Android Ups the Mobile Security Ante with Default TLS Encryption

[jim bell]

https://threatpost.com/android-mobile-security-tls-encryption/150760/


More than 90 percent of Android apps running on the latest OS encrypt their traffic by default.

A full 80 percent of Android apps are encrypting their traffic by default, according to a Transport Layer Security (TLS) adoption update from Google.

That percentage is even greater for apps targeting Android 9 and higher, with 90 percent of those encrypting traffic by default, the tech giant said on Tuesday.

TLS is a cryptographic protocol standard ratified by the Internet Engineering Task Force that provides end-to-end communications security over networks by scrambling data in transit, preventing hackers from reading it, intercepting it or tampering with it. TLS can be enabled for any internet communication or online transaction, such as a connection between a mobile shopping website and a user’s mobile browser, or between a banking app and the bank’s backend servers. The security of those connections is then verified via secure TLS certificates.




As of October 2019, a third (33 percent) of Android devices run Android 9 (Pie), the latest version of the operating system. That makes it the most popular Android version. According to Google, apps targeting Android 9 or higher automatically have a policy set by default that prevents unencrypted traffic for every domain; and, since November 1, all apps on Google Play must target at least Android 9.

[end of long quote]




-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 3531 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20191204/46711349/attachment.txt>