Tuesday , October 17 2017

Google tells how they built the Pixel Better, Faster, Stronger for security

pixel-pic

Security is important and Google knows it, but do you know what’s more important? The perception of security. Now I don’t mean that’s actually more important but if people don’t perceive a device as secure it doesn’t matter how secure it is?

In an effort to emphasise the security aspects of their latest high-end, high cost, smartphones – the Pixel and Pixel XL – Google have pushed out a security post to let people know just what security features the Pixels are packing.

So what security features can Pixel owners expect? These:

  • File-based encryption: This basically means the different files are decrypted with different keys, so even if the encryption of a specific file is cracked it will only be for that one file.
  • Direct Boot: Direct boot allows the device to decrypt services you need immediately like Clock alarms, phone and accessibility settings on boot meaning you don’t need to unlock/ decrypt your device to access them straight away.
  • Trust Zone: Using the ARM architecture the Pixels can store and execute security keys on the processor meaning that even if the Android kernel is compromised your keys remain safe.
  • Verified Boot: As part of the Trust Zone the Pixels now contain Verified Boot, which checks if the operating system has been changed and if it has will not decrypt the device.
  • Timed lockout: As a component of the Trust Zone the processor will also increase the time between unlocking attempts, increasing with each subsequent fail.

Many of these features are also included in the AOSP code base so other OEMs and the modding community will also be able to take advantage of these security measures on their devices and software.

Security is important and it’s great to see Google making investments in security for both the Pixels and Android in general. It should go without saying, which normally means you need to say it, many of these protections only work if you are using a fingerprint, PIN or password on your device. And of course, it would be best if you use a longer more random PIN or password if you’re going to rely on those alone.

The other important thing to realise is all of these systems are only as secure as their implementation. If any of the systems have a zero-day exploit that becomes weaponised then it won’t work. This is why Google – and others – run bug bounty programs and host hacking competitions.

In the end security is an arms race, hoping the good guys find and fix issues before the bad guys find and exploit them. One thing is for sure: I know I feel safer with a Google-managed device & software combination. This was one of the primary reasons I ended up buying a Pixel with my own dollars.

 
Source: Google.

Duncan Jaffrey   Journalist

Duncan has been interested in technology since coding "Mary had a little Lamb" in Basic on his ZX Spectrum. A fan of all things Android, most days you'll find Duncan trawling the web for Android news or quietly editing away on Map Maker.

Join the Ausdroid Conversation

Be the First to Comment!

avatar
wpDiscuz

Check Also

Razer phone specs and in the wild shots turn up

The rumoured Razer gaming focused phone is probably launching soon, so that means we’re getting …