Google turns to Rust to remedy Android vulnerabilities

News
By
published

Android developers inside Google have been working to add support for Rust for over a year

(Image credit: Kevin Ku / Pexels)

Google has greenlighted the use of the Rust programming language in Android’s low-level system-code in order to curb the growing number of memory-based security vulnerabilities in the mobile operating system.

In a post in the Google Security blog, members of the Android development team list their efforts to detect, fix, and mitigate the memory safety bugs. Despite their efforts, these vulnerabilities make up about 70% of Android’s high severity security vulnerabilities. 

“Memory-safe languages are the most cost-effective means for preventing memory bugs. In addition to memory-safe languages like Kotlin and Java, we’re excited to announce that the Android Open Source Project (AOSP) now supports the Rust programming language for developing the OS itself,” wrote Jeff Vander Stoep and Stephen Hines, from the Android Team. 

Memory management

The memory safety guarantees of Rust make it particularly useful for low-level systems programming. It is for this very reason that support for Rust has even been included in the bleeding edge branch of the Linux kernel.

Android developers work either with Java, and compatible languages like Kotlin, to write the high-level parts of the OS such as the user interface, while the low-level aspects such as the kernel and drivers are best written in C and C++.

However these languages give charge of several crucial aspects such as memory management to the developer. This is one of the charms of the languages and developers welcome the flexibility. But when memory management is improperly implemented it results in security issues, such as buffer overflows and overreads, leading to Android’s current predicament.

The Google developers note in the blog that they’ve been working behind the scenes of adding support for Rust in Android for the past 18 months, and promise to showcase some of the presumably internal early adopter projects in the coming months.

Via: The Register

TOPICS
Mayank Sharma
Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Read more
An Android phone being held in the hand
Google is ramping up Android security protection with new Android app safety tools
ExpressVPN Lightway protocol in Rust – promo image
ExpressVPN's latest upgrade to Lightway hopes to create "the VPN protocol of the future"
Cyber-security
Empowering developers with cutting-edge security training
ExpressVPN apps running on a laptop and mobile during TechRadar's testing
What's new in Lightway 2.0? Here are the 4 biggest changes I'm excited for
A profile of a human brain against a digital background.
Securely working with AI-generated code
Holographic representation of cloud computing over open businessman's hand
Businesses are struggling to address vulnerabilities hidden in phantom dependencies
Latest in Pro
A person holding out their hand with a digital AI symbol.
The decision-maker's playbook: integrating Generative AI for optimal results
AMD Ryzen 9950X
Ryzen CPUs are the cheapest Zen 5 cores you can buy, but I was surprised to see this AMD 192-core CPUs on the value leaderboard
The socket interface of the Intel Core Ultra processor
Intel unveils its most powerful AI PCs yet - new Intel Core Ultra Series 2 processors pack in vPro for lightweight laptops and high-performance workstations alike
Webex by Cisco banner on a Chromebook
Cisco warns some Webex users of worrying security flaw, so patch now
Microsoft UK CEO Darren Hardman AI Tour London 2025
Microsoft - UK can help drive the global AI future, but only with the proper buy-in
Red padlock open on electric circuits network dark red background
AI-powered cyber threats are becoming the biggest worry for businesses everywhere
Latest in News
AMD Ryzen 9950X
Ryzen CPUs are the cheapest Zen 5 cores you can buy, but I was surprised to see this AMD 192-core CPUs on the value leaderboard
A hand holding a phone showing the Android Find My Device network
Android's Find My Device can now let you track your friends – and I can't decide if that's cool or creepy
Insta360 X4 360 degree camera without lens protector
Leaked DJI Osmo 360 image suggests GoPro and Insta360 should be worried – here's why
A YouTube Premium promo on a laptop screen
A cheaper YouTube Premium Lite plan just rolled out in the US – but you’ll miss out on these 4 features
Viaim RecDot AI true wireless earbuds
These AI-powered earbuds can also act as a dictaphone with transcription when left in their case
The socket interface of the Intel Core Ultra processor
Intel unveils its most powerful AI PCs yet - new Intel Core Ultra Series 2 processors pack in vPro for lightweight laptops and high-performance workstations alike
More about pro
AMD Ryzen 9950X

Ryzen CPUs are the cheapest Zen 5 cores you can buy, but I was surprised to see this AMD 192-core CPUs on the value leaderboard
Thermal Master T2 Max

I tested out the Thermal Master T2 Max thermal imaging scope and it's impressive for highlighting heat signatures in the world
An AMD Radeon RX 9070 XT made by Sapphire on a table with its retail packaging

Where to buy AMD Radeon RX 9070 XT and RX 9070: these are the best retailers in the US and UK
See more latest
Most Popular
AMD Ryzen 9950X
Ryzen CPUs are the cheapest Zen 5 cores you can buy, but I was surprised to see this AMD 192-core CPUs on the value leaderboard
Thanko monitor
At 11lbs, this double 24-inch 'portable' monitor is a bit too much for me but I love the audacity
Rocket Enterprise SSD
Sabrent launches its first 30.72TB SSD, but like all the others, you won't be able to run it on your PC (or buy it on Amazon)
Volkswagen ID.EVERY1 Concept Car
Volkswagen reveals the ID.1 concept car, which will spawn its cheapest all-electric model to date
Eurocom Raptor X17
This $12,000 laptop comes with 24TB RAID-0 SSD storage, 128GB of RAM, and Intel's most powerful mobile CPU - but no Nvidia RTX 5090M GPU
BYD Ling Yuan DJI Drone launcher
BYD’s new roof-mounted DJI drone launchpad looks like a dream for filming road trips – but less so for car safety
An AI face in profile against a digital background.
'Simulating scientists': A new AI tool wants to make serendipitous scientific discovery less human
A hand holding a phone showing the Android Find My Device network
Android's Find My Device can now let you track your friends – and I can't decide if that's cool or creepy
Webex by Cisco banner on a Chromebook
Cisco warns some Webex users of worrying security flaw, so patch now
A YouTube Premium promo on a laptop screen
A cheaper YouTube Premium Lite plan just rolled out in the US – but you’ll miss out on these 4 features