Android’s open source nature could be slightly compromised for security
Security is the priority for every technology and its based aspects, and Google pays close attention to this crucial thing. To protect Android, it has market-leading security measures. Android devices have become popular and trusted globally because of the protection that they offer to users’ sensitive data and information. The open-source Android project is managed by Google and serves as the operating system for mobile devices. This website and the Android Open Source Project (AOSP) repository provide the details and source code required to develop specialized Android OS versions, port devices, and accessories for the Android platform.
This makes sure that the devices satisfy compatibility standards that keep the Android ecosystem a healthy and stable environment for millions of users. The Android OS and AOSP contain essential libraries, programs, and files that are related to the initiation of the operating system. The open source code is the notable term for Android, but it seems Google is bringing a transformation to this, too, for its enhancement of security. The majority of AOSP code is released under the Apache 2.0 license, which is a permissive license that enables unrestricted use, distribution, and modification by anyone.
But it doesn’t include developers who are not the current employers of Google and do not have the opportunity to contribute to Android code development. The Android Open Source Project is a very large project with many interconnected parts, noted for its size and complexity. This brings in frequent bugs and vulnerabilities in the code that was submitted by an outside collaborator. However, Google’s selection of reviewers for the checking process may be unknown. Also, Google always remains committed to integrating portions of outside source code, but under strict conditions that ensure the particular requirements are satisfied.
Google’s objective is to improve supply chain security for the Android source code. As a result, the unintentionally added vulnerabilities and quantity of bugs have decreased. It is expected that starting next month, two Google reviewers will have to approve each piece of external code submitted to AOSP before it can be used.
Thanks to “Mishaal Rahaman“