Google found that switching to memory-safe languages like Rust as part of its development security approach saw the percentage of vulnerabilities discovered in Android drop from 76% to 24% over six years. .
The tech giant said, focusing on Secure coding for new features not only reduces the overall security risk of the codebase, but also makes switching more “scalable and cost-effective.”
This ultimately leads to a reduction in memory security vulnerabilities as the development of new unsafe memory slows down after a period of time and new memory security development takes over Jeff Vander Stoep and Alex Rebert of Google said in a post shared with The Hacker News.
Perhaps more interestingly, the number of memory security vulnerabilities may also decrease despite the increase in new dangerous memory code.
The paradox is explained by the fact that vulnerabilities die out exponentially, and research has shown that a large number of vulnerabilities are often found in new or recently modified code.
“The problem is overwhelmingly new code, which requires fundamental changes in how we develop code,” Vander Stoep and Rebert said. “Code ages and becomes more secure over time, exponentially, with the result that the return on investment, such as rewriting, diminishes over time as the code ages.”
Google which officially announced in its plans to support the Rust programming language on Android as early as April 2021, it stated that around 2019 it began to prioritize moving new developments to memory-safe languages.
As a result, the number of memory security vulnerabilities discovered in the operating system decreased from 223 in 2019 to less than 50 in 2024.
It also goes without saying that a large part of reducing such flaws comes down to advances in the way we deal with them, moving from reactive patching to proactive mitigation to proactive vulnerability discovery with tools like Clang Disinfectants.
The tech giant went on to note that memory security strategies must evolve further to prioritize “high-confidence prevention” by including security principles in development which embed security in the very basics.
“Instead of focusing on the measures in place (mitigation, fuzzing) or trying to use past performance to predict future security, Safe Coding allows us to make strong assertions about the properties of code and what may or may not happen based on those properties” , Vander Stoep and Rebert said.
That’s not all. Google said it is also focusing on offering interoperability between Rust, C++ and Kotlin instead of rewriting code as a “practical and incremental approach” to using memory-safe languages and eventually eliminating entire classes of vulnerabilities.
“Adopting secure coding in new code offers a paradigm shift, allowing us to use the inherent decay of vulnerabilities to our advantage, even in large existing systems,” it said.
“The concept is simple: as we close new vulnerabilities, they decrease exponentially, making all of our code more secure, increasing the efficiency of security design, and alleviating the scalability issues associated with existing memory security strategies so that they can be applied more effectively purposefully”.
The development comes as Google touted greater collaboration with Arm’s product security and graphics processing unit (GPU) engineering teams to uncover multiple vulnerabilities and improve overall GPU software/firmware security across the Android ecosystem.
This includes the discovery of two memory issues in the Pixel driver code setup (CVE-2023-48409 and CVE-2023-48421) and another in Arm Valhall GPU firmware and 5th generation GPU architecture firmware (CVE-2024-0153).
“Preemptive testing is good hygiene because it can lead to the discovery and remediation of new vulnerabilities before they are exploited” – Google and Arm said.
