Google Online Security Blog

Modernizing Transport Security

October 15, 2018

Posted by David Benjamin, Chrome networkingTLS 1.0TLS 1.2now brokenPCI-DSS compliantdocument

TLS 1.2 or later.

An ECDHE- and AEAD-based cipher suite. AEAD-based cipher suites are those using AES-GCM or ChaCha20-Poly1305. ECDHE_RSA_WITH_AES_128_GCM_SHA256 is the recommended option for most sites.

The server signature should use SHA-2. Note this is not the signature in the certificate, made by the CA. Rather, it is the signature made by the server itself, using its private key.

The older options—CBC-mode cipher suites, RSA-encryption key exchange, and SHA-1 online signatures—all have known cryptographic flaws. Each has been removed in the newly-published TLS 1.3, which is supported in Chrome 70. We retain them at prior versions for compatibility with legacy servers, but we will be evaluating them over time for eventual deprecation.

None of these changes require obtaining a new certificate. Additionally, they are backwards-compatible. Where necessary, servers may enable both modern and legacy options, to continue to support legacy clients. Note, however, such support may carry security risks. (For example, see the DROWN, FREAK, and ROBOT attacks.)

Over the coming Chrome releases, we will improve the DevTools Security Panel to point out deviations from these settings, and suggest improvements to the site’s configuration.

Enterprise deployments can preview the TLS 1.0 and 1.1 removal today by setting the SSLVersionMin policy to “tls1.2”. For enterprise deployments that need more time, this same policy can be used to re-enable TLS 1.0 or TLS 1.1 until January 2021.

Google and Android have your back by protecting your backups

October 12, 2018

Posted by Troy Kensinger, Technical Program Manager, Android Security and PrivacyAndroid’s Backup ServiceGoogle Cloud’s Titan TechnologyTitan security chipNCC Group’shereWe want to acknowledge contributions from Shabsi Walfish, Software Engineering Lead, Identity and Authentication to this effort

Control Flow Integrity in the Android kernel

October 10, 2018

Posted by Sami Tolvanen, Staff Software Engineer, Android Security & Privacy[Cross-posted from the Android Developers Blog]hardening the kernelcompiler-based security mitigationsControl Flow Integrity (CFI)CFI support available in Android kernel versions 4.9 and 4.14 Protecting against code reuse attacks

Figure 1. In an Android device kernel, LLVM's CFI limits 55% of indirect calls to at most 5 possible targets and 80% to at most 20 targets. Gaining full program visibility with Link Time Optimization (LTO)

Figure 2. A simplified overview of how LTO works in the kernel. All LLVM bitcode is combined, optimized, and generated into native code at link time.4.94.14LDFLAGS += -plugin-opt=-inline-threshold=0 \ -plugin-opt=-unroll-threshold=0 Implementing CFI in the Linux kernelLLVM's CFI4.94.14cross-DSO CFI

Figure 3. An example of a cross-DSO CFI check injected into an arm64 kernel. Type information is passed in X0 and the target address to validate in X1. Enabling kernel CFI for an Android deviceclangbinutilsCONFIG_LTO_CLANG=y CONFIG_CFI_CLANG=yCFI failure (target: [<fffffff3e83d4d80>] my_target_function+0x0/0xd80): ------------[ cut here ]------------ kernel BUG at kernel/cfi.c:32! Internal error: Oops - BUG: 0 [#1] PREEMPT SMP … Call trace: … [<ffffff8752d00084>] handle_cfi_failure+0x20/0x28 [<ffffff8752d00268>] my_buggy_function+0x0/0x10 … Figure 4. An example of a kernel panic caused by a CFI failure.static int __nocfi address_space_conflict() { void (*fn)(void); … /* branching to a physical address trips CFI w/o __nocfi */ fn = (void *)__pa_symbol(function_name); cpu_install_idmap(); fn(); cpu_uninstall_idmap(); … } Figure 5. An example of fixing a CFI failure caused by an address space conflict.KASAN ConclusionShadow Call Stack

Trustworthy Chrome Extensions, by Default

October 1, 2018

Posted by James Wagner, Chrome Extensions Product Manager[Cross-posted from the Chromium blog]Chrome Web Storeout-of-process iframesremoval of inline installationUser controls for host permissionshost access

transition guideChanges to the extensions review process
narrowly-scopedNew code reliability requirements

Removal of whitespace, newlines, code comments, and block delimiters

Shortening of variable and function names

Collapsing the number of JavaScript files

If you have an extension in the store with obfuscated code, please review our updated content policies as well as our recommended minification techniques for Google Developers, and submit a new compliant version before January 1st, 2019.

Required 2-step verification
In 2019, enrollment in 2-Step Verification will be required for Chrome Web Store developer accounts. If your extension becomes popular, it can attract attackers who want to steal it by hijacking your account, and 2-Step Verification adds an extra layer of security by requiring a second authentication step from your phone or a physical security key. We strongly recommend that you enroll as soon as possible.
For even stronger account security, consider the Advanced Protection Program. Advanced protection offers the same level of security that Google relies on for its own employees, requiring a physical security key to provide the strongest defense against phishing attacks.

Looking ahead: Manifest v3
In 2019 we will introduce the next extensions manifest version. Manifest v3 will entail additional platform changes that aim to create stronger security, privacy, and performance guarantees. We want to help all developers fall into the pit of success; writing a secure and performant extension in Manifest v3 should be easy, while writing an insecure or non-performant extension should be difficult.
Some key goals of manifest v3 include:

More narrowly-scoped and declarative APIs, to decrease the need for overly-broad access and enable more performant implementation by the browser, while preserving important functionality
Additional, easier mechanisms for users to control the permissions granted to extensions
Modernizing to align with new web capabilities, such as supporting Service Workers as a new type of background process

We intend to make the transition to manifest v3 as smooth as possible and we’re thinking carefully about the rollout plan. We’ll be in touch soon with more specific details.
We recognize that some of the changes announced today may require effort in the future, depending on your extension. But we believe the collective result will be worth that effort for all users, developers, and for the long term health of the Chrome extensions ecosystem. We’re committed to working with you to transition through these changes and are very interested in your feedback. If you have questions or comments, please get in touch with us on the Chromium extensions forum.

Android and Google Play Security Rewards Programs surpass $3M in payouts

September 20, 2018

table, th, td { border: 1px solid black; } td { width:100px; } Posted by Jason Woloz and Mayank Jain, Android Security & Privacy TeamAndroid Developers Blogresearchersvulnerability reports
Android Security Rewards

There were no payouts for our highest possible reward: a complete remote exploit chain leading to TrustZone or Verified Boot compromise.

99 individuals contributed one or more fixes.

The ASR program's reward averages were $2,600 per reward and $12,500 per researcher.

Guang Gong received our highest reward amount to date: $105,000 for his submission of a remote exploit chain.

severity guidelines
Google Play Security RewardsGoogle Play Security Reward Program
Keeping devices securesecurity updates

Manufacturer

Device

ANS

L50

Asus

ZenFone 5Z (ZS620KL/ZS621KL), ZenFone Max Plus M1 (ZB570TL), ZenFone 4 Pro (ZS551KL), ZenFone 5 (ZE620KL), ZenFone Max M1 (ZB555KL), ZenFone 4 (ZE554KL), ZenFone 4 Selfie Pro (ZD552KL), ZenFone 3 (ZE552KL), ZenFone 3 Zoom (ZE553KL), ZenFone 3 (ZE520KL), ZenFone 3 Deluxe (ZS570KL), ZenFone 4 Selfie (ZD553KL), ZenFone Live L1 (ZA550KL), ZenFone 5 Lite (ZC600KL), ZenFone 3s Max (ZC521TL)

BlackBerry

BlackBerry MOTION, BlackBerry KEY2

Blu

Grand XL LTE, Vivo ONE, R2_3G, Grand_M2, BLU STUDIO J8 LTE

bq

Aquaris V Plus, Aquaris V, Aquaris U2 Lite, Aquaris U2, Aquaris X, Aquaris X2, Aquaris X Pro, Aquaris U Plus, Aquaris X5 Plus, Aquaris U lite, Aquaris U

Docomo

F-04K, F-05J, F-03H

Essential Products

PH-1

Fujitsu

F-01K

General Mobile

GM8, GM8 Go

Google

Pixel 2 XL, Pixel 2, Pixel XL, Pixel

HTC

U12+, HTC U11+

Huawei

Honor Note10, nova 3, nova 3i, Huawei Nova 3I, 荣耀9i, 华为G9青春版, Honor Play, G9青春版, P20 Pro, Honor V9, huawei nova 2, P20 lite, Honor 10, Honor 8 Pro, Honor 6X, Honor 9, nova 3e, P20, PORSCHE DESIGN HUAWEI Mate RS, FRD-L02, HUAWEI Y9 2018, Huawei Nova 2, Honor View 10, HUAWEI P20 Lite, Mate 9 Pro, Nexus 6P, HUAWEI Y5 2018, Honor V10, Mate 10 Pro, Mate 9, Honor 9, Lite, 荣耀9青春版, nova 2i, HUAWEI nova 2 Plus, P10 lite, nova 青春版本, FIG-LX1, HUAWEI G Elite Plus, HUAWEI Y7 2018, Honor 7S, HUAWEI P smart, P10, Honor 7C, 荣耀8青春版, HUAWEI Y7 Prime 2018, P10 Plus, 荣耀畅玩7X, HUAWEI Y6 2018, Mate 10 lite, Honor 7A, P9 Plus, 华为畅享8, honor 6x, HUAWEI P9 lite mini, HUAWEI GR5 2017, Mate 10

Itel

P13

Kyocera

X3

Lanix

Alpha_950, Ilium X520

Lava

Z61, Z50

LGE

LG Q7+, LG G7 ThinQ, LG Stylo 4, LG K30, V30+, LG V35 ThinQ, Stylo 2 V, LG K20 V, ZONE4, LG Q7, DM-01K, Nexus 5X, LG K9, LG K11

Motorola

Moto Z Play Droid, moto g(6) plus, Moto Z Droid, Moto X (4), Moto G Plus (5th Gen), Moto Z (2) Force, Moto G (5S) Plus, Moto G (5) Plus, moto g(6) play, Moto G (5S), moto e5 play, moto e(5) play, moto e(5) cruise, Moto E4, Moto Z Play, Moto G (5th Gen)

Nokia

Nokia 8, Nokia 7 plus, Nokia 6.1, Nokia 8 Sirocco, Nokia X6, Nokia 3.1

OnePlus

OnePlus 6, OnePlus5T, OnePlus3T, OnePlus5, OnePlus3

Oppo

CPH1803, CPH1821, CPH1837, CPH1835, CPH1819, CPH1719, CPH1613, CPH1609, CPH1715, CPH1861, CPH1831, CPH1801, CPH1859, A83, R9s Plus

Positivo

Twist, Twist Mini

Samsung

Galaxy A8 Star, Galaxy J7 Star, Galaxy Jean, Galaxy On6, Galaxy Note9, Galaxy J3 V, Galaxy A9 Star, Galaxy J7 V, Galaxy S8 Active, Galaxy Wide3, Galaxy J3 Eclipse, Galaxy S9+, Galaxy S9, Galaxy A9 Star Lite, Galaxy J7 Refine, Galaxy J7 Max, Galaxy Wide2, Galaxy J7(2017), Galaxy S8+, Galaxy S8, Galaxy A3(2017), Galaxy Note8, Galaxy A8+(2018), Galaxy J3 Top, Galaxy J3 Emerge, Galaxy On Nxt, Galaxy J3 Achieve, Galaxy A5(2017), Galaxy J2(2016), Galaxy J7 Pop, Galaxy A6, Galaxy J7 Pro, Galaxy A6 Plus, Galaxy Grand Prime Pro, Galaxy J2 (2018), Galaxy S6 Active, Galaxy A8(2018), Galaxy J3 Pop, Galaxy J3 Mission, Galaxy S6 edge+, Galaxy Note Fan Edition, Galaxy J7 Prime, Galaxy A5(2016)

Sharp

シンプルスマホ４, AQUOS sense plus (SH-M07), AQUOS R2 SH-03K, X4, AQUOS R SH-03J, AQUOS R2 SHV42, X1, AQUOS sense lite (SH-M05)

Sony

Xperia XZ2 Premium, Xperia XZ2 Compact, Xperia XA2, Xperia XA2 Ultra, Xperia XZ1 Compact, Xperia XZ2, Xperia XZ Premium, Xperia XZ1, Xperia L2, Xperia X

Tecno

F1, CAMON I Ace

Vestel

Vestel Z20

Vivo

vivo 1805, vivo 1803, V9 6GB, Y71, vivo 1802, vivo Y85A, vivo 1726, vivo 1723, V9, vivo 1808, vivo 1727, vivo 1724, vivo X9s Plus, Y55s, vivo 1725, Y66, vivo 1714, 1609, 1601

Vodafone

Vodafone Smart N9

Xiaomi

Mi A2, Mi A2 Lite, MI 8, MI 8 SE, MIX 2S, Redmi 6Pro, Redmi Note 5 Pro, Redmi Note 5, Mi A1, Redmi S2, MI MAX 2, MI 6X

ZTE

BLADE A6 MAX

externallyprogram rulesBug Hunter University

Introducing the Tink cryptographic software library

August 30, 2018

Posted by Thai Duong, Information Security Engineer, on behalf of Tink teamTinkTink 1.2.0Project WycheproofAEAD import com.google.crypto.tink.Aead;    import com.google.crypto.tink.KeysetHandle;    import com.google.crypto.tink.aead.AeadFactory;    import com.google.crypto.tink.aead.AeadKeyTemplates;
   // 1. Generate the key material.    KeysetHandle keysetHandle = KeysetHandle.generateNew(        AeadKeyTemplates.AES256_EAX);
   // 2. Get the primitive.    Aead aead = AeadFactory.getPrimitive(keysetHandle);
   // 3. Use the primitive.    byte[] plaintext = ...;    byte[] additionalData = ...;    byte[] ciphertext = aead.encrypt(plaintext, additionalData);
JavaC++Obj-Cmailing listtink-users+subscribe@googlegroups.comtink

Evolution of Android Security Updates

August 22, 2018

Posted by Dave Kleidermacher, VP, Head of Security - Android, Chrome OS, Play[Cross-posted from the Android Developers Blog]Google I/O 2018What's New in Android Security Commercial Best Practices around Android Security Updates2017 Android Security Year-in-Reviewanti-exploitationMonthlyAndroid One program90 days Enterprise Best PracticesAndroid Enterprise Recommended program Enterprise Recommended list Making Android Easier to UpdateProject Trebleupdate to Android P more easily and efficientlyincluding secure networking componentsGMS Express program Security Patch Level Compliancecorrected Looking ForwardIn 2017reduce

A reminder about government-backed phishing

August 20, 2018

Posted by Shane Huntley, Threat Analysis GroupTLDR: Government-backed phishing has been in the news lately. If you receive a warning in Gmail, be sure to take prompt action. Get two-factor authentication on your account. And consider enrolling in the Advanced Protection Program.significantly decrease the volume of phishing emails that get throughSince 2012alerts to G Suite administratorspost public advisoriestake immediate action on it

enable 2-step verification in GmailAdvanced Protection Program

Expanding our Vulnerability Reward Program to combat platform abuse

August 15, 2018

Posted by Eric Brown and Marc Henson, Trust & Safetyawarded more than $12 million dollarsthriving Google-focused security communityGoogle+YouTubeGmailBloggerupdated rules

Google Public DNS turns 8.8.8.8 years old

August 10, 2018

Posted by Alexander Dupuy, Software Engineerlaunched Google Public DNStravelers in India’s train stationsresearchers on the remote Antarctic island Bouvetøya

Google Public DNS query growth and major feature launches

10% of internet usersMaking the internet fastermake the internet faster

DNS resolution process for example.org

GeoIP mapsproposed a solutionRFC 7871automatic detection of name server ECS supportSafeguarding user privacy
Privacy PolicyPrivacy Principlesprivacy practice statementlaunched a public betaDNS-over-HTTPSInternet Draft for DNS Queries over HTTPSSecuring the Domain Name Systemrejectedhijacking nonexistent domain (NXDOMAIN) responsesextensive set of additional protectionsDNSSEC securityman-in-the-middleman-on-the-sideimplement DNSSEC validationdoubling the percentage of end users protected by DNSSEC from 3.3% to 8.1%rate limitingreflection or amplification attacksInternet access for all
Railtel partnership in India‘s train stationsNext Billion Users initiative

APNIC Labs map of worldwide usage (Interactive Map)

Looking ahead

Security Blog

Modernizing Transport Security

Google and Android have your back by protecting your backups

Control Flow Integrity in the Android kernel

Trustworthy Chrome Extensions, by Default

Android and Google Play Security Rewards Programs surpass $3M in payouts

Introducing the Tink cryptographic software library

Evolution of Android Security Updates

A reminder about government-backed phishing

Expanding our Vulnerability Reward Program to combat platform abuse

Google Public DNS turns 8.8.8.8 years old

Labels

Archive

Feed

Company-wide

Products

Developers