Categories
Android Privacy

The Android 11 Privacy and Security Features You Should Know – WIRED

If you’re lucky enough to be in the first batch of recipients, you might already have Android 11 up and running on your phone; if not, it’ll be rolling out to your handset in the weeks and months ahead.

As with most major Android updates, security and privacy features get plenty of attention, and there are now more integrated tools and options than ever to keep you and your smartphone safe from snoops and data thieves. Let’s take a look at them.

One-Time Permissions

You’re likely familiar with the process of granting apps permission to parts of your phone like the microphone and camera, but with Android 11 there’s a new setting to be aware of: a one-time permission that means an app can use your camera (or microphone or location) for now, but it will have to ask again next time it wants access.

It’s perfect for apps that you don’t altogether trust or that you don’t use very often—it’s less suitable for apps that you always use (approving Instagram’s access to the camera every time you want to take a snap would quickly get tiresome).

You’ll see the new option appear on key permissions—camera, microphone, location—when apps need them, so choose wisely. Android 11 has another new and related feature that’s less obvious: If you don’t use an app for a few months, all its previous permissions will be reset, and it will need to request them again.

Permissions will be reset on apps you don’t use.

Screenshot: David Nield

Scoped Storage

Not very exciting from an end-user perspective, but important in the behind-the-scenes security of Android 11, scoped storage means that apps have access to their own silos of data and aren’t necessarily allowed to access silos from other apps, which in theory should keep your sensitive information more secure.

It’s a somewhat controversial change: Apps might want to get data from other apps or services for a variety of reasons, such as an image-editing app accessing your photo gallery, for example. Scoped storage doesn’t make that impossible, but developers have to jump through more hoops and abide by Android’s rules to make it happen.

In terms of what you’ll see while you’re running Android 11, this shouldn’t make much of a difference: Your device will automatically be safer because apps will have greater restrictions on them. If you do see apps put up permission requests for storage folders on your device, just double-check what exactly they’re asking for before deciding to allow or block it.

Background Location Access

There’s one more permission-related feature in Android 11 that’s worth mentioning, and that’s background location access—apps being able to track your location in the background. When an app first asks for permission to track location, the option to enable this all the time (even when the app isn’t running) isn’t available: You need to visit the app’s specific page in Android Settings to do this. The extra steps should, in theory, make us all think twice about granting background location access to an app, rather than just automatically tapping to grant permission out of habit.

More security updates will arrive via the Google Play Store.

Screenshot: David Nield via Google

Secure Identity Credentials

This is more for the future of the mobile operating system rather than anything you can actually do right now, but Android 11 introduces special tools for managing secure identities on your phone—think electronic IDs or drivers licenses, for example, so your phone effectively becomes an ID badge.

None of this is fully enabled right now, but the tools are there inside Android 11 in case developers want to make use of them, which Google is encouraging them to do. It may not be available in every region and on every Android 11 device for a while, but it’s a start.

One of the crucial aspects of the new feature is that your credentials will be stored offline, so the ID information won’t be transmitted to the web, and will be very difficult to get off your phone should it fall into the wrong hands. Keep an eye out for more on this feature in future Android updates.

Biometrics and Encryption

Two smaller Android 11 security updates worth mentioning focus on biometrics and encryption. Biometric support in Android 11—fingerprint and face unlock—has been extended to a wider range of devices, Google says, with more levels of authorization (so face unlock that doesn’t use the most powerful recognition technology can’t be used to make mobile payments, for example).

As for encryption, Android devices are already encrypted by default, so without your PIN the data on your phone is essentially unreadable. But in Android 11 the encryption is applied immediately after an over-the-air update, before you’ve even logged back in. It’s a small change, but it closes another loophole that could have been used to get at your private information.

More Updates via the Google Play Store

Android 11 builds on an existing initiative called Project Mainline, which essentially pushes key security updates through the Play Store—this means you don’t need to wait for Samsung, Sony, or whichever company made your phone to get around to rolling out a new version of Android before your handset is secure.

Major Android updates are still going to drop once a year as usual, with new features and options, but Project Mainline means Google can react faster to security threats on Android and make sure any phone with access to its Play Store is patched up as quickly as possible.


More Great WIRED Stories

Read More

Categories
Privacy Safari's

How to Get Safari’s New Privacy Features in Chrome and Firefox – WIRED

Apple just unveiled a raft of changes coming with the new macOS Big Sur later this year. Along with the visual redesign, the introduction of Control Center, and upgrades to Messages, the built-in Safari browser is getting new-and-improved privacy features to keep your data locked away.

You don’t have to wait for macOS Big Sur to drop to get a lot of these upcoming features though—both Mozilla Firefox and Google Chrome have similar features, or they can with the help of a third-party extension. Here’s how you can get Firefox or Chrome up to par with Safari in macOS Big Sur today.

The Changes Coming to Safari

When macOS Big Sur arrives, Safari is going to look somewhat different.

Courtesy of Apple

Privacy and data protection are already big priorities for Safari, but the version coming with macOS Big Sur is going to go even further to protect you from being tracked on the web. Some of the existing features are becoming more visible, while Safari is also embracing more extensions, with as much care for user safety as possible.

The browser already warns you against using passwords that are easily guessed or that you’ve used before (assuming they’re saved in Safari’s password locker), but the next version will also warn you if your email address, username, or password have been exposed in a data breach online—which would mean the need to take action and change your password would be even more urgent.

A new Privacy Report button is getting added to the toolbar—you can click on this to see exactly which trackers Safari is blocking in its ongoing attempts to stop advertisers and companies from following you around the web. Safari is particularly good at stopping “fingerprinting,” where various characteristics of your device (like screen resolution and operating system) are used to figure out who you are.

This same Privacy Report is going to be displayed on your browser start page, which should give you a better idea of which sites are most aggressively trying to track you, as well as showing off the work that Safari is busy doing in the background.

Safari in macOS Big Sur is also boosting support for extensions. (Safari already has extensions, but there aren’t many of them.) New developer tools will make it easier for add-ons to be ported from Chrome and Firefox, and Safari is going to give users a suite of controls to limit the browsing data and other information that extensions are able to get access to.

Adding Features to Chrome

uBlock Origin is one Chrome extension that can block trackers.

Screenshot: David Nield via Google

Google already checks the passwords that it saves for you against a database of leaked credentials (besides warning about duplicates and passwords that could be easily guessed)—this is actually a Google account feature as well as a Chrome one. From the Chrome Settings panel, click Passwords then Check passwords to run an audit.

You can already get some tracking data about a site by clicking the icon to the left of a URL in the address bar in Chrome (the icon will be either a padlock or an info bubble). To get even more tracking data, and to selectively block it, Safari-style, you can use an extension like uBlock Origin: One click shows you how many trackers are active on a page and which have been stopped by uBlock Origin.

As well as stopping tracking across multiple sites, uBlock Origin also suppresses aggressive ads and protects against sites embedded with malware. A similar tool for Chrome that you can try is Disconnect—again, a single click blocks out tracking technologies, unwanted advertising, and social plug-ins (used by the likes of Facebook to see what you’re up to when you’re out and about across the web).

Individual trackers and sites as a whole can be granted permission to operate outside of the restrictions put in place by uBlock Origin and Disconnect, which can be used for sites with responsible advertising that you want to support. As an added bonus, all of this tracking and blocking should mean a faster browsing experience too.

Policing extension permissions isn’t quite as easy in Chrome as it sounds like it will be in the next Safari upgrade, but you do have options: Choose More Tools then Extensions from the Chrome menu, then click Details next to any extension. The next page shows you the permissions the add-on has and lets you set when and how the utility can read your browsing data—on all sites (everywhere you go, without question), on specific sites (only on sites you specifically list), or on click (so you’ll be asked for permission whenever access is required).

Adding Features to Firefox

Firefox comes with a host of privacy protections built in.

Screenshot: David Nield via Firefox

Firefox already packs plenty of user privacy and anti-tracking technology into its interface, so you don’t need to do too much in the way of tweaking to get it up to par with the improvements that Apple just announced for Safari. It blocks more than 2,000 web trackers by default, for example, and warns you if your details are included in a data breach as part of its Firefox Monitor and Firefox Lockwise tools.

Click the little purple shield icon to the left of the address bar on any site to see what Firefox has blocked, including advertising trackers, social media plug-ins, attempts to fingerprint your device, and more. Firefox will intelligently allow some plug-ins to run if blocking them would seriously compromise the functionality of the site—it’s then your choice to continue using the site or find an alternative. To open a report on how these various measures are working over time, open the main Firefox menu and choose Privacy Protections.

If you open up Preferences then Privacy & Security from the Firefox menu, you can choose how these measures (called Enhanced Tracking Protection) are applied. Three different modes of operation are available—Standard, Strict, and Custom—and it’s possible to tailor the level of blocking for specific sites too. Enhanced Tracking Protection can be turned off for sites that you particularly trust, as well.

It’s fantastic having all of these features built right into Firefox, and it may be where Apple got some of its inspiration from for Safari, but plenty of third-party extensions are also available if you want to go even further. uBlock Origin and Disconnect are both available for Firefox as well as Chrome, for example, and both work in the same way: With one click on the browser toolbar you can see which adverts and trackers are being blocked.

To keep watch over which extensions are allowed to what in Firefox, choose Add-ons then Extensions from the program menu. Click the three dots next to any extension to see the data and browser features that it has access to—for the time being you can’t change this, though you can block add-ons from running in private browser windows. If an extension is using a permission that you’re not happy with, you’ll have to uninstall it.


More Great WIRED Stories

Read More