Google takes your security seriously. Yeah, everyone says that and usually after a massive data breach. However, while it is popular to knock Google, I won’t join in regarding the security teams working hard behind the scenes to keep you and your data safe. A great example is a newly published technical report by the Android team responsible for protecting Pixel smartphone users. Don’t be put off by the fact that it looks at ways Pixel 9 series phones mitigate exploits on cellular basebands; that actually makes it exciting and essential. The cellular modem in your smartphone is, after all, the thing that lets you make calls and it’s something that hackers are very interested in compromising, for apparent reasons.
Google Takes A Proactive Approach To Pixel 9 Security
The October 3 Google Security Blog posting, Pixel’s Proactive Approach to Security: Addressing Vulnerabilities in Cellular Modems, goes under the hood of the smartphone and the Android operating system it runs on to explain just how common exploits are mitigated.
The Android security experts are 100% correct when they say that very few smartphone users give much thought to the highly-complex software that powers them, after all, why should they? As long as it works, that’s all that matters, right? Well, sort of. When it comes to the cellular baseband, that’s the processor responsible for letting us communicate via LTE, 4G and 5G, making it secure without impacting upon performance is vital. Not least as hackers are always evolving with new exploits that can compromise this exact area of our mobile devices.
We should all spare a moment to think about the teams that deploy security hardening mitigations to these basebands; in the case of Pixel phones, the series 9 range “represents the most hardened baseband we’ve shipped yet’” the Android security team said.
The Critical Cellular Baseband Risks Facing Pixel 9 Smartphone Users
OK, so with the understanding that the baseband manages there smartphone connectivity to cellular networks, and this means processing external inputs that have every chance of being from an untrusted source, what are the kind of security risks Pixel 9 users are facing?
The examples given by the Google security blog authors include the use of fake or cloned base stations being used to inject manipulated network packets that could be executed remotely from almost any geographical location. Then there are the coding vulnerabilities, errors and bugs, which can impact the baseband firmware like any other software. When it comes to your smartphone, though, these “pose a significant concern due to the heightened exposure of this component within the device’s attack surface.”Exploiting such vulnerabilities can give an attacker the ability to enable a remote code execution which is why they are often regarded as being highly-critical in nature.
“There are clear indications that exploit vendors and cyber-espionage firms abuse these vulnerabilities to breach the privacy of individuals without their consent,” the researchers warned, “for example, 0-day exploits in the cellular baseband are being used to deploy the Predator malware in smartphones.”
Proactive Exploit Mitigations In Pixel 9 Modems
Responding to an increase in the number of attacks against cellular baseband security of smartphones, Google has “incrementally incorporated” proactive mitigations with the current Pixel 9, Pixel 9 Pro, Pixel 9 Pro XL and Pixel 9 Pro Fold now including the following features:
- Bounds Sanitizer to automatically adds checks around a specific subset of memory accesses to ensure that code does not access memory outside of designated areas and prevent buffer overflow exploits.
- Integer Overflow Sanitizer does the same as above but in relation to integers, or numbers, being too large or too small and enabling an overflow exploit.
- Stack Canaries can be thought of as tripwires that detects if hackers are attempting to execute code in the wrong order to exploit a vulnerability.
- Control Flow Integrity works in a similar fashion as the canaries but constrains code execution to specific pathways.
- Auto-Initialize Stack Variables prevents leaks of sensitive data by initializing stack variables to zero. This can also prevent an attacker from manipulating stack variables to gain code execution.
If you’ve come this far but still need a TL;DR, then here’s how the Android security team sum things up:
“Pixel’s proactive approach to security demonstrates a commitment to protecting its users across the entire software stack. Hardening the cellular baseband against remote attacks is just one example of how Pixel is constantly working to stay ahead of the curve when it comes to security.”