Google will also make the source code public for external audits.
Google has introduced new features to Android’s Private Compute Core, a secure environment currently in the beta stages of development.
On Thursday, Suzanne Frey, VP, Product, Android & Play Security and Privacy said in a blog post that the new suite will “provide a privacy-preserving bridge between Private Compute Core and the cloud.”
Currently in Android 12 Beta, Private Compute Core is an open source platform that aims to isolate itself from other apps and the main operating system on an Android device to improve privacy and security.
The new features are:
- Live Caption: Captions added to media using on-device speech recognition
- Now Playing: Machine learning (ML) algorithms able to recognize music playing nearby
- Smart Reply: Suggests relevant responses based on the messaging and active conversations
While these features, in themselves, aren’t privacy-based, Google says that new functionality will be implemented with each Android release — and each one brings the sandboxed Android area closer to completion.
Each feature utilizes ML and to keep data gathered by them private and secure — including speech records, environmental noise detection, and the context of conversations, should users enable it — they will be processed in the Private Compute Core and will not be shared with other apps unless expressly permitted by the handset owner.
Frey added that the core will “let your device use the cloud (to download new song catalogs or speech-recognition models [for example]) without compromising your privacy.”
Google intends to publish the source code of Private Compute Services to allow third-party researchers the opportunity to perform audits.
“We’re enthusiastic about the potential for machine learning to power more helpful features inside Android, and Android’s Private Compute Core will help users benefit from these features while strengthening privacy protections via the new Private Compute Services,” Frey commented.
Google outlined plans to improve Android security in February. A particular focus for the tech giant is to tackle memory problems — such as corruption and buffer overflows — as over half of vulnerabilities impacting the operating system are related to this area. In addition, media, Bluetooth, and NFC are also on the radar for hardening.
The firm is encouraging developers to take advantage of programming languages including Java and Rust, and Google is also working on ways to improve the security of C and C++ applications.
Source: https://www.zdnet.com/article/google-debuts-new-private-compute-features-to-ramp-up-android-security/#ftag=RSSbaffb68?&web_view=true