This Android security risk is often overlooked. Google wants that to change

Image: Getty/SOPA Images

Google is working on improving the cybersecurity of Android smartphones and tablets by hardening the defenses of the entire ecosystem at the firmware level. 

Firmware is the computer software behind the configuration and control of a device’s hardware. Because of this status, firmware is often the first code that runs when a device is switched on, making it the foundation everything else in the system is built upon.

This position means that firmware plays a major role in the security of your device and its operating system, including the configuration of hardware security settings. 

Also: Five easy steps to keep your smartphone safe from hackers

The key role of firmware in managing all aspects of a device means that if an attacker can compromise a smartphone or tablet at a firmware level, they can gain persistent and almost completely secret access to the device, which could allow them to spy on everything you do, steal sensitive information, or even stop the device from working. 

Firmware attacks aren’t widespread and are usually highly targeted — but Google is reacting to what it describes as a rise in cybersecurity research that uncovers vulnerabilities in Android firmware. 

“As the security of the Android Platform has been steadily improved, some security researchers have shifted their focus towards other parts of the software stack, including firmware,” researchers said in a Google Security Blog update. 

“Over the last decade there have been numerous publications, talks, Pwn2Own contest

Read more

Explore the site

More from the blog

Latest News