Update existing security FAQ and Developer Overview

</ol>

</div>

</div>

<p>This document describes how application developers can use the

security features provided by Android.  A more general <a

href="http://source.android.com/tech/security/index.html"> Android Security

Overview</a> is provided in the Android Open Source Project.</p>

<p>Android is a privilege-separated operating system, in which each

application runs with a distinct system identity (Linux user ID and group

e-mails), reading or writing another application's files, performing

network access, keeping the device awake, etc.</p>

<p>Because the kernel sandboxes applications from each other, applications

<p>Because Android sandboxes applications from each other, applications

must explicitly share resources and data. They do this by declaring the

<em>permissions</em> they need for additional capabilities not provided by

the basic sandbox. Applications statically declare the permissions they

dynamically (at run-time) because it complicates the user experience to the

detriment of security.</p>

<p>The kernel is solely responsible for sandboxing applications from each

other. In particular the Dalvik VM is not a security boundary, and any app

can run native code (see <a href="/sdk/ndk/index.html">the Android NDK</a>).

All types of applications — Java, native, and hybrid — are

sandboxed in the same way and have the same degree of security from each

<p>The application sandbox does not depend on the technology used to build

an application. In particular the Dalvik VM is not a security boundary, and

any app can run native code (see <a href="/sdk/ndk/index.html">the Android

NDK</a>). All types of applications &mdash; Java, native, and hybrid &mdash;

are sandboxed in the same way and have the same degree of security from each

other.</p>

<a name="signing"></a>

</pre>

<p>You can look at the permissions currently defined in the system with the

shell command <code>adb shell pm list permissions</code>.  In particular,

the '-s' option displays the permissions in a form roughly similar to how the

user will see them:</p>

Settings app and the shell command <code>adb shell pm list permissions</code>.

To use the Settings app, go to Settings > Applications.  Pick an app and

scroll down to see the permissions that the app uses. For developers, the adb '-s'

option displays the permissions in a form similar to how the user will see them:</p>

<pre>

$ adb shell pm list permissions -s

    <li><a href="#secure">Is Android Secure?</a></li>

    <li><a href="#issue">I think I found a security flaw. How do I report

    it?</a></li>

    <li><a href="#informed">How can I stay informed of Android security

    announcements?</a></li>

    <li><a href="#informed">How can I stay informed about Android security?</a></li>

    <li><a href="#use">How do I securely use my Android phone?</a></li>

    <li><a href="#malware">I think I found malicious software being distributed

    for Android. How can I help?</a></li>

of the most secure mobile platforms available while still fulfilling our goal

of opening the mobile device space to innovation and competition.</p>

<p>The Android Platform provides a rich <a

<p> A comprehensive overview  of the <a

href="http://source.android.com/tech/security/index.html">Android

security model and Android security processes</a> is provided in the Android

Open Source Project Website.</p>

<p>Application developers play an important part in the security of Android.

The Android Platform provides developers with a rich <a

href="http://code.google.com/android/devel/security.html">security model</a>

that allows developers to request the capabilities, or access, needed by their 

that to request the capabilities, or access, needed by their

application and to define new capabilities that other applications can request.

The Android user can choose to grant or deny an application's request for

certain capabilities on the handset.</p>

with a detailed summary of the issue and keeping the issue confidential while

users are at risk. In return, we will make sure to keep the researcher informed

of our progress in issuing a fix and will properly credit the reporter(s) when

we announce the patch. We will always move swiftly to mitigate or fix an 

externally-reported flaw and will publicly announce the fix once patches are 

available to users.</p>

we provide the patch. We will always move swiftly to mitigate or fix an

externally-reported flaw and provide updates to users. </p>

<a name="informed" id="informed"></a><h2>How can I stay informed of Android

security announcements?</h2>

<p>An important part of sustainably securing a platform, such as, Android is

keeping the user and security community informed of bugs and fixes. We will

publicly announce security bugs when the fixes are available via postings to

the <a

href="http://groups.google.com/group/android-security-announce">android-security-announce</a>

group on Google Groups. You can subscribe to this group as you would a mailing

list and view the archives here.</p>

<a name="informed" id="informed"></a><h2>How can I stay informed about Android security?</h2>

<p>For more general discussion of Android platform security, or how to use

<p>For general discussion of Android platform security, or how to use

security features in your Android application, please subscribe to <a

href="http://groups.google.com/group/android-security-discuss">android-security-discuss</a>.

</p>

<a name="use" id="use"></a><h2>How do I securely use my Android phone?</h2>

<p>As an open platform, Android allows users to load software from any

developer onto a device.  As with a home PC, the user must be

<p>Android was designed so that you can safely use your phone without making

any changes to the device or installing any special software.  Android applications

run in an Application Sandbox that limits access to sensitive information or data

with the users permission.</p>

<p>To fully benefit from the security protections in Android, it is important that

users only download and install software from known sources.</p>

<p>As an open platform, Android allows users to visit any website and load

software from any developer onto a device. As with a home PC, the user must be

aware of who is providing the software they are downloading and must decide

whether they want to grant the application the capabilities it requests.

This decision can be informed by the user's judgment of the software

developer's trustworthiness, and where the software came from.</p>

<p>Despite the security protections in Android, it is important

for users to only download and install software from developers they trust.

More details on how Android users can make smart security decisions will be

released when consumer devices become available.</p>

<a name="malware" id="malware"></a><h2>I think I found malicious software being

distributed for Android. How can I help?</h2>

<p>Like any other open platform, it will be possible for unethical developers

<p>Like any other platform, it will be possible for unethical developers

to create malicious software, known as <a

href="http://en.wikipedia.org/wiki/Malware">malware</a>, for Android. If you

think somebody is trying to spread malware, please let us know at <a

exhaustive definition.  Some examples of what the Android Security Team believes

to be malicious software is any application that:

<ul>

    <li>drains the device's battery very quickly;</li>

    <li>uses a bug or security vulnerability to gain permissions that have not

    been granted by the user</li>

    <li>shows the user unsolicited messages (especially messages urging the

    user to buy something);</li>

    <li>resists (or attempts to resist) the user's effort to uninstall it;</li>

</p>

<a name="fixes" id="fixes"></a><h2>How will Android-powered devices receive security

<a name="fixes" id="fixes"></a><h2>How do Android-powered devices receive security

fixes?</h2>

<p>The manufacturer of each device is responsible for distributing software

automatically with software downloaded "over the air", while some devices

require the user to upgrade them manually.</p>

<p>When Android-powered devices are publicly available, this FAQ will provide links how

Open Handset Alliance members release updates.</p>

<p>Google provides software updates for a number of Android devices, including

the <a href="http://www.google.com/nexus">Nexus</a>

series of devices, using an "over the air" (OTA) update. These updates may include

security fixes as well as new features.</p>

<a name="directfix" id="directfix"></a><h2>Can I get a fix directly from the

Android Platform Project?</h2>

<p>Android is a mobile platform that will be released as open source and

available for free use by anybody. This means that there will be many

Android-based products available to consumers, and most of them will be created

<p>Android is a mobile platform that is released as open source and

available for free use by anybody. This means that there are many

Android-based products available to consumers, and most of them are created

without the knowledge or participation of the Android Open Source Project. Like

the maintainers of other open source projects, we cannot build and release

patches for the entire ecosystem of products using Android. Instead, we will

work diligently to find and fix flaws as quickly as possible and to distribute

those fixes to the manufacturers of the products.</p>

<p>In addition, We will add security fixes to the open source distribution of

Android and publicly announce the changes on <a 

href="http://groups.google.com/group/android-security-announce">android-security-announce</a>.

</p>

those fixes to the manufacturers of the products through the open source project.</p>

<p>If you are making an Android-powered device and would like to know how you can

properly support your customers by keeping abreast of software updates, please