Authority Adamya Sharma / Android
Tl; DR
- Google works on an intrusion detection system for Android, according to disassembly of the Play Services application.
- The system will collect a journal of your device / network activities that can be accessible if you notice a suspicious activity on your account or your devices.
- Google’s code suggests that this newspaper is encrypted from start to finish and can only be accessible with the password of your Google account and the authentication of the device.
Security seems to be a major objective for the next version of Android 16. The company is working on an advanced protection mode, but it also seems that another major security feature is in progress.
A APK decay Help predict the features that can happen on a service in the future depending on the current labor code. However, these predicted features may not be public release.
We have sift through a beta version of the Google Play Services application (version 25.18.31) and discovered many chains linked to a so-called intrusion detection system. This is not the first time that we have seen this feature name appear, but these new channels have given us an idea of what to expect. Check them below.
Code
Device protection helps keep your device and data safe, but there are some things to know about turning on the protections.
Only the primary user can change this setting
Your activity logs will be stored in a private and encrypted Google Drive. This logs can be used for forensic analysis in cases of suspicious activity.
Intrusion detection
You are agreeing to E2EE log collection, such events as USB events, network info such as browsing history, app installs, Bluetooth connections, lockscreen info, and wifi. Only you are able to decrypt this data with your account password and device lock screen.
Log collection
This Google Account will be used to encrypt your logs. Be sure you are selecting the right account.
Google Account
Activate Intrusion Detection
Setup Advanced Protection The intrusion detection function effectively retains a private and encrypted newspaper of system and network activities which can be analyzed by users in the event of suspicious activity. The activities collected as part of this journal include USB events, application installations, Bluetooth connections, lock screen information, Wi-Fi and navigation history.
Some of these activities are very sensitive. After all, you don’t want your navigation story falling into bad hands. However, the channels also note that this newspaper is encrypted from start to finish and stored on a “private and encrypted” Google Drive. Another channel adds that you alone can decipher the newspaper via the password screen from your Google account and device locking.
We have already seen chains related to this feature in Android 16, suggesting that it could not yet come to the old versions of Android. The final intrusion detection chain also mentions the Advanced Protection mode of Android 16. This suggests that intrusion detection is part of Android 16 and its advanced protection mode.
Nevertheless, it looks like an intriguing idea, and we assume that the newspaper could also make life easier if you work in a sensitive field or if you are just worried that your device is hacked.
