Edward Fernandez

Vulnerability Reward Program: 2023 Year in Review

Posted by Sarah Jacobus, Vulnerability Rewards Team


Last year, we again witnessed the power of community-driven security efforts as researchers from around the world contributed to help us identify and address thousands of vulnerabilities in our prod...
Google

Improving Interoperability Between Rust and C++

Posted by Lars Bergstrom – Director, Android Platform Tools & Libraries and Chair of the Rust Foundation Board


Back in 2021, we announced that Google was joining the Rust Foundation. At the time, Rust was already in wide use across Android and ot...
Google

Hardening cellular basebands in Android

Posted by Ivan Lozano and Roger Piqueras Jover


Android’s defense-in-depth strategy applies not only to the Android OS running on the Application Processor (AP) but also the firmware that runs on devices. We particularly prioritize hardening the cellu...
Google

Evolving the App Defense Alliance

Posted by Nataliya Stanetsky, Android Security and Privacy Team


The App Defense Alliance (ADA), an industry-leading collaboration launched by Google in 2019 dedicated to ensuring the safety of the app ecosystem, is taking a major step forward. We are...
Google

Qualified certificates with qualified risks

Posted by Chrome Security team


Improving the interoperability of web services is an important and worthy goal. We believe that it should be easier for people to maintain and control their digital identities. And we appreciate that policymakers workin...
Google

Bare-metal Rust in Android

Posted by Andrew Walbran, Android Rust Team



Last year we wrote about how moving native code in Android from C++ to Rust has resulted in fewer security vulnerabilities. Most of the components we mentioned then were system services in userspace (runni...
Google

Scaling Rust Adoption Through Training

Posted by Martin Geisler, Android team



Android 14 is the third major Android release with Rust support. We are already seeing a number of benefits:



Productivity: Developers quickly feel productive writing Rust. They report important indicators of...
Google