The release of version 2.3 of Android, dubbed ‘Gingerbread’ by Google, was officially announced yesterday. The latest Android version contains several functional and security improvements over the previous version, 2.2, known as FroYo.
The updated Android operating system was announced by Andy Rubin, Google VP of engineering, on the company’s official blog. Samsung’s Nexus S will be the first device to ship with the updated Android OS.
“Gingerbread is the fastest version of Android yet, and it delivers a number of improvements, such as user interface refinements, NFC support, a new keyboard and text selection tool, Internet (VoIP/SIP) calling, improved copy/paste functionality and gyroscope sensor support”, Rubin wrote in the blog post.
Among the user interface refinements included in the Android release is the ability for app developers to enable touch filtering, which would, according to Google, help prevent clickjacking.
“Sometimes it is essential that an application be able to verify that an action is being performed with the full knowledge and consent of the user, such as granting a permission request, making a purchase or clicking on an advertisement” noted Google in the Android developer’s reference on the release. “Unfortunately, a malicious application could try to spoof the user into performing these actions, unaware, by concealing the intended purpose of the view.”
Google said the new Android release allows developers to enable a “touch filtering mechanism that can be used to improve the security of views that provide access to sensitive functionality”. This will, presumably, decrease the likelihood of clickjacking, provided the Android app developer has enabled the feature, Infosecurity notes.
Google said that, when enabled on Android 2.3 devices, the touch filtering “will discard touches that are received whenever the view's window is obscured by another visible window. As a result, the view will not receive touches whenever a toast, dialog or other window appears above the view's window.”