive,” said Google’s Andy Rubin in a blog post.

The first ICS handset is Samsung’s Galaxy Nexus (or Nexus Prime), a successor to the Nexus S, the first device to run the “Gingerbread” version of Android. Nexus is the line of smartphones specifically designed to showcase new versions of Android.

Patent war

Meanwhile, Microsoft said it has signed up Compal, one of the world’s largest original design manufacturers (ODM), to its Android patent licensing operation.

The news will prove to be another bitter pill for Google to swallow, after it accused Redmond of extortion last month, following the news that Samsung had agreed to pay Microsoft undisclosed fees for every Android smartphone and tablet it ships.