Man
Professional
- Messages
- 3,077
- Reaction score
- 614
- Points
- 113
Google has added new security features to protect modems from threats.
Google has implemented a host of new security measures in Pixel devices to counter the growing threats posed by attacks on the baseband, also known as tethering. The modem is an essential component of the smartphone, which is responsible for managing all kinds of mobile connections, such as LTE, 4G and 5G, and communicates with cell towers through an air interface.
The processing of external signals from unreliable sources is a serious threat. Attackers can use fake base stations to send fake network packets, which makes the device vulnerable. In some protocols, such as IMS (IP Multimedia Subsystem), such attacks can be carried out remotely using an IMS client, regardless of the attacker's location.
In addition to external threats, there is a risk of vulnerabilities in the modem firmware. Such errors can allow attackers to remotely access the device and execute malicious code. For example, in October 2023, Amnesty International published a study that revealed that the Intellexa spyware group behind Predator software had developed a Triton tool to exploit vulnerabilities in Exynos software used in Samsung devices. This attack involves the use of a base station simulator that puts the device into outdated 2G mode, allowing malware to be downloaded.
To counter such threats, Google introduced a number of new features in Android 14. One of the key innovations was the introduction of the ability to disable 2G support on managed devices, which is especially important for corporate customers. In addition, Google is actively working with partners to implement an alert system for users if their connection to the mobile network is not encrypted or if the device connects to a suspicious base station, which may indicate an attempt at surveillance.
To further enhance protection, the company has also improved measures against SMS injections through fake base stations such as Stingray, which allow you to bypass carrier surge protectors. Such attacks, known as SMS Blaster, use spoofed LTE or 5G networks to translate a device's connection into an outdated 2G protocol, allowing attackers to intercept data or send malicious messages without passing through the carrier's network.
The new Pixel 9 devices have received additional security mechanisms, such as stack canary, which act as indicators of device memory intrusions. They warn the system about attempts to change the flow of application execution when vulnerabilities are exploited. Thread integrity (CFI) control also helps limit the possible execution paths of your code. If an attacker tries to deviate from the allowed paths, the system will automatically reboot the modem, which prevents malicious code from executing.
Other security mechanisms include automatic stack variable initialization, which helps prevent sensitive data leakage and makes the device more secure from attacks.
Source
Google has implemented a host of new security measures in Pixel devices to counter the growing threats posed by attacks on the baseband, also known as tethering. The modem is an essential component of the smartphone, which is responsible for managing all kinds of mobile connections, such as LTE, 4G and 5G, and communicates with cell towers through an air interface.
The processing of external signals from unreliable sources is a serious threat. Attackers can use fake base stations to send fake network packets, which makes the device vulnerable. In some protocols, such as IMS (IP Multimedia Subsystem), such attacks can be carried out remotely using an IMS client, regardless of the attacker's location.
In addition to external threats, there is a risk of vulnerabilities in the modem firmware. Such errors can allow attackers to remotely access the device and execute malicious code. For example, in October 2023, Amnesty International published a study that revealed that the Intellexa spyware group behind Predator software had developed a Triton tool to exploit vulnerabilities in Exynos software used in Samsung devices. This attack involves the use of a base station simulator that puts the device into outdated 2G mode, allowing malware to be downloaded.
To counter such threats, Google introduced a number of new features in Android 14. One of the key innovations was the introduction of the ability to disable 2G support on managed devices, which is especially important for corporate customers. In addition, Google is actively working with partners to implement an alert system for users if their connection to the mobile network is not encrypted or if the device connects to a suspicious base station, which may indicate an attempt at surveillance.
To further enhance protection, the company has also improved measures against SMS injections through fake base stations such as Stingray, which allow you to bypass carrier surge protectors. Such attacks, known as SMS Blaster, use spoofed LTE or 5G networks to translate a device's connection into an outdated 2G protocol, allowing attackers to intercept data or send malicious messages without passing through the carrier's network.
The new Pixel 9 devices have received additional security mechanisms, such as stack canary, which act as indicators of device memory intrusions. They warn the system about attempts to change the flow of application execution when vulnerabilities are exploited. Thread integrity (CFI) control also helps limit the possible execution paths of your code. If an attacker tries to deviate from the allowed paths, the system will automatically reboot the modem, which prevents malicious code from executing.
Other security mechanisms include automatic stack variable initialization, which helps prevent sensitive data leakage and makes the device more secure from attacks.
Source
