all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Hardening cellular basebands in Android

Add to bookmarks
Dec. 12, 2023, 5 p.m. | Edward Fernandez (noreply@blogger.com)

Google Online Security Blog security.googleblog.com

Posted by Ivan Lozano and Roger Piqueras Jover


Android’s defense-in-depth strategy applies not only to the Android OS running on the Application Processor (AP) but also the firmware that runs on devices. We particularly prioritize hardening the cellular baseband given its unique combination of running in an elevated privilege and parsing untrusted inputs that are remotely delivered into the device.



This post covers how to use two high-value sanitizers which can prevent specific classes of vulnerabilities found within the baseband. …

android android security application baseband cellular defense devices firmware hardening inputs parsing prioritize privilege processor roger running strategy untrusted

Visit resource

More from security.googleblog.com / Google Online Security Blog

Prevent Generative AI Data Leaks with Chrome Enterprise DLP 1 week, 2 days ago | security.googleblog.com
ai data businesses can chrome +23
How we built the new Find My Device network with user security and privacy in … 2 weeks, 5 days ago | security.googleblog.com
android android security crowdsourced data +13
Google Public DNS’s approach to fight against cache poisoning attacks 4 weeks, 2 days ago | security.googleblog.com
addresses attacks cache cache poisoning +21
Address Sanitizer for Bare-metal Firmware 1 month ago | security.googleblog.com
address android android security area +12
Real-time, privacy-preserving URL protection 1 month, 1 week ago | security.googleblog.com
alex amp attackers browsing +20
Vulnerability Reward Program: 2023 Year in Review 1 month, 2 weeks ago | security.googleblog.com
10 million address android security bug +21
Secure by Design: Google’s Perspective on Memory Safety 1 month, 3 weeks ago | security.googleblog.com
Piloting new ways of protecting Android users from financial fraud 2 months, 3 weeks ago | security.googleblog.com
android android security android users apps +19
Improving Interoperability Between Rust and C++ 2 months, 3 weeks ago | security.googleblog.com
amp android announcement back +13

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Associate Compliance Advisor

@ SAP | Budapest, HU, 1031
View on infosec-jobs.com

DevSecOps Engineer

@ Qube Research & Technologies | London
View on infosec-jobs.com

Software Engineer, Security

@ Render | San Francisco, CA or Remote (USA & Canada)
View on infosec-jobs.com

Associate Consultant

@ Control Risks | Frankfurt, Hessen, Germany
View on infosec-jobs.com

Senior Security Engineer

@ Activision Blizzard | Work from Home - CA
View on infosec-jobs.com
View more jobs