More

    Google announces Android Partner Vulnerability Initiative to manage Android OEM security issues

     

    Google’s Android Security & Privacy group has initiated the Android Partner Vulnerability Initiative (APVI) to regulate security issues, particularly to Android OEMs. The APVI is formulated to navigate remediation and deliver clarity to users about issues we have discovered at Google that influence device models dispatched by Android partners.

    Android phones are created in such a way that several Original Equipment Manufacturers (OEM) assemble important elements for phones that are being dispatched. Virtually every leading tech company takes part in this, but Google is a company that has come under a lot of pressure for not being competent to protect its users as they might originally want to be. This is something that can have an extensive negative impact on the internet in common, which means that Google needs to start taking these security risks seriously, something that the tech giant has more or less been doing of late.

    Improving Android OEM device security

    Google publishes ASR reports in the Android Open Source Project (AOSP) based code through the Android Security Bulletins (ASB). These reports contain problems that could affect all Android-based devices. All Android partners must accept ASB changes to proclaim the current month’s Android security patch level (SPL). But until recently, they didn’t have a proper way to process Google-discovered security issues outside of AOSP code that is distinct to a much smaller set of specific Android OEMs. The APVI strives to close this gap, by putting in another layer of security for this targeted pair of Android OEMs.

    The Android Security Rewards Program as well as the Google Play Security Rewards Program, both of which display exposures that are accumulated into Android Security Bulletins, that are then fixed in patches that are rolled out every month, Google is now nudging this procedure even further with the Android Partner Vulnerability Initiative.

    The APVI covers Google-discovered dangers that could potentially affect the security posture of an Android device or its user and is aligned to ISO/IEC 29147:2018 Information technology – Security techniques – Vulnerability disclosure directions. This initiative covers a wide range of problems affecting device code that is not protected by Google.

    This will implicate the team accountable for Android security checking out all OEMs that collaborate with Google and other Android phone manufacturers and making it in such a manner that significant defects in their components are identified. Each vulnerability that is found out will be documented individually along with the name of the manufacturer. With this Google will be able to guarantee that these types of situations happen far less often.

    Recent Articles

    Weekly Newsletter (25th Apr’ 21 to 1st May’ 21)

      Here’s the Weekly Newsletter from 25th April’ 2021 to 1st May’ 2021: 1. Moolympics #3: Diversity, Equity, and Inclusion through UX - Moolya Software Testing Private...

    OpKey University launched to provide advanced automation testing training

      Opkey announced on 26th April 2021 that the company has launched its own "Opkey University". According to OpKey University, software testing is a critical...

    Cypress 7.2.0 released with New Features and Bugfixes

      Cypress.io recently released Cypress 7.2.0 version, the new version comes with various bug fixes and new features. Users can now navigate through folders in...

    Moolympics #3: Diversity, Equity, and Inclusion through UX

      Moolya Software Testing Private Limited recently launched Moolympics which is a monthly competition series that covers different skills, values, cultures you bring to the...

    Weekly Newsletter (18th Apr’ 21 to 24th Apr’ 21)

      Here’s the Weekly Newsletter from 4th April’ 2021 to 10th April’ 2021: 1. OpKey launches Industry’s First Marketplace for ERP Test Automation - Opkey recently launched...

    Related Stories

    Stay on op - Ge the daily news in your inbox