Android Security

9 Security Reasons You Should Upgrade to Android 8.0 Oreo

Abhishek Kurve 10-01-2018

Android 8.0 Oreo is stuffed full of exciting features, right from Instant Apps Android Instant Apps: What They Are and How to Start Using Them Android's Instant Apps let you use an app's best features without installing it. Here's how they work and how to try them now. Read More to Notification Channels All the New Ways to Use Notifications in Android 8.0 Oreo Android 8.0 Oreo's notification channels are a powerful new way to make sure that your phone only alerts you of priority information. Here's everything on the way notifications have changed in Oreo. Read More . While most users are pretty excited about these new features, there’s a full range of little-known, under-the-hood security enhancements in Google’s newest operating system.


Security features might not get you as excited as other headline features, but they are equally important. Security terminologies can be quite confusing for the average non-tech person, so here’s our attempt to simplify the security features in Android 8.0 Oreo.

Security Enhancements Baked Into Software

Here are some security features baked right into the operating system, and they come with every Android 8.0 Oreo device out-of-the-box.

1. Sideloading Apps Is Now Granular and Safer

Unlike iOS, Android has been pretty “open” about letting users sideload apps on their device How to Manually Install or Sideload Apps on Android Want to sideload apps on your Android phone? Installing APKs manually on Android opens up a whole new world of apps, and it's easy to do. Read More . Sideloading apps let you gain access to all kinds of apps, but installing apps from unverified sources can prove to be a huge security risk.

In Android 8.0 Oreo, there’s a big change in how you sideload apps If You Sideload Apps, You Must Know About This Change in Android Oreo Many Android users know that sideloading lets you install apps from outside the Play Store. But there's a big change coming in Android 8.0 Oreo that you'll want to know about. Read More . Instead of a global setting that allows installation of apps from anywhere, Oreo requires you to toggle this setting on a per-app basis. For instance, you can allow manual installation of APKs from the Amazon Appstore, but block installation of APKs downloaded from Google Chrome.

security reasons to upgrade to android oreo 8.0


This fine-grained behavior lets you be very specific about the sources you can install apps from, thus preventing you from installing apps from shady sources.

Also, Google Play Protect How Google Play Protect Is Making Your Android Device More Secure You may have seen "Google Play Protect" popping up, but what exactly is it? And how does it help you? Read More can check unknown apps for security threats.

2. Android Verified Boot 2.0 Prevents Tampering

Android Verified Boot is a security feature built into Android since 4.4 KitKat. Clever Android malware with root permissions can hide and mask themselves, making them undetectable to security apps 6 Android Security Apps You Should Install Today Android security apps - capable of blocking malware and phishing attempts - are necessary if you wish to run a safe and secure smartphone. Let's look at some of the best Android security apps currently... Read More . This feature prevents a device from booting up if the software is tampered with.

But a hacker could potentially downgrade the device to an older version, thus bypassing this feature.


To combat this, Oreo comes with Android verified Boot 2.0, which supports Rollback Protection. It is designed to prevent a device from booting if downgraded to an older or more vulnerable version.

This is accomplished by storing the operating system version inside a special hardware. Currently, the Pixel 2 and Pixel 2 XL come with this protection. Google strongly recommends all device manufacturers incorporate this feature in the future.

3. Project Treble Enables Better Sandboxing

Project Treble was primarily designed to help device manufacturers quickly roll-out new versions of Android. Behind the scenes, it’s a major redesign of the Android framework — separating device-specific code from the operating system framework.

Along with faster updates, it also plays a key role when it comes to security.


Because of the re-designed modular framework and better sandboxing, exploits in one part have fewer chances of affecting other parts of the system.

security reasons to upgrade to android oreo 8.0

The Hardware Abstraction Layer (HAL) provides an interface between system hardware and software. Traditionally, it included direct access to kernel drivers, which resulted in HALs having extra permissions and access to hardware which wasn’t absolutely required.

In Oreo, each HAL runs in its own sandbox. This translates to less-abused app permissions and hardware drivers.


Security Enhancements That Protect You on Networks

Here are some security enhancements in Oreo that help you stay safe while browsing the internet Make Your Browsing Safer with These 7 Simple Tips Safe browsing is more of an ongoing task than a set-it-and-forget-it affair. That's why we have come up with seven essential starter tips to help you browse more safely. Read More .

4. Deprecated Insecure Version of SSL

SSL/TLS are network protocols used to provide secure communications over the internet. In 2014, Google researchers discovered a security vulnerability in SSL v3.0.

With Oreo, Android has stopped supporting this old and insecure version of SSL.

Oreo also drops support for TLS version fallback, which was a compatibility workaround to connect to servers that have an improper implementation of TLS. Google says that the workaround was removed because it weakened security. For the end users, this implies stronger security when communicating on the internet.

security reasons to upgrade to android oreo 8.0

Oreo also brings a couple of security changes to the WebView element. For the uninitiated, you can think of WebView as a browser bundled inside an app.

First, the components of WebView have been split into a separate process, which helps in handling untrusted content safely with sandboxing. It now also supports Safe Browsing, which warns you of fraudulent and deceptive sites 7 Quick Sites That Let You Check If a Link Is Safe Before clicking a link, use these link checkers to check that it doesn't lead to malware or other security threats. Read More .

5. Stay Protected on Public Wi-Fi

It’s no secret that there are inherent risks associated when you connect to a public unsecured Wi-Fi 5 Ways Hackers Can Use Public Wi-Fi to Steal Your Identity You might love using public Wi-Fi -- but so do hackers. Here are five ways cybercriminals can access your private data and steal your identity, while you're enjoying a latte and a bagel. Read More . Its open nature could potentially let hackers steal your personal information.

Thankfully, the WiFi Assistant feature in Oreo can help you connect to a high-quality Wi-Fi network and secure it with a VPN 8 Totally Free VPN Services to Protect Your Privacy Free unlimited data VPNs don't exist unless they're scams. Here are the best actually free VPNs around that you can try safely. Read More back to Google. However, this feature seems to be exclusive to Project Fi and Nexus/Pixel users as of now.

Security Enhancements Related to Hardware

Alongside the software improvements, Google has gone a step further to introduce some cool hardware-related security features in Oreo.

6. Support for Tamper-Resistant Hardware

Android Oreo enables support for a dedicated hardware security module that protects your lock screen Improve Your Android Lock Screen Security With These 5 Tips You're perhaps reading this thinking "hah, no thanks MakeUseOf, my Android is secured with a lock screen pattern – my phone is impregnable!" Read More passcode against physical attacks. The Pixel 2 is the first phone to come with such a security module.

security reasons to upgrade to android oreo 8.0

The tamper-resistant hardware has its own dedicated RAM and other components, so it can fully control its own execution. Google says that it can also detect and defend against outside attempts to physically tamper with it. The tamper-resistant hardware complements the software-based security mechanism and delivers enterprise-grade security.

7. Support for Physical Security Keys

If you’ve enabled two-factor authentication What Is Two-Factor Authentication, And Why You Should Use It Two-factor authentication (2FA) is a security method that requires two different ways of proving your identity. It is commonly used in everyday life. For example paying with a credit card not only requires the card,... Read More (which you definitely should), you might agree that entering unique codes as the second form of authentication can be quite a hassle. In that case, physical U2F security keys What Are U2F Keys and Where Are They Supported? U2F keys are one of the best ways to keep your accounts safe and secure. But where are U2F keys supported? Read More can act as a second form of authentication, removing the hassle of manually entering the codes.

security reasons to upgrade to android oreo 8.0

Fortunately, Android Oreo brings support for physical security keys that you can connect to your phone using Bluetooth or NFC.

Currently, developers are required to build this feature into their apps, so it might take a while until you can start seeing them in action.

Other Tiny Security Improvements

Besides the above highlight features, here are a few other tiny security-related tweaks made in Android Oreo.

8. Kernel Lockdown

Android Oreo limits access to the kernel with the help of a new seccomp filter. Using this, Google says that it can shut down unused system calls, thus reducing kernel attacks. For the end-users, this means that the kernel is less likely to be exploited by malicious apps.

9. Dismissive System Alert Overlays

Typically, Android allows apps to create popups on top of other Android apps. Developers have utilized this feature to build some innovative concepts like picture-in-picture mode inside apps.

But some hackers have also exploited this feature to display pop-ups asking for ransom or even tricking users into giving away their credentials Don't be a Victim of These Common Phishing Attacks Read More .

In Oreo, there’s a persistent notification whenever there’s a System Alert Overlay. It also lets you easily dismiss the notification and remove this overlay.

Android 8.0 Oreo Fixes Security Woes

Google seems to have left no stone unturned in 8.0 Oreo when it comes to security. However, it has quite a few catch-ups to do with iOS in regards to security Android vs. iPhone: Which Is More Secure in 2017? But before you rush out and buy a new smartphone, consider this: which is the most secure smartphone operating system? Is it an Android device or an iPhone? Let's look at the facts. Read More . But with all these security enhancements and the ever-increasing Android Security Rewards payout, it certainly seems like Google is strongly committed to making Android more secure.

Even though you can try Oreo’s headline features on older Android devices 7 New Android O Features You Can Get Right Now The Android O Developer Preview is out for select devices! But you can get the best features on your phone or tablet without upgrading. Read More , these security improvements cannot be replicated, which makes it a compelling upgrade. It’s a no-brainer to upgrade to Android 8.0 Oreo right now How to Install Android Oreo Right Now Want to upgrade your Pixel or Nexus device to Android Oreo right now? Here's how you can do so and skip the rollout wait. Read More if your device supports it.

What do you think of the security enhancements in Android Oreo? Do you think Android will ever be on par with iOS when it comes to security? Share your thoughts with us in the comments below.

Related topics: Android, Smartphone Security.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. nasir ali
    January 11, 2018 at 12:13 pm

    Your and greatest data post i like this your for Wedding Anniversary Wishes Images

  2. The Magician
    January 11, 2018 at 10:21 am

    Where's the DNS over TLS Support?

  3. vferg
    January 10, 2018 at 6:37 pm

    These kind of articles make it seem like I dont want to upgrade... They should be addressed to our manufactorer's and service providers though! Still waiting on the update to come out almost half a year later...