Android 4 security improvements
16 Dec 2011
Just got my Galaxy Nexus phone with a clean Android 4 install.
Here are some quick initial reactions:
There seem to be two new security features (compared to my old HTC Hero with Android 1.6) that I just noticed.
Seems like it supports some sort of disc encryption!
Also, you can choose what CA’s to trust! Choose whom to trust!
Great news everyone!
I am having a few concerns regarding the encryption introduced. I have started a disscustion around it on the android stackexchange, feel free to contribute with your thoughts.
The encryption forces the use of the same password/PIN for the screen unlock as for the decryption. Thus discouraging the use of secure passwords or passphrases (hands up, who wants to write a 17 mixed case letter and digit password on the onscreen keyboard, everytime you want to check your phone or send a text messsage?).
I tried to encrypt my phone last night and it seem to have crashed in the middle of the encryption. Claiming it was aborted (I left it alone connected to a charger), and in need a factory reset. Rather annoying, even though the second try was successful. So beware that this might happen if you encrypt your phone.