Google has revealed that its transition to memory-safe languages reminiscent of Rust as a part of its secure-by-design method has led to the share of memory-safe vulnerabilities found in Android dropping from 76% to 24% over a interval of six years.
The tech large stated specializing in Secure Coding for brand spanking new options not solely reduces the general safety threat of a codebase, but in addition makes the swap extra “scalable and cost-effective.”
Finally, this results in a drop in reminiscence security vulnerabilities as new reminiscence unsafe growth slows down after a sure time frame, and new reminiscence secure growth takes over, Google’s Jeff Vander Stoep and Alex Rebert stated in a publish shared with The Hacker Information.
Maybe much more apparently, the variety of reminiscence security vulnerabilities may also drop however a rise within the amount of recent reminiscence unsafe code.
The paradox is defined by the truth that vulnerabilities decay exponentially, with a examine discovering {that a} excessive variety of vulnerabilities typically reside in new or lately modified code.
“The problem is overwhelmingly with new code, necessitating a fundamental change in how we develop code,” Vander Stoep and Rebert famous. “Code matures and gets safer with time, exponentially, making the returns on investments like rewrites diminish over time as code gets older.”
Google, which formally introduced its plans to assist the Rust programming language in Android manner again in April 2021, stated it started prioritizing transitioning new growth to memory-safe languages round 2019.
In consequence, the variety of reminiscence security vulnerabilities found within the working system has declined from 223 in 2019 to lower than 50 in 2024.
It additionally goes with out saying that a lot of the lower in such flaws is all the way down to developments within the methods devised to fight them, shifting from reactive patching to proactive mitigating to proactive vulnerability discovery utilizing instruments like Clang sanitizers.
The tech large additional famous that reminiscence security methods ought to evolve much more to prioritize “high-assurance prevention” by incorporating secure-by-design rules that enshrine safety into the very foundations.
“Instead of focusing on the interventions applied (mitigations, fuzzing), or attempting to use past performance to predict future security, Safe Coding allows us to make strong assertions about the code’s properties and what can or cannot happen based on those properties,” Vander Stoep and Rebert stated.
That is not all. Google stated it’s also specializing in providing interoperability between Rust, C++, and Kotlin, as a substitute of code rewrites, as a “practical and incremental approach” to embracing memory-safe languages and finally eliminating total vulnerability lessons.
“Adopting Safe Coding in new code offers a paradigm shift, allowing us to leverage the inherent decay of vulnerabilities to our advantage, even in large existing systems,” it stated.
“The concept is simple: once we turn off the tap of new vulnerabilities, they decrease exponentially, making all of our code safer, increasing the effectiveness of security design, and alleviating the scalability challenges associated with existing memory safety strategies such that they can be applied more effectively in a targeted manner.”
The event comes as Google touted elevated collaboration with Arm’s product safety and graphics processing unit (GPU) engineering groups to flag a number of shortcomings and elevate the general safety of the GPU software program/firmware stack throughout the Android ecosystem.
This consists of the invention of two reminiscence points in Pixel’s customization of driver code (CVE-2023-48409 and CVE-2023-48421) and one other in Arm Valhall GPU firmware and fifth Gen GPU structure firmware (CVE-2024-0153).
“Proactive testing is good hygiene as it can lead to the detection and resolution of new vulnerabilities before they’re exploited,” Google and Arm stated.