Google has a new breakthrough to show why Android is better than iOS devices

“Firmware hardening” is on the way to boost Android security

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Googlehas begun work on makingAndroidmore secure at the firmware level, targeting processors on systems-on-a-chip (SoCs) that target dedicated tasks such as mobile phone functionality, media playback and encoding, and Wi-Fi connectivity.

PerBleepingComputer, the tech giant is starting to take notice of the fact that, “over the last decade”, firmware vulnerabilities on secondary processors have been become high-priority targets forsecurity researchersandacademic papersin the field of computer science.

Wi-Fi and Cellular module exploits are especially of concern, given that they allow for remote code execution (RCE)

TechRadar Pro needs you!

We want to build a better website for our readers, and we need your help! You can do your bit by filling outour surveyand telling us your opinions and views about the tech industry in 2023. It will only take a few minutes and all your answers will be anonymous and confidential. Thank you again for helping us make TechRadar Pro even better.

D. Athow, Managing Editor

Android firmware security

Google is planning to explore a variety of protection mechanisms with its “Android ecosystem” partners. These include compiler-based sanitizers, likeBoundSanandIntSan, which catch memory-based flaws and crashes that often occur during code compilation.

There are also exploit mitigations, like Control Flow Integrity (CFI), Kernel Control Flow Integrity (kCFI),ShadowCallStack, as well asStack Canaries, which work towards protecting values from buffer overflow attacks at the compilation stage.

Google says Rust is the key to cutting Android vulnerabilities>Google’s security team says companies need to get better at patching Android>We’ve also listed the best secure smartphones right now

Buffer overflows will also, in addition to null pointer dereferences and user-after-free attacks, will also be guarded against by a raft of memory safety features. To this end, Google have mulled over aZero Initialized Memoryprinciple, citing uninitialized memory in C and C++ environments as a common cause of reliability issues.

As BleepingComputer have noted, tackling problems across different parts of a processor could have an adverse effect on system performance, but Google believes that, with optimization, it can mitigate the impacts of its efforts.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Luke Hughes holds the role of Staff Writer at TechRadar Pro, producing news, features and deals content across topics ranging from computing to cloud services, cybersecurity, data privacy and business software.

TP-Link Archer BE3600 Wi-Fi 7 Router review

Ulefone Armor Pad 3 Pro rugged tablet review

Red One isn’t perfect but it proves we need more action-packed Christmas movies