Hardening cellular basebands in Android | allinfosecnews.com

Dec. 12, 2023, 5 p.m. | Edward Fernandez (noreply@blogger.com)

Google Online Security Blog security.googleblog.com

Posted by Ivan Lozano and Roger Piqueras Jover

Android’s defense-in-depth strategy applies not only to the Android OS running on the Application Processor (AP) but also the firmware that runs on devices. We particularly prioritize hardening the cellular baseband given its unique combination of running in an elevated privilege and parsing untrusted inputs that are remotely delivered into the device.

This post covers how to use two high-value sanitizers which can prevent specific classes of vulnerabilities found within the baseband. …

android android security application baseband cellular defense devices firmware hardening inputs parsing prioritize privilege processor roger running strategy untrusted

More from security.googleblog.com / Google Online Security Blog

I/O 2024: What’s new in Android security and privacy 2 weeks, 3 days ago | security.googleblog.com

android android security bad bad actors +11

Google and Apple deliver support for unwanted tracking alerts in Android and iOS 2 weeks, 5 days ago | security.googleblog.com

alert alerts android apple +11

Your Google Account allows you to create passkeys on your phone, computer and security keys 4 weeks, 2 days ago | security.googleblog.com

account accounts apps brand +18

Detecting browser data theft using Windows Event Logs 1 month ago | security.googleblog.com

application attackers browser can +25

How we fought bad apps and bad actors in 2023 1 month ago | security.googleblog.com

android android security apps bad +18

Accelerating incident response using generative AI 1 month ago | security.googleblog.com

automation block diana discover +21

Uncovering potential threats to your web application by leveraging security reports 1 month, 1 week ago | security.googleblog.com

api apis application browsers +15

Prevent Generative AI Data Leaks with Chrome Enterprise DLP 1 month, 2 weeks ago | security.googleblog.com

ai data businesses can chrome +23

How we built the new Find My Device network with user security and privacy in … 1 month, 3 weeks ago | security.googleblog.com

android android security crowdsourced data +13

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia

View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)

View on infosec-jobs.com