In a significant move to enhance mobile security, Google has announced the launch of a new security setting called Advanced Protection mode. This feature is designed to provide an extra layer of defense against various attacks, including those that target devices, intercept calls via insecure carrier networks, and deliver scams through messaging services. The unveiling took place on Tuesday, with most features set to roll out in the upcoming Android 16 release.
The announcement comes at a time when mercenary malware, particularly that sold by the NSO Group, continues to thrive in the market. This malware is part of a wider ecosystem of exploit sellers who offer attacks-as-a-service. These services exploit zero-day vulnerabilities on targeted devices, infecting them with sophisticated spyware that captures sensitive data, including contacts, message histories, and locations. Over the past decade, even fully updated Android and iOS devices have fallen prey to such attacks, raising significant concerns among users.
Google's Advanced Protection is a proactive measure against these types of threats. With just a simple toggle in the device settings, users can enable an array of protections designed to counter some of the most common hacking techniques. However, users should note that while these protections significantly enhance security, they may also affect the performance and capabilities of the device. Thus, Google recommends this mode primarily for high-risk individuals such as journalists, elected officials, and anyone who stands to lose critical information if targeted.
Il-Sung Lee, Google’s product manager for Android Security, stated, “With the release of Android 16, users who choose to activate Advanced Protection will gain immediate access to a core suite of enhanced security features.” Additional features, including Intrusion Logging, USB protection, and Scam Detection integration, are expected to be rolled out later this year.
Activating the Advanced Protection mode enables users to benefit from a comprehensive set of existing and new security features. This defense-in-depth approach is particularly useful in high-risk environments, such as border crossings or when using older carrier networks that lack modern anti-snooping technologies. The features include:
The inability to connect to 2G networks, which do not provide encryption protections, making voice and text communications vulnerable to monitoring. No automatic connections to insecure Wi-Fi networks, such as those using WEP or lacking encryption. Activation of the Memory Tagging Extension, a modern memory management feature that enhances protection against use-after-free exploits and other memory corruption attacks. Automatic locking of devices when offline for extended periods. Automatic power-down of devices when locked for prolonged periods to render user data unreadable without a fresh unlock. Intrusion logging that records system events to a secure area of the phone for detecting and diagnosing successful or attempted hacks. JavaScript protections that disable Android's JavaScript optimizer, mitigating certain types of exploits.In many ways, Advanced Protection serves as the Android counterpart to Apple’s Lockdown mode, introduced in iOS 2022. Both modes aim to minimize the "surface area" available for hackers by disabling non-essential components that are more prone to exploitation. Users can expect that operating in Advanced Protection mode will be largely comparable to standard operation, ensuring security without sacrificing usability.
