Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 0 1 00:00:07,860 --> 00:00:15,560 Android is an open source Linux based software stack created for a wide array of devices and form factors. 1 2 00:00:15,570 --> 00:00:22,960 The following diagram shows the major components of the Android platform. The foundation of the Android 2 3 00:00:22,960 --> 00:00:31,030 platform is the Linux kernel for example the android runtime ART relies on the Linux kernel for 3 4 00:00:31,030 --> 00:00:36,060 underlying functionalities such as threading and low level memory management. 4 5 00:00:37,190 --> 00:00:44,990 The hardware abstraction layer AGL provides standard interfaces that expose device hardware capabilities 5 6 00:00:45,020 --> 00:00:53,060 to the higher level Java API framework. For devices running Android version 5.0 API level twenty one 6 7 00:00:53,300 --> 00:00:54,500 or higher. 7 8 00:00:54,530 --> 00:01:00,870 Each app runs on its own process and with its own instance of the Android runtime ART. 8 9 00:01:01,610 --> 00:01:09,950 Prior to Android version 5.0 API level twenty one Dalvik was the android runtime if your app runs well 9 10 00:01:10,010 --> 00:01:13,370 on ART then it should work on Dalvik as well. 10 11 00:01:13,460 --> 00:01:21,460 But the reverse may not be true. Many core Android system components and services such as ART and 11 12 00:01:21,460 --> 00:01:30,300 HAL are built from native code that require native libraries written in C and C++ if you are developing 12 13 00:01:30,300 --> 00:01:38,160 an app that requires C or C++ code you can use the Android NDK to access some of these native platform 13 14 00:01:38,160 --> 00:01:41,520 libraries directly from your native code. 14 15 00:01:41,580 --> 00:01:48,290 The entire feature set of the Android OS is available to you through APIs written in the Java language 15 16 00:01:50,370 --> 00:01:54,910 these APIs form the building blocks you need to create Android apps. 16 17 00:01:55,290 --> 00:02:02,670 Developers have full access to the same framework APIs that Android system apps use. Android comes 17 18 00:02:02,670 --> 00:02:09,690 with a set of core apps for email sms messaging calendars Internet browsing contacts and more 18 19 00:02:10,720 --> 00:02:16,020 Apps included with the platform have no special status among the apps the user chooses to install. 19 20 00:02:16,930 --> 00:02:20,940 So a third party app can become the user's default web browser, 20 21 00:02:20,960 --> 00:02:29,450 Sms messenger or even the default keyboard. Android package APK is the package file format used 21 22 00:02:29,450 --> 00:02:37,680 by the Android operating system for distribution and installation of mobile apps. An APK file is an 22 23 00:02:37,710 --> 00:02:44,340 archive that usually contains the following files and directories META INF is a directory containing 23 24 00:02:44,340 --> 00:02:51,750 the manifest file the app's certificate and the list of resources and an SHA1 digest of the 24 25 00:02:51,750 --> 00:03:00,480 corresponding lines in the manifest file resources is a file containing pre compiled resources 25 26 00:03:00,600 --> 00:03:07,530 such as binary XML classes dot decks contains the classes compiled in the dex file format which is 26 27 00:03:07,530 --> 00:03:15,980 understandable by the Dalvik virtual machine and by the Android runtime. RES is the directory containing 27 28 00:03:15,980 --> 00:03:25,450 resources not compiled into resources .ARSE. Android manifest .XML is an additional Android manifest 28 29 00:03:25,450 --> 00:03:33,390 file describing the name, version, access rights and reference library files for the application. 29 30 00:03:33,480 --> 00:03:40,500 You may also have a lib directory containing the platform dependent compiled code and an assets directory 30 31 00:03:40,530 --> 00:03:47,290 containing application assets. The Android platform takes advantage of the Linux user based protection 31 32 00:03:47,290 --> 00:03:50,800 to identify and isolate app resources. 32 33 00:03:50,860 --> 00:03:56,250 This isolates apps from each other and protects apps and the system from malicious apps. 33 34 00:03:56,440 --> 00:04:03,760 To do this android assigns a unique user ID, UID to each Android application and runs it in its 34 35 00:04:03,760 --> 00:04:04,810 own process. 35 36 00:04:07,270 --> 00:04:14,860 Android uses the UID to set up a kernel level application sandbox the kernel enforces security between 36 37 00:04:14,860 --> 00:04:21,490 apps and the system at the process level through standard Linux facilities such as user and group IDS 37 38 00:04:21,520 --> 00:04:27,850 that are assigned to apps by default apps can't interact with each other and have limited access to 38 39 00:04:27,850 --> 00:04:28,960 the OS. 39 40 00:04:29,200 --> 00:04:35,740 If app a tries to do something malicious such as read application B's data or dial the phone without 40 41 00:04:35,740 --> 00:04:42,360 permission is prevented from doing so because it doesn't have the appropriate default user privileges. 41 42 00:04:42,430 --> 00:04:46,910 The purpose of a permission is to protect the privacy of an Android user. 42 43 00:04:46,930 --> 00:04:54,010 Android apps must request permission to access sensitive user data such as contacts and SMS 43 44 00:04:54,010 --> 00:04:59,620 as well as certain system features such as camera and Internet. Depending on the feature, 44 45 00:04:59,620 --> 00:05:05,200 the system might grant the permission automatically or might prompt the user to approve the request. 45 46 00:05:06,760 --> 00:05:09,730 Between application sandboxing and permissions, 46 47 00:05:09,730 --> 00:05:15,370 the OS is ensuring that apps can only perform the sensitive operations that they are explicitly allowed to 47 48 00:05:15,370 --> 00:05:23,900 If you are interested in knowing more about the Android security model we recommend this white paper 48 49 00:05:23,960 --> 00:05:26,520 that was recently released by Google. 49 50 00:05:26,660 --> 00:05:33,580 The paper aims to both document the Android security model and discuss its implications. Google Play 50 51 00:05:33,580 --> 00:05:40,000 protect is Google's built in malware protection for Android it automatically scans your device and make 51 52 00:05:40,000 --> 00:05:47,100 sure you have the latest in mobile security. All Android apps undergo rigorous security testing before 52 53 00:05:47,100 --> 00:05:54,570 appearing in the Google Play Store. Google vets every app and developer in Google Play and suspends those 53 54 00:05:54,570 --> 00:05:56,070 who violate their policies. 54 55 00:05:57,240 --> 00:06:04,090 Play protect scans billions of apps daily to make sure everything is secure. That way when you download 55 56 00:06:04,090 --> 00:06:06,190 an app from the official Play Store. 56 57 00:06:06,190 --> 00:06:09,880 You know it's been checked by Google Play Protect. 57 58 00:06:09,900 --> 00:06:16,800 That being said as we have seen in the past malware is still able to make its way onto the play store. 58 59 00:06:16,800 --> 00:06:23,310 However when opting to download from the official store or an unregulated third party store we always 59 60 00:06:23,310 --> 00:06:25,740 recommend to stick to the official store. 60 61 00:06:27,420 --> 00:06:33,770 That being said one can also install non play store apps by enabling a simple feature. 61 62 00:06:33,810 --> 00:06:40,790 This practice is called side loading when you allow any application to be side loaded on your phone. 62 63 00:06:40,790 --> 00:06:46,970 You're bypassing the security protocols that are enabled in the Play Store i.e. what Google does behind 63 64 00:06:46,970 --> 00:06:51,740 the scenes to make sure all the apps you install from the official channels are safe. 64 65 00:06:51,740 --> 00:06:56,740 However there are reasons legitimate or not that caused people to side load. 65 66 00:06:56,750 --> 00:07:04,250 For example when apps are blocked for your specific device when apps are not available in your country 66 67 00:07:05,090 --> 00:07:12,200 when apps are banned from the official store, in order to download a paid app for free which may be illegal 67 68 00:07:13,040 --> 00:07:20,750 in order to obtain an ad free version of an app which may also be illegal, for app development testing 68 69 00:07:21,350 --> 00:07:25,430 and when developing a custom private app. 69 70 00:07:25,540 --> 00:07:30,790 Finally we would like to discuss an issue that seems to plague the Android OS and that is the issue 70 71 00:07:30,790 --> 00:07:34,850 of fragmentation. When creating an Android app. 71 72 00:07:34,860 --> 00:07:39,450 you'll be asked for the minimum OS version that your app should support. 72 73 00:07:39,450 --> 00:07:45,390 Choosing a newer minimum version will usually mean that your app will be supported by fewer Android 73 74 00:07:45,390 --> 00:07:46,930 devices. 74 75 00:07:46,980 --> 00:07:53,130 The dashboard shows the percentage of Android devices that are running each OS version and lower. 75 76 00:07:53,130 --> 00:07:59,160 For example here we see that at the time of this report Android 10 was the latest available release 76 77 00:07:59,160 --> 00:08:05,640 version. However Android 10 had only eight point two percent of the distribution. 77 78 00:08:06,680 --> 00:08:11,990 The bigger the jump in the cumulative distribution the higher the number of Android devices running 78 79 00:08:11,990 --> 00:08:15,120 that specific version. 79 80 00:08:15,210 --> 00:08:21,960 For example the difference between Nougat and Marshmallow is eighty four point nine minus seventy three 80 81 00:08:21,960 --> 00:08:26,380 point seven which equals eleven point two percent. 81 82 00:08:26,390 --> 00:08:32,620 This means that at this point there were eleven point two percent of Android devices still running Android Nougat. 82 83 00:08:32,610 --> 00:08:39,840 Some of these percentages seem small but when you consider the billions of Android devices that 83 84 00:08:39,840 --> 00:08:47,950 are out there in the world 1 percent of all Android devices is very significant. Imagine you have a vulnerability 84 85 00:08:48,010 --> 00:08:52,870 against one specific version that only has 1 percent distribution. 85 86 00:08:52,900 --> 00:08:58,690 You cannot simply omit this as an issue since this vulnerability might still be impacting millions of 86 87 00:08:58,690 --> 00:08:59,430 devices. 87 88 00:09:01,170 --> 00:09:07,950 You may find many of these old versions are not necessarily on smartphones but rather may be on televisions 88 89 00:09:07,980 --> 00:09:10,290 or cars for example. 89 90 00:09:10,290 --> 00:09:14,660 That being said many of these devices are still connected to the Internet. 90 91 00:09:14,970 --> 00:09:21,120 So this is something that's significant and something we have to consider especially in Android security. 91 92 00:09:21,210 --> 00:09:27,810 You may even come across cases where for example a malware author designed malware exploiting a vulnerability 92 93 00:09:27,840 --> 00:09:33,510 for older Android versions and actually checking the version number of the device before triggering 93 94 00:09:33,510 --> 00:09:35,040 the attack. 94 95 00:09:35,050 --> 00:09:40,510 For example the code would say is Android version older than Android 5. 95 96 00:09:40,510 --> 00:09:45,130 If so then launch an attack using some old vulnerability that they found. 11987