Posted by Jeff Vander Stoep – Android team, and Alex Rebert – Security Foundations Memory safety vulnerabilities remain a pervasive threat to software security. At Google, we believe the path to eliminating this class of vulnerabilities at scale and building…
Category: Google Online Security Blog
Eliminating Memory Safety Vulnerabilities at the Source
Posted by Jeff Vander Stoep – Android team, and Alex Rebert – Security Foundations Memory safety vulnerabilities remain a pervasive threat to software security. At Google, we believe the path to eliminating this class of vulnerabilities at scale and building…
A new path for Kyber on the web
Posted by David Adrian, David Benjamin, Bob Beck & Devon O’Brien, Chrome Team We previously posted about experimenting with a hybrid post-quantum key exchange, and enabling it for 100% of Chrome Desktop clients. The hybrid key exchange used both the…
Deploying Rust in Existing Firmware Codebases
< p style=”text-align: left;”>Posted by Ivan Lozano and Dominik Maier, Android Team Android’s use of safe-by-design principles drives our adoption of memory-safe languages like Rust, making exploitation of the OS increasingly difficult with every release. To provide a secure foundation,…
Virtual Escape; Real Reward: Introducing Google’s kvmCTF
Marios Pomonis, Software Engineer < div> Google is committed to enhancing the security of open-source technologies, especially those that make up the foundation for many of our products, like Linux and KVM. To this end we are excited to announce…
Sustaining Digital Certificate Security – Entrust Certificate Distrust
Posted by Chrome Root Program, Chrome Security Team The Chrome Security Team prioritizes the security and privacy of Chrome’s users, and we are unwilling to compromise on these values. The Chrome Root Program Policy states that CA certificates included in…
Staying Safe with Chrome Extensions
Posted by Benjamin Ackerman, Anunoy Ghosh and David Warren, Chrome Security Team Chrome extensions can boost your browsing, empowering you to do anything from customizing the look of sites to providing personalized advice when you’re planning a vacation. But as…
Time to challenge yourself in the 2024 Google CTF
Hlynur Gudmundsson, Software Engineer < div> It’s Google CTF time! Install your tools, commit your scripts, and clear your schedule. The competition kicks off on June 21 2024 6:00 PM UTC and runs through June 23 2024 6:00 PM UTC.…
I/O 2024: What’s new in Android security and privacy
Posted by Dave Kleidermacher, VP Engineering, Android Security and Privacy Our commitment to user safety is a top priority for Android. We’ve been consistently working to stay ahead of the world’s scammers, fraudsters and bad actors. And as their tactics…
Google and Apple deliver support for unwanted tracking alerts in Android and iOS
Google and Apple have worked together to create an industry specification – Detecting Unwanted Location Trackers – for Bluetooth tracking devices that makes it possible to alert users across both Android and iOS if such a device is unknowingly being…