google online security

Real-time, privacy-preserving URL protection

Posted by Jasika Bawa, Xinghui Lu, Google Chrome Security & Jonathan Li, Alex Wozniak, Google Safe Browsing

For more than 15 years, Google Safe Browsing has been protecting users from phishing, malware, unwanted software and more, by identifying ...

Vulnerability Reward Program: 2023 Year in Review

Posted by Sarah Jacobus, Vulnerability Rewards Team

Last year, we again witnessed the power of community-driven security efforts as researchers from around the world contributed to help us identify and address thousands of vulnerabilities in our prod...

Improving Interoperability Between Rust and C++

Posted by Lars Bergstrom – Director, Android Platform Tools & Libraries and Chair of the Rust Foundation Board

Back in 2021, we announced that Google was joining the Rust Foundation. At the time, Rust was already in wide use across Android and ot...

UN Cybercrime Treaty Could Endanger Web Security

Royal Hansen, Vice President of Privacy, Safety and Security EngineeringThis week, the United Nations convened member states to continue its years-long negotiations on the UN Cybercrime Treaty, titled “Countering the Use of Information and Communicatio...

Hardening cellular basebands in Android

Posted by Ivan Lozano and Roger Piqueras Jover

Android’s defense-in-depth strategy applies not only to the Android OS running on the Application Processor (AP) but also the firmware that runs on devices. We particularly prioritize hardening the cellu...

Evolving the App Defense Alliance

Posted by Nataliya Stanetsky, Android Security and Privacy Team

The App Defense Alliance (ADA), an industry-leading collaboration launched by Google in 2019 dedicated to ensuring the safety of the app ecosystem, is taking a major step forward. We are...

Qualified certificates with qualified risks

Posted by Chrome Security team

Improving the interoperability of web services is an important and worthy goal. We believe that it should be easier for people to maintain and control their digital identities. And we appreciate that policymakers workin...

Increasing transparency in AI security

Mihai Maruseac, Sarah Meiklejohn, Mark Lodato, Google Open Source Security Team (GOSST)New AI innovations and applications are reaching consumers and businesses on an almost-daily basis. Building AI securely is a paramount concern, and we believe that ...

Bare-metal Rust in Android

Posted by Andrew Walbran, Android Rust Team

Last year we wrote about how moving native code in Android from C++ to Rust has resulted in fewer security vulnerabilities. Most of the components we mentioned then were system services in userspace (runni...

Scaling Rust Adoption Through Training

Posted by Martin Geisler, Android team

Android 14 is the third major Android release with Rust support. We are already seeing a number of benefits:

Productivity: Developers quickly feel productive writing Rust. They report important indicators of...