Can Project Treble make Android more secure?
Google wants to make Android O (we do not know what O means, just yet) their most secure mobile OS and Project Treble is at the heart of it. It brings some major changes to the Android system architecture. One of them is the separate vendor interface for OEMs, which gives them more control over the update process and delivers updates to users on time. It will enhance the security too, if the security patches released by Google for specific attacks are made available on time. A post on Android Developer’s blog, published 18 July, reveals that Project Treble has wider security benefits.
It adds another layer of security over Android system by isolating HALs (hardware-level abstraction) in its own processes. This restricts it from accessing any other hardware driver except the one it controls. Earlier, all HALs had access to all permissions and drivers of another HAL as they were placed on the same system server. For example, a HAL for video could access permission and drivers for a HAL dedicated to the camera, even if it had no use of it.
HAL sits at the top of the operating system kernel layer. It is basically an interface which allows apps and system services to interact with kernel device drivers which are written in a different language. For example, for a camera app to take advantage of the camera drivers, a specific HAL module is needed in between.
20 HALs for apps such as sensors, GPS, fingerprint, phone, camera and Wi-Fi have been moved out of system server to their sandboxed processes. So if a HAL is compromised, it will only affect the process it is running on and not the entire system server.
This will also address the vulnerabilities in the system server. According to a joint study by researchers from Pennsylvania State University and University of Chinese Academy and Sciences, published in October 2016, 97% of all Android devices are vulnerable to attacks targeted at system servers. These attacks can affect critical system functionalities or reboot the system to prevent phones from performing specific tasks such as running an anti-virus, updating an app or patching the system.