NSA: Building a More Secure Android #Linuxcon

It’s no secret that Google’s Android mobile operating system has had its share of security flaws. But what is less well-known is that the U.S. government’s National Security Agency (NSA) is among the teams working to improve Android security. The NSA is no stranger to the world of Linux and open source security. In 2004, the NSA began to work on something known as SELinux (Security-Enhanced Linux). SELinux provides mandatory access control and granular application level controls to Linux. SELinux is now baked into Linux and is a key component of its overall enhanced security. The NSA’s SE (Security-Enhanced) Android project is an attempt to extend that same approach to Android phones. SE Android was launched by the NSA to address what they perceive as critical gaps in the security of Android.