"The new Rust-based DNS parser significantly reduces our security risk by mitigating an entire class of vulnerabilities in a risky area, while also laying the foundation for broader adoption of memory-safe code in other areas."
"Google said it opted for the DNS protocol for its Rust implementation owing to the fact that it underpins modern cellular communications and that vulnerabilities in the system can expose users to malicious attacks when designed in a memory-unsafe language."
Google has integrated a Rust-based Domain Name System (DNS) parser into the modem firmware of Pixel devices to enhance security. This integration significantly reduces security risks by addressing vulnerabilities in memory-unsafe code. The Rust implementation is available for Pixel 10 devices, marking a significant step in adopting memory-safe languages. This initiative is part of broader efforts to secure cellular baseband modems against exploitation, including measures against 2G exploits and memory-safety vulnerabilities. The adoption of Rust has led to a decrease in memory safety vulnerabilities in Android.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]