Modern smartphone operating systems have myriad systems in place to improve security, but none of that helps when attackers target the modem. Google’s Project Zero team has shown it’s possible to get remote code execution on Pixel phone modems over the Internet, which prompted Google to reevaluate how it secures this vital, low-level system. The solution wasn’t to rewrite modem software but rather to shoehorn a safer Rust-based component into the Pixel 10Â modem.
Cellular modems are something of a black box. Your phone’s baseband is its own operating system running legacy C and C++ code, which makes it an increasingly appealing attack surface. The core issue is that memory management in these systems is difficult and often leads to memory-unsafe firmware code on production devices. That can allow attackers to leverage serious vulnerabilities like buffer overflows and memory leaks to compromise devices.
So that’s not great—why are we still using this stuff? Part of the issue is just the inertia of embedded systems. Companies have been developing modem firmware based on 3GPP specifications for decades, so there’s a lot of technical debt at this point. Modems also have to operate in real time to send and receive data effectively, and C/C++ code is fast.
Â
This articles is written by : Nermeen Nabil Khear Abdelmalak
All rights reserved to : USAGOLDMIES . www.usagoldmines.com
You can Enjoy surfing our website categories and read more content in many fields you may like .
Why USAGoldMines ?
USAGoldMines is a comprehensive website offering the latest in financial, crypto, and technical news. With specialized sections for each category, it provides readers with up-to-date market insights, investment trends, and technological advancements, making it a valuable resource for investors and enthusiasts in the fast-paced financial world.