Android Security

Google: Rust Is The Answer To Android Security

An engineer working for Google said that the Rust programming language is the solution to making the Android operating system more secure, especially when it comes to memory vulnerabilities.

In a post on Google’s blog, Android security engineer Jeffrey Vanderstueb said the number of severe memory vulnerabilities has dropped significantly in the last three years.

Vander Stewepp believes that this was due to the operating system’s shift from memory-unsafe programming languages, such as C and C++.

Three years ago, the majority of Android vulnerabilities, at 65 percent, were memory security vulnerabilities that were either high-risk or critical. Since then, Google has been writing new Rust code and adding it to Android, rather than just improving the existing code. Now the number of such vulnerabilities has decreased significantly, and the mobile operating system is no longer the biggest problem.

“From 2019 to 2022, the annual number of memory security vulnerabilities decreased from 223 to 85,” Vander Stub said. He added that with Android 12, which was launched in early October 2021, the operating system now focuses primarily on the Rust language.

While memory vulnerabilities have decreased thanks to the use of the new programming language, other forms of vulnerabilities have remained constant with approximately 20 new vulnerabilities discovered each month. However, these vulnerabilities are not as dangerous as memory security vulnerabilities.

But this does not mean that Google has completely abandoned my C and C++ languages. Vander Stub said the company will continue to invest in tools for writing safer C and C++ code, pointing to the powerful customization tool Scudo, HWASAN, GWP-ASAN, and KFENCE on Android devices.

While the Rust language is still highly reliable, VanderStueb knows this may change in the future, as so far no memory vulnerabilities have been discovered in Android’s Rust code. But he said: “We don’t expect this number to remain zero forever, but given the size of the new Rust code across two versions of Android, and the security-sensitive components in which the code is used, this is an important finding”.