Google Pixel Security: New Features For Enhanced Protection
Google Pixel security was becoming a key concern due to the increasing threat of baseband attacks. In light of such attacks, Google has revealed multiple security guardrails to keep Pixel devices from being compromised. In this article, we’ll dive into the details of the updated Google Pixel security and uncover how such attacks play out. Let’s begin!
Understanding Baseband Attacks
The mobile baseband, also referred to as a modem, is the processor on the device responsible for ensuring different forms of connectivity. These include LTE, 4G, and 5G protocols connected to a cell tower or base station via a radio interface. Sharing valuable insights, experts from the Pixel and Android teams have stated that:
“This function inherently involves processing external inputs, which may originate from untrusted sources. For instance, malicious actors can employ false base stations to inject fabricated or manipulated network packets. In certain protocols like IMS (IP Multimedia Subsystem), this can be executed remotely from any global location using an IMS client.”
In addition, Google security experts have mentioned that the cellular baseband is a core component of the device and that it has access to sensitive data. The firmware used for powering the baseband can also be vulnerable to bugs and, if exploited, could compromise the security of the entire devices and lead to remote code execution.
It’s worth mentioning that the based component is also remotely accessible and threats to it are not based on theories or assumptions.
Baseband Security Attacks Detailed
In October 2023, research found that a malicious tool named Triton was exploiting vulnerabilities in the Exynos baseband software used in Samsung devices. The purpose of those exploits was to deliver spyware in line with highly targeted attacks.
Attacks aimed at exploiting the baseband aim to initiate downgrade exploits. This forces the device to connect to a 2G network through a cell site simulator. Once the target device is connected a 2G base station transceiver (BTS) is used for distributing the payload.
Google Pixel Security Updates
To improve Google Pixel security, a new Android 14 feature has been introduced. The feature allows IT administrators to turn off 2G networks in their managed devices. Further upgrades for Google Pixel security are also under development. Among such upgrades is a new initiative that issues alerts to users:
- if a cellular network is unencrypted.
- If a malicious cellular base station or surveillance tools is recording their location.
Other defense methods implemented to improve Google Pixel security include stack canaries and control-flow integrity (CFI). Providing details on the protocols, the Google stated that:
“If a hacker tries to exploit a vulnerability in the stack to change the flow of execution without being mindful of the canary, the canary “trips,” alerting the system to a potential attack. Similar to stack canaries, CFI makes sure code execution is constrained along a limited number of paths.”
Conclusion
Google has significantly strengthened Pixel device security to counter rising baseband attack threats. The Google Pixel security upgrades include new features like 2G network blocking, stack canaries, and control-flow integrity (CFI). These features ensure that users are better protected from malicious exploits and ensure enhanced security for their sensitive data and overall device safety.
The sources for this piece include articles in The Hacker News and Security Affairs.