Google has unveiled the security measures implemented in its latest Pixel devices to combat the increasing threat of baseband security attacks.
The cellular baseband, also known as modem, manages all connectivity like LTE, 4G, and 5G with cell towers over a radio interface.
“This operations involves processing external inputs that could come from untrusted sources,” mentioned Sherk Chung, Stephan Chen, Roger Piqueras Jover, and Ivan Lozano in a blog post shared with The Hacker News.
The firmware of the cellular baseband could be prone to bugs and errors that, if exploited, could compromise device security, particularly leading to remote code execution.
In a presentation at Black Hat USA, Google engineers described the modem as a crucial smartphone component with access to sensitive data and remote accessibility through radio technologies.
In an Amnesty International research, a tool called Triton was found to exploit vulnerabilities in Exynos baseband software used in Samsung devices for targeted attacks.
Google has introduced a new security feature in Android 14 to deactivate support for 2G networks in managed devices and is utilizing Clang sanitizers to bolster the security of the cellular baseband.
The company is collaborating with partners to alert Android users about unencrypted network connections and potential surveillance tools recording their location using device identifiers.
Additional defenses in the new Pixel 9 lineup include stack canaries, control-flow integrity (CFI), and auto-initialization of stack variables to prevent data leakage and unauthorized code execution.