Naked Security Naked Security

Will the next version of Android get location privacy right?

Google has confirmed that improved control over location tracking is one of several new privacy features in the next version of its mobile OS, Android Q.

Better late than never, Google has confirmed that improved control over location tracking is one of several new privacy features in the next version of its mobile OS, Android Q, due to appear later this year.

It’s an issue that’s been giving Google some grief in the last year as a series of investigations have revealed the way that Android apps – and even perhaps Google itself – furtively track users’ locations.

Currently, location access can be granted or denied on an app-by-app basis. However, there is nothing to stop an app that has been granted that permission continuing to track users’ locations even when it is not in use.

It’s become so controversial that Facebook even announced that it was unilaterally adding location-tracking control to its Android app to head off public concern about its data-gathering behaviour.

From Android Q onwards, apps will no longer be able to do this by default and will need to request background location access. Writes Google VP of Engineering, Dave Burke:

Android Q enables users to give apps permission to see their location never, only when the app is in use (running), or all the time (when in the background).

Will this put the location-tracking controversy to bed? Apart from the fact that many Android devices will not be upgraded to Q (only recent devices are guaranteed to get the latest version), Google’s playing catchup here: Apple’s iPhone has had the same feature since iOS 11 in 2017.

But this important change shouldn’t overshadow a range of other privacy and security features being added to the mix with Q.

Device identifiers

Most Android users have probably never heard of Android’s Advertising ID (AAID), an identifier Google launched in 2013 so advertisers could legitimately track users whilst giving the latter the option to reset (i.e. wipe) the ID as often as they pleased.

Unfortunately, a recent analysis found that some advertisers have been bypassing this system by tracking identifiers that can’t be changed such as Android device ID and IMEI number. Android Q wants to restrict this behaviour:

We’re limiting access to non-resettable device identifiers, including device IMEI, serial number, and similar identifiers.

It will also randomise a device’s hardware MAC address when connecting to different Wi-Fi networks – an Android 9 setting that will become the default.

App-scoped storage

Each app will get its own isolated sandboxed storage when using external media such as SD cards, which no other app will be able to access.

Because files are private to your app, you no longer need any permissions to access and save your own files within external storage. This change makes it easier to maintain the privacy of users’ files and helps reduce the number of permissions that your app needs.

TLS 1.3

Of all the minor tweaks, the addition of support for TLS 1.3 is significant. This is the latest incarnation of the protocol used to set up HTTPS between a browser and websites which adds speed and more privacy in the negotiation phase.

A final unfamiliar aspect of Android Q is that users with Google Pixel smartphones can get hold of beta version 1 this week as an over-the-air downloadable system image (no need to root a device or wait for later builds).

We don’t recommend this for anyone other than developers (stability might be an issue) but it’s interesting that Google is allowing the world to see new Android versions this early.

Leave a Reply

Your email address will not be published. Required fields are marked *