Android 16 focuses on security: new mode for blocking USB devices

With Android 16 Google continues its path towards greater protection of the most demanding users (or more at risk) by introducing a particularly interesting novelty: one new mode that disable access to USB data when the device is blocked. Let’s see in detail what it is, how it will work and why it could prove to be a crucial function for many users.

Greater safety against physical attacks via USB with Android 16

As often happens when it comes to security, the problem arises from a scenario that many underestimate but which, unfortunately, is far from theoretical: if an Android smartphone is lost or confiscated, nothing prohibits an attacker to connect a USB device (like a key or a keyboard) to try to extract sensitive data or even bypass the lock screen. Just to prevent these attacks, Android 16 It will introduce an optional function that blocks access to USB devices when the phone is in block.

How does it work precisely? The new advanced protection mode, when activated, will prevent the system from recognizing new USB devices inserted on the telephone blocked; In order to use them, it will be necessary to manually unlock the device and reintegrate the gadget. Otherwise, Android will not allow in any way the data transfer, while it will continue to allow only the battery recharging (exactly as it already happens in a USB charge only).

It might seem an excessive measure but the recent documented cases demonstrate how it is instead a necessary precaution, not later than a few months ago, the AMNESTY INTERNATIONAL Security Lab has in fact discovered a Zero-Day Exploit relating to USB drivers, used to violate the phone of an activist student in Serbia; It is therefore not a theoretical threat, but a real problem against which it is good to be able to defend itself.

USB peripherals, such as keyboards or other apparently harmless accessories, can be used to perform attacks of brute force or to inject malicious code through not yet correct vulnerability; blocking preventive access therefore represents a very effective defense measure.

There are actually two main approaches to block USB data on a mobile device:

• hardware levelphysically interrupting the USB data lines (in this case, the recharge remains active but every type of peripheral, from keyboards to flash units, is completely disabled)
  
• at software levelby blocking access to peripherals through the operating system and disabling high -level USB support
  

According to what emerged, Android 16 will use the software approach based on the API already introduced to the time of Android 12 (and subsequently improved in Android 15) which allows you to disable the USB data report during blocking the screen.

This new USB protection is only one of the many pieces that make up the Advanced protection methods of Android 16

• Disabling of Sideloading of applications (to prevent external apk installations)
  
• 2G connections blockmore vulnerable to interceptions
  
• MTE qualification (Memory Tagging Extension) For extra protection of compatible applications
  
• Wi-Fi WEP Networks Blocknow obsolete and easily attacked
  

Furthermore, If you try to connect a USB device while the phone is blocked, Android will send a notification of “suspect USB activities”notifying the user of the need to manually unlock the device to proceed.

https://www.youtube.com/watch?v=w-cgdr4orvy

At the moment, Google has not yet implemented a clear and intuitive option to activate the advanced protection mode in the system settings, however as you can see from the video above, during the tests on Android 16 Beta 4 Mishaal Rahman managed to enable it manually, confirming the correct functioning of the new USB protection.

We therefore hope that, at the official release of Android 16, Google makes this option easily accessible to all users who want additional protection, perhaps integrating it more visiblely within the safety settings.