Android Security Patch Date and Its Importance

What is Android Security Patch Date and Why It is Important


Most people are aware of terms like Android 4, 5, 6, 7, 8 and 9, or terms like Jelly bean, Lollipop, KitKat, Marshmallow, Nougat, Oreo and Pie. Most will also understand the Android operating system is newer and better for higher version of Android. However some people may not be aware that Google also provides security updates to the Android operating systems via security patches. The purpose of these updates is to fix vulnerabilities or flaws of the Android operating system.

Android Security Patch Date
Android Security Patch Date

It is possible to tell when was the last security update applied to your device (see our tool in Zero Permission App). And using the information provided Google Security Bulletin, you will know the technical details of possible vulnerabilities in your device. Your device may not be patched against the most recent security exploits if the security patch date is too long ago. If there are security patches provided (by device manufacturer or by your carrier), your device will almost certainly be configured to automatically download and apply the patches. There is nothing much you can do if there is no security patch provided by your device manufacturer or your telco carrier.

For older Android devices, or devices that are not patched recently, you need to be aware that the device may be vulnerable. By taking these measures, you can significantly reduce the opportunities of attack.
1. Enable the Pin lock, Pattern lock or fingerprint lock on the device
2. Disable developer option and disable ADB debug and disable installation of apps from "Unknown Sources"
3. Do not sideload application
4. Never open documents or application installers (APK files) that you are not expecting, even if it looks like it's from someone you know
5. Ensure your phone is regularly backed up, or sync your contacts/data/etc with one of the major companies such as Google, Samsung
6. Make sure Google Play Store is updated and Play Protect is turned on
7. Make sure all applications in your device are updated.
8. Regularly download the well known Anti-virus applications and perform a full scan
9. If your device is more than two years old, consider replacing the device.

If you are shopping for a new device, you may want to look for a manufacturer that provides timely security patches. You may want to take a look at Android One program. Launched in 2014, Android One is a series of devices that run the unmodified Android operating system. It defines hardware and software standards to provide a consistent user experience and improved security through frequent updates and Google Play Protect. Android One phones will receive the latest version of Android from Google’s hardware partners. However, Google’s partners may not be able to send out these updates in a timely manner. All partners are expected to provide software updates for at least eighteen months after the phone’s initial launch. This means that all phones will receive at least one major software update and several smaller security updates in their supported lifetime. We checked a Xiaomi A2 model phone in a shop in early October and the security patch date is September 2018, and that is impressive. (Note: we are not affiliated to Xiaomi in any direct or indirect ways)

After you get a new device, you may want to harden your device as per this previous post.


New App - Screen Lock

New App - Android Screen Lock

Use Case: Pressing the power button to power off the screen may cause damage to the button through wear and tear. To stop using the power button to off the screen, we develop this simple app to lock the screen once the app is touched. To power on the device, use the fingerprint sensor or double tap on the screen (supported in a few models).

A simple screen lock button for Android devices
A simple screen lock button for Android devices

Tips: Even if you did not enroll your fingerprint in the device, the screen will power on once your finger is placed on the fingerprint sensor.


Lock your device screen. One touch on the screen and the screen is locked. Use any of your existing methods to unlock (Pin, Patterns, Fingerprints). Free yourself from the device power button. This is another one of our Zero Permission Apps.

Tips: If your device is using MIUI platform, then look for the desktop widget to achieve the same function and you do not need this app. Most Xiaomi models provide this function out of the box.

This app uses the Force Lock function in Device Admin, and thus this app will require activation in the device admin menu setting. To uninstall this app, you have to deactivate the app in the device admin menu setting first. Then you can proceed to uninstall the app. 

Tips: Some application use this method to make it difficult for users to uninstall them.

Features:

➤ Free, No ADS and No root required
➤ Simple to use, no manual required
➤ Supports Phones, Tablets, Android TV Boxes
➤ Supports Android KitKat, Lollipop, Marshmallow, Nougat, Oreo
➤ Good resource management, No frills, minimum RAM & CPU
➤ App do not use any CPU or RAM when it is not activated via touch
➤ When activated, the app will lock the screen and then kill itself
➤ Safe and Privacy focused, no servers and DOES NOT connect to the Internet
➤ No Android Permission required, zero, none, period
➤ Check the permission required by other similar apps and you will agree that this is the BEST app for Quick Screen Lock in comparison

We develop this app because we need it and the app we are using previously is by loewe (com.lsc.lock) but it is not actively maintained. The app by loewe is fantastic but does not support some of our Samsung phones. This app serve our needs and may be useful to you.



Get it here on Google Play Store.

Have fun and God Bless.

Why Google Play Developer Program Policy Update is Good for Users

Why Google Play Developer Program Policy Update is Good for Users


On 9 Oct 2018, we received an email from Google informing of changes in the Developer Program Policies. The changes are summarized as shown:

  • Malicious Behavior include surveillance and commercial spyware apps.
  • Designed for Families program requirements and Primarily Child-Directed Declaration guidelines to help ensure accurate representation of an app's targeted age group.
  • User Data and Permissions policies, including adding specific restrictions on the use of the Call Log and SMS permission groups.
  • Developers have 90 days (that is 7 January 2019) from the date of this announcement to make your apps compliant with this updated Call Log and SMS permissions policy.
  • Enforcement section to explain the extent of our policy coverage, including the actions that we may take on apps that violate our policies.

Developers must now explicitly declare data collection and usage, and cannot hide behind other long lengthy disclosures. Access to call logs and sms logs will also be removed for non default apps.

All these new updates, may not be retroactively applied to existing apps. So be extra cautious when you download an app that is not updated for a very long time.


A big Thumbs up.

New Zealand to order tourists to hand over phone password at border

Please Unlock Your Device for Your Safety


Many people have denounced a new law in New Zealand under which will allow border officials to demand that tourists unlock any electronic devices. This include mobile phones and laptops so that they can be searched if officials suspect the tourist. Under this new Customs and Excise Act 2018, tourists who refuse could face prosecution and a fine of up to NZ$5,000 (£2,500). The devices may be retained or confiscated if the tourists refuse to cooperate.

New Zealand: Hand over phone password at border or face $3,200 fine