Android P, the next major version of the Android operating system, will block idle (background) applications from accessing a smartphone's camera or microphone.
Both of these changes were approved and merged into the Android source code on Monday [1, 2].
If a UID is idle (being in the background for more than cartain amount of time) it should not be able to use the camera. If the UID becomes idle we generate an eror and close the cameras for this UID. If an app in an idle UID tries to use the camera we immediately generate an error. Since apps already should handle these errors it is safe to apply this policy to all apps to protect user privacy.
If a UID is in an idle state we don't allow recording to protect user's privacy. If the UID is in an idle state we allow recording but report empty data (all zeros in the byte array) and once the process goes in an active state we report the real mic data. This avoids the race between the app being notified aboout its lifecycle and the audio system being notified about the state of a UID.
Imposing limitations on the ability to access the camera and microphone by an unfocused background app was more than necessary.
Capabilities previously abused by malware authors
Most of today's malware and commercial spyware products are abusing these two features to take images of victims' surroundings or record nearby conversations.
Features like these aren't new but have been found in malware for four-five years. It's a mystery why the Android Open Source Project (AOSP) took so long to implement them in the first place.
Users and developers will be able to test Android P in May this year. Google is expected to release the first builds after its Google I/O yearly conference. Beta builds are expected over the summer, while the stable version is expected towards the end of August, start of September.