The Rust programming language is key to making the Android operating system more secure, Google engineers say.
In blog post (opens in a new tab) published by Android security engineer Jeffrey Vander Stoep, Googler claims that the number of serious memory vulnerabilities has decreased significantly over the last three years and suggests that it’s all thanks to the operating system’s shift away from the memory-hazardous programming languages C and C++.
Three years ago, the majority (65%) of Android bugs were related to high or critical memory security errors (for example, read and write errors that go out of bounds). Since then, Google has been constantly writing new Rust code and adding it to Android (as opposed to simply improving existing code). Now the number of these flaws has significantly decreased and they are no longer the biggest problem plaguing the mobile operating system.
Less serious gaps in the constant
“From 2019 to 2022, the annual number of memory vulnerabilities dropped from 223 to 85,” explains Vander Stoep.
He said that with Android 12 (released in early October 2021), the operating system became a Rust-based product. While memory security errors have decreased due to the use of a novel programming language, other types of vulnerabilities have remained constant, with approximately 20 new vulnerabilities being discovered every month. However, these flaws are not as serious as memory security bugs.
But that doesn’t mean Google is abandoning C and C++ entirely. The company will continue to invest in tools to write more secure C and C++ code, said Vander Stoep, mentioning Scudo hardened allocator, HWASAN, GWP-ASAN and KFENCE for Android (opens in a new tab) devices. He also said that Google has increased its use of fuzzing.
So far, Rust has been quite reliable, but Vander Stoep knows that this may change in the future: so far, no memory vulnerabilities have been discovered in the Rust Android code,” he concluded. “We don’t expect this number to stay at zero forever, but given the amount of new Rust code across the two versions of Android, and the security-sensitive components where it’s used, it’s a significant figure.”
By: Register (opens in a new tab)