The latest news and insights from Google on security and safety on the Internet.
1k followers 2 articles/week
Pixel's Proactive Approach to Security: Addressing Vulnerabilities in Cellular Modems

Posted by Sherk Chung, Stephan Chen, Pixel team, and Roger Piqueras Jover, Ivan Lozano, Android team Pixel phones have earned a well-deserved reputation for being security-conscious. In this blog, we'll take a peek under the hood to see how Pixel mitigates common exploits on cellular basebands. Smartphones have become an integral part...

Thu Oct 3, 2024 20:01
Evaluating Mitigations & Vulnerabilities in Chrome

Posted by Alex Gough, Chrome Security Team The Chrome Security Team is constantly striving to make it safer to browse the web. We invest in mechanisms to make classes of security bugs impossible, mitigations that make it more difficult to exploit a security bug, and sandboxing to reduce the capability exposed by an isolated security issue. When...

Thu Oct 3, 2024 20:01
Eliminating Memory Safety Vulnerabilities at the Source

Posted by Jeff Vander Stoep - Android team, and Alex Rebert - Security Foundations Memory safety vulnerabilities remain a pervasive threat to software security. At Google, we believe the path to eliminating this class of vulnerabilities at scale and building high-assurance software lies in Safe Coding, a secure-by-design approach that prioritizes...

Sat Sep 28, 2024 16:47
Google & Arm - Raising The Bar on GPU Security

Posted by Xuan Xing, Eugene Rodionov, Jon Bottarini, Adam Bacchus - Android Red Team; Amit Chaudhary, Lyndon Fawcett, Joseph Artgole - Arm Product Security Team Who cares about GPUs? You, me, and the entire ecosystem! GPUs (graphics processing units) are critical in delivering rich visual experiences on mobile devices. However, the...

Sat Sep 28, 2024 16:47
A new path for Kyber on the web

Posted by David Adrian, David Benjamin, Bob Beck & Devon O'Brien, Chrome Team We previously posted about experimenting with a hybrid post-quantum key exchange, and enabling it for 100% of Chrome Desktop clients. The hybrid key exchange used both the pre-quantum X25519 algorithm, and the new post-quantum algorithm Kyber. At the time, the...

Sat Sep 14, 2024 15:33
Deploying Rust in Existing Firmware Codebases

Posted by Ivan Lozano and Dominik Maier, Android Team Android's use of safe-by-design principles drives our adoption of memory-safe languages like Rust, making exploitation of the OS increasingly difficult with every release. To provide a secure foundation, we’re extending hardening and the use of memory-safe languages to low-level firmware (including...

Wed Sep 4, 2024 19:20

Build your own newsfeed

Ready to give it a go?
Start a 14-day trial, no credit card required.

Create account