Google recently introduced a new security measure for Pixel phones called Binary Transparency to provide user-verifiable guarantees that their devices haven’t been compromised.
Android Verified Boot already ensures all executed code comes from the OEM and rollback protection. One growing area of concern are supply chain attacks that target “systems that create software to install a backdoor into the code, allowing attackers to access and steal customer data.”
On Pixel phones, Google already counters this by auditing factory images to ensure there are no backdoors. Verified Boot is then responsible for checking it’s still running the “audited code that was officially released by Google.”
Pixel Binary Transparency now expands on that function, allowing you to personally confirm that the image running on your device is the official factory image—meaning that attackers haven’t inserted themselves somewhere in the source code, build process, or release aspects of the software supply chain.
Public cryptographic log lets Pixel owners “mathematically prove” that their devices — Pixel 6+, Tablet, and Fold — are running official factory images that haven’t been tampered with. Google provides full instructions on how to do so, which requires a handful of tools. At a high-level, it involves “extracting the metadata from your phone and then running the inclusion and consistency proofs to compare against the log.”
Google’s blog post today details the Merkle tree responsible for the cryptographically guaranteed append-only log that can never be changed or deleted.
Being append-only provides resilience against attacks on Pixel images as attackers know that it’s more difficult to insert malicious code without being caught, since an image that’s been altered will no longer match the metadata Google added to the log.
The Pixel Binary Transparency is very much for parties that need the extra guarantee, with Google pointing out how Android Verified Boot provides the more user-friendly alternative/warning if there are any issues.
Looking forward, Google plans to build on Pixel Binary Transparency to add more security checks for a “device’s other executed code beyond its factory image.”
FTC: We use income earning auto affiliate links. More.
Comments