Merge "Update existing security FAQ and Developer Overview"

Author: Adrian Ludwig

docs/html/guide/topics/security/security.jd

@@ -20,6 +20,10 @@ page.title=Security and Permissions
 </ol>
 </div>
 </div>
+<p>This document describes how application developers can use the
+security features provided by Android.  A more general <a
+href="http://source.android.com/tech/security/index.html"> Android Security
+Overview</a> is provided in the Android Open Source Project.</p>
 
 <p>Android is a privilege-separated operating system, in which each
 application runs with a distinct system identity (Linux user ID and group
@@ -41,7 +45,7 @@ includes reading or writing the user's private data (such as contacts or
 e-mails), reading or writing another application's files, performing
 network access, keeping the device awake, etc.</p>
 
-<p>Because the kernel sandboxes applications from each other, applications
+<p>Because Android sandboxes applications from each other, applications
 must explicitly share resources and data. They do this by declaring the
 <em>permissions</em> they need for additional capabilities not provided by
 the basic sandbox. Applications statically declare the permissions they
@@ -50,11 +54,11 @@ application is installed. Android has no mechanism for granting permissions
 dynamically (at run-time) because it complicates the user experience to the
 detriment of security.</p>
 
-<p>The kernel is solely responsible for sandboxing applications from each
-other. In particular the Dalvik VM is not a security boundary, and any app
-can run native code (see <a href="/sdk/ndk/index.html">the Android NDK</a>).
-All types of applications &mdash; Java, native, and hybrid &mdash; are
-sandboxed in the same way and have the same degree of security from each
+<p>The application sandbox does not depend on the technology used to build
+an application. In particular the Dalvik VM is not a security boundary, and
+any app can run native code (see <a href="/sdk/ndk/index.html">the Android
+NDK</a>). All types of applications &mdash; Java, native, and hybrid &mdash;
+are sandboxed in the same way and have the same degree of security from each
 other.</p>
 
 <a name="signing"></a>
@@ -220,12 +224,13 @@ permission:</p>
 </pre>
 
 <p>You can look at the permissions currently defined in the system with the
-shell command <code>adb shell pm list permissions</code>.  In particular,
-the '-s' option displays the permissions in a form roughly similar to how the
-user will see them:</p>
+Settings app and the shell command <code>adb shell pm list permissions</code>.
+To use the Settings app, go to Settings &gt; Applications.  Pick an app and
+scroll down to see the permissions that the app uses. For developers, the adb '-s'
+option displays the permissions in a form similar to how the user will see them:</p>
 
 <pre>
-$ adb shell pm list permissions -s      
+$ adb shell pm list permissions -s
 All Permissions:
 
 Network communication: view Wi-Fi state, create Bluetooth connections, full

docs/html/resources/faq/security.jd

@@ -7,8 +7,7 @@ parent.link=index.html
     <li><a href="#secure">Is Android Secure?</a></li>
     <li><a href="#issue">I think I found a security flaw. How do I report
     it?</a></li>
-    <li><a href="#informed">How can I stay informed of Android security
-    announcements?</a></li>
+    <li><a href="#informed">How can I stay informed about Android security?</a></li>
     <li><a href="#use">How do I securely use my Android phone?</a></li>
     <li><a href="#malware">I think I found malicious software being distributed
     for Android. How can I help?</a></li>
@@ -26,9 +25,15 @@ Android Open Source Project. We are dedicated to building and maintaining one
 of the most secure mobile platforms available while still fulfilling our goal
 of opening the mobile device space to innovation and competition.</p>
 
-<p>The Android Platform provides a rich <a
+<p> A comprehensive overview  of the <a
+href="http://source.android.com/tech/security/index.html">Android
+security model and Android security processes</a> is provided in the Android
+Open Source Project Website.</p>
+
+<p>Application developers play an important part in the security of Android.
+The Android Platform provides developers with a rich <a
 href="http://code.google.com/android/devel/security.html">security model</a>
-that allows developers to request the capabilities, or access, needed by their 
+that to request the capabilities, or access, needed by their
 application and to define new capabilities that other applications can request.
 The Android user can choose to grant or deny an application's request for
 certain capabilities on the handset.</p>
@@ -49,63 +54,57 @@ can protect your message using our <a
 href="http://code.google.com/android/security_at_android_dot_com.txt">PGP
 key</a>.</p>
 
-<p>We appreciate researchers practicing responsible disclosure by emailing us 
-with a detailed summary of the issue and keeping the issue confidential while 
+<p>We appreciate researchers practicing responsible disclosure by emailing us
+with a detailed summary of the issue and keeping the issue confidential while
 users are at risk. In return, we will make sure to keep the researcher informed
 of our progress in issuing a fix and will properly credit the reporter(s) when
-we announce the patch. We will always move swiftly to mitigate or fix an 
-externally-reported flaw and will publicly announce the fix once patches are 
-available to users.</p>
-
+we provide the patch. We will always move swiftly to mitigate or fix an
+externally-reported flaw and provide updates to users. </p>
 
-<a name="informed" id="informed"></a><h2>How can I stay informed of Android
-security announcements?</h2>
 
-<p>An important part of sustainably securing a platform, such as, Android is
-keeping the user and security community informed of bugs and fixes. We will
-publicly announce security bugs when the fixes are available via postings to
-the <a
-href="http://groups.google.com/group/android-security-announce">android-security-announce</a>
-group on Google Groups. You can subscribe to this group as you would a mailing
-list and view the archives here.</p>
+<a name="informed" id="informed"></a><h2>How can I stay informed about Android security?</h2>
 
-<p>For more general discussion of Android platform security, or how to use
+<p>For general discussion of Android platform security, or how to use
 security features in your Android application, please subscribe to <a
 href="http://groups.google.com/group/android-security-discuss">android-security-discuss</a>.
 </p>
 
 
 <a name="use" id="use"></a><h2>How do I securely use my Android phone?</h2>
 
-<p>As an open platform, Android allows users to load software from any
-developer onto a device.  As with a home PC, the user must be
+<p>Android was designed so that you can safely use your phone without making
+any changes to the device or installing any special software.  Android applications
+run in an Application Sandbox that limits access to sensitive information or data
+with the users permission.</p>
+
+<p>To fully benefit from the security protections in Android, it is important that
+users only download and install software from known sources.</p>
+
+<p>As an open platform, Android allows users to visit any website and load
+software from any developer onto a device. As with a home PC, the user must be
 aware of who is providing the software they are downloading and must decide
 whether they want to grant the application the capabilities it requests.
 This decision can be informed by the user's judgment of the software
 developer's trustworthiness, and where the software came from.</p>
 
-<p>Despite the security protections in Android, it is important
-for users to only download and install software from developers they trust.
-More details on how Android users can make smart security decisions will be
-released when consumer devices become available.</p>
-
 
 <a name="malware" id="malware"></a><h2>I think I found malicious software being
 distributed for Android. How can I help?</h2>
 
-<p>Like any other open platform, it will be possible for unethical developers
+<p>Like any other platform, it will be possible for unethical developers
 to create malicious software, known as <a
 href="http://en.wikipedia.org/wiki/Malware">malware</a>, for Android. If you
-think somebody is trying to spread malware, please let us know at <a 
+think somebody is trying to spread malware, please let us know at <a
 href="mailto:security@android.com">security@android.com</a>. Please include as
 much detail about the application as possible, with the location it is
 being distributed from and why you suspect it of being malicious software.</p>
 
-<p>The term <i>malicious software</i> is subjective, and we cannot make an 
+<p>The term <i>malicious software</i> is subjective, and we cannot make an
 exhaustive definition.  Some examples of what the Android Security Team believes
 to be malicious software is any application that:
 <ul>
-    <li>drains the device's battery very quickly;</li>
+    <li>uses a bug or security vulnerability to gain permissions that have not
+    been granted by the user</li>
     <li>shows the user unsolicited messages (especially messages urging the
     user to buy something);</li>
     <li>resists (or attempts to resist) the user's effort to uninstall it;</li>
@@ -122,35 +121,32 @@ to be malicious software is any application that:
 </p>
 
 
-<a name="fixes" id="fixes"></a><h2>How will Android-powered devices receive security
+<a name="fixes" id="fixes"></a><h2>How do Android-powered devices receive security
 fixes?</h2>
 
 <p>The manufacturer of each device is responsible for distributing software
 upgrades for it, including security fixes. Many devices will update themselves
 automatically with software downloaded "over the air", while some devices
 require the user to upgrade them manually.</p>
 
-<p>When Android-powered devices are publicly available, this FAQ will provide links how
-Open Handset Alliance members release updates.</p>
+<p>Google provides software updates for a number of Android devices, including
+the <a href="http://www.google.com/nexus">Nexus</a>
+series of devices, using an "over the air" (OTA) update. These updates may include
+security fixes as well as new features.</p>
 
 <a name="directfix" id="directfix"></a><h2>Can I get a fix directly from the
 Android Platform Project?</h2>
 
-<p>Android is a mobile platform that will be released as open source and
-available for free use by anybody. This means that there will be many
-Android-based products available to consumers, and most of them will be created
+<p>Android is a mobile platform that is released as open source and
+available for free use by anybody. This means that there are many
+Android-based products available to consumers, and most of them are created
 without the knowledge or participation of the Android Open Source Project. Like
 the maintainers of other open source projects, we cannot build and release
 patches for the entire ecosystem of products using Android. Instead, we will
 work diligently to find and fix flaws as quickly as possible and to distribute
-those fixes to the manufacturers of the products.</p>
-
-<p>In addition, We will add security fixes to the open source distribution of
-Android and publicly announce the changes on <a 
-href="http://groups.google.com/group/android-security-announce">android-security-announce</a>.
-</p>
+those fixes to the manufacturers of the products through the open source project.</p>
 
-<p>If you are making an Android-powered device and would like to know how you can 
+<p>If you are making an Android-powered device and would like to know how you can
 properly support your customers by keeping abreast of software updates, please
 contact us at <a
 href="mailto:info@openhandsetalliance.com">info@openhandsetalliance.com</a>.</p>