Google Adds New Firmware Integrity Protection System to Pixel Smartphones

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Google has announced today a new security mechanism for Pixel 2 smartphones, for which, in the near future, it would be impossible to update or replace the phone's firmware without entering the user's password.

Google says it added this new security mechanism as a way to prevent malicious insiders, even those with the highest level of access, from tampering with its smartphones.

New security feature enhances an already hard-to-hack phone

This new security measure is just the cherry on top of an already super-secure device that even today comes with plenty of low-level firmware protections.
For example, Pixel devices use secure hardware components to store and handle the encryption keys used for encrypting the user's locally-stored data.
This "secure hardware" also runs its own set of secure firmware that checks the validity of the user's password and also protects the device from repeated attempts to guess a password (brute-force attacks).

This firmware is also protected by a code signing mechanism to prevent attackers from replacing the firmware altogether with one that bypasses password checks and just decrypts the data, no questions asked.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top