Android is one of the most popular operating systems for mobile devices. Of course, like any software, it has several security problems. The good news is that, according to developers from Google, the number of such problems and vulnerabilities is decreasing yearly.
Google published a post on its security blog earlier this week. It talked about how memory security vulnerabilities – where buffer overflows, and similar problems in the code can allow other programs to get out of the sandbox and cause problems – are decreasing on Android phones.
According to the company’s announcement: “We see the number of memory security vulnerabilities decreasing significantly over the past few years/releases. From 2019 to 2022, the annual number of memory security vulnerabilities has dropped from 223 to 85.“
Many users are wondering why vulnerability issues have gone down. The experts at Google explain that “correlation does not necessarily mean causation.” However, most security experts say it most likely has to do with the fact that Google has decided to write most of the new Android code in the Rust programming language rather than in older languages such as C or C++. This language can provide better memory protection, dramatically reducing the possibility of new memory security issues.
Likewise, Google’s blog said, “From 2019 to 2022, the number of vulnerabilities in Android has dropped from 76% to 35%. 2022 is the first year memory security vulnerabilities will not make up most Android vulnerabilities.” However, Rust still doesn’t make up most of the new code added each year. Of course, the company gradually translates its code into Rust each year.
Although Google has clarified that zero security issues have been found in Android’s Rust code so far, it’s still too early to relax. There are still many different problems and opportunities to hack your device. However, it seems that Android phones and tablets have become safer by switching to Rust.