Enhanced USB Security Measures Introduced in Android 16

Android 16 is set to introduce significant improvements in security, particularly focusing on safeguarding smartphones against potential USB port attacks.

One of the notable features discovered in the Android 16 Beta 4 version is an optional security enhancement aimed at preventing targeted attacks on locked smartphones through the USB interface. This feature is particularly relevant for users such as journalists and activists, who often store sensitive information on their devices and may be at higher risk of hacking attempts.

The upgraded security function effectively blocks malicious entities from connecting USB peripherals, such as keyboards, to locked smartphones. This measure is crucial for thwarting brute-force attacks intended to bypass security locks. The relevance of this feature is underscored by a recent incident reported by Amnesty International's Security Lab, which documented a zero-day USB driver vulnerability exploited to compromise the Android smartphone of an activist in Serbia.

Demonstrations of the new security feature indicate that when activated, users cannot connect peripherals like keyboards until the smartphone is unlocked. A notification will inform users that an external keyboard can only be connected once the device is accessed.

While this security feature is still pending official release, it is anticipated to be included in the upcoming version of Android 16. However, it remains uncertain whether it will be available in the initial launch scheduled for June or introduced in a subsequent update.

It is essential to clarify that the newly discovered functionality does not address the well-known issue of 'juice jacking,' where attackers attempt to install malware via USB ports. Both Android and iOS devices have long implemented protective measures against this threat, requiring user permission for any connected device to access smartphone data.