Google has announced a new safety measure for its Pixel smartphones called BINARY Transparency, which allows users to verify that their device has not been hacked. The existing Android Verified Boot mechanism checks the entire code on the device, but concerns have been raised about attacks on suppliers that could result in the insertion of malicious code and the theft of user data.
Google is addressing this issue by checking the images from the factory to ensure that no malicious code has been inserted. Binary Transparency enhances this function by allowing users to personally verify that the official factory image has been installed on their device, ensuring that no harmful code has been introduced during the source code or assembly process.
Pixel owners can use a public cryptographic ledger to mathematically prove that their devices are running on official factory images. Google has provided detailed instructions for this verification process, which includes several tools.
With Binary Transparency, Pixel images are more resistant to attacks, as it is more difficult for attackers to introduce harmful code without being detected.
It is important to note that this function is designed for users who require an additional level of assurance, while Android Verified Boot offers a more convenient alternative.
In the future, Google plans to further expand the capabilities of Pixel Binary Transparency by adding additional safety checks for the entire code on the device, beyond just the factory images.
| Sources: |
|---|
| Google’s Official Blog |