Home Technology Google Launches New Program to Quickly Fix OEM Security Issues, Creating Team...

Google Launches New Program to Quickly Fix OEM Security Issues, Creating Team for Bug Discovery in Sensitive Apps

Google has now introduced a new initiative to help third-party Android vendors patch flaws and vulnerabilities faster. It has introduced a new Android Partner Vulnerability Initiative which essentially helps manufacturers in discovering flaws and fixing them soon. Separately, Google is also creating a new Android security team that will only be focused on looking for vulnerabilities in highly sensitive apps on Google Play store.

The new Android Partner Vulnerability Initiative (APVI) has been launched by Android Security and Privacy team to manage security issued related to third-party Android vendors. The blog post explains that this initiative looks to ‘drive remediation and provide transparency to users about issues discovered at Google that affect device models shipped by Android partners.’

The APVI has already addressed a number of security issues. It doesn’t list vendor partners, but a bug tracker for the initiative mentions OEMs like Oppo, Huawei, Vivo, ZTE, and Meizu. Chip maker MediaTek has also been listed, along with Digitime and Transsion. Google mentions that most of the vulnerabilities found have been fixed by vendors. If anything, this initiative will put some onus on Android vendors to take security of phones and other devices more seriously and fix issues speedily.

Google has also published a new job posting looking for a ‘Security Engineering Manager’ to help ‘create and maintain the safest operating environment for Google’s users and developers’.

Sebastian Porst, Software Engineering Manager for Google Play Protect told ZDNet that Google is looking to build a team that will focus on highly sensitive apps like COVID-19 contact tracing apps and election-related applications. The job posting explains, “Your team will perform application security assessments against highly sensitive, third party Android apps on Google Play, working to identify vulnerabilities and provide remediation guidance to impacted application developers.”

While Google does have a bug bounty initiative called the Google Play Security Reward Program (GPSRP) wherein it offers security researchers money in exchange for finding bugs, but this program is limited to apps that have more than 100 million users and highly sensitive apps aren’t always eligible for GPSRP rewards. This new team looks to close this loophole and help make the Google Play store ecosystem a little more secure.

Should the government explain why Chinese apps were banned? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts, Google Podcasts, or RSS, download the episode, or just hit the play button below.

Source link


Please enter your comment!
Please enter your name here

Most Popular

Snapdragon 888: Realme ‘Race’, Red Magic 6, Oppo Find X3, and Other Upcoming Phones Based on the New SoC From Qualcomm

Realme ‘Race' as well as Red Magic 6, Oppo Find X3, Nubia Z, and ZTE Axon 30 series are set to debut in...

ZTE Blade V2021 5G With Triple Rear Cameras, Dimensity 720 SoC Launched: Price, Specifications

ZTE Blade V2021 5G has been launched in China as the latest smartphone offering from the company. The phone has a triple rear...

iPhone 12 Series Users Are Complaining About Frequent Signal Drop Issue on Verizon, AT&T, T-Mobile

iPhone 12 series users are reportedly facing network issues on their phones. Many users have posted complaints on social networks about losing connection,...

Samsung One UI 3.0 Update Schedule Announced for Smartphones in Egypt

Samsung has shared a timeline for when it will release stable One UI 3.0 update for most of its phones. The schedule is...