Stronger protection
from unsecure traffic
Speaking of network security, Android P pushes forward with
Google's effort to move away from unencrypted "http" web
traffic and toward fully secure web transmissions.
P actually takes what Oreo started in that department and
turns it up a notch (so to speak): With Oreo, Google
introduced a new system in which app developers could
choose to prevent unencrypted network traffic — commonly
known as "cleartext" — from appearing in their apps. As of P,
that system is fully active and running by default
default.
Developers can still opt to allow unencrypted network traffic
on a case-by-case
case basis by white listing specific domains as
needed. And the change will only affect apps that have been
updated to support Android P, so older apps that aren't
regularly maintained
ained will continue to function without issue.
Better protection of
your unique device
identifier
Network connections aside, every Android device has a
permanent and unique identifier known as a "build. Serial
identifier" — basically a serial number that belongs to your
phone and your phone alone. It remains present even through
factory resets, so if you sell your device to someone, he or
she will then have
ve that same number.
It may seem trivial, but it's just one more way companies
could track you and learn about you without your knowledge
— especially when you consider that in the past, apps were
able to freely access and store that number. With Oreo,
Google
gle started the process of pulling back that ability — and
with Android P, it's fully removing the ability for apps to
access your device identifier without first getting permission.
11