Kaspersky Lab. one of the world’s largest privately held vendor of endpoint protection solutions has just released their security analysis on the soon-to-reach us Android 4.4 KitKat.
Last week I reported on how Sony and Samsung have released lists on devices that are due for an update, but how edible (read; safe) is this KitKat?
“One of the biggest upgrades within Android 4.4 is that it will warn a user if a Certificate Authority (CA) is added to the device, making it easier to identify Man-in-the-Middle attacks inside a user’s network, explains Stefan Tanase, security expert at Kaspersky Lab. Google Certificate Pinning makes it harder for complicated attackers to intercept network traffic to and from Google services, by ensuring only whitelisted SSL certificates can connect to certain Google domains.”
From the point of view of malware threats, these enhancements do not really make a big difference. The most common Android infection source remains the same: unofficial apps downloaded from third-party stores. Thus the most important change from Android 2.3 is the lowered recourse usage. Users can look forward to Android 4.4 running on devices with just 512MB of RAM, which, for high end hardware means faster operation and much better battery life.