Joe Maring / Android Authority
TL;DR
- Google launched Binary Transparency as an initiative to verify the integrity of Pixel firmware.
- The program is now being expanded to cover Google’s own Android apps and Mainline updates.
- A publicly auditable, blockchain-like record keeps track of Google-approved releases.
All of us want to keep the data on our phones safe and secure, and one of the best things you can do to stay safe is only running apps from trustworthy sources. Digital signatures are an important part of that, helping ensure our apps are coming from whom they claim to be from. But even that’s not necessarily foolproof, and a malicious insider with access to signing keys could theoretically still do some damage. Google’s been thinking about how to protect Android users from attacks like just that one, and today shares its new plan for expanded Binary Transparency.
Don’t want to miss the best from Android Authority?
Google first introduced Binary Transparency a few years ago for Pixel firmware images. The idea was basically to host a blockchain-like public record of official Pixel firmware releases. Your phone already verifies the firmware’s digital signature on boot, but with this tool, you could also double check that you’re running a release that Google deemed official — and not one a disgruntled dev signed with a backdoor added.
That’s not going away, but Google is now adding two more layers: Binary Transparency for individual Google apps, and for Android Mainline modules. These tend to get updated a lot more frequently than firmware releases, and it’s just as critical that users are able to trust their software integrity.
Just like before, there’s a blockchain-like public record that Google’s publishing records of all its official app and Mainline updates to. Once an addition is made to that record it can’t be taken back, ensuring a historical log of certified Google-approved releases.
One of the key differentiators here is that Google will only include officially sanctioned releases. That’s important because something like an internal alpha might be digitally signed as a Google-made app, but could contain exploitable bugs. A bad actor might then try to trick users to install the vulnerable app. With this new resource, users can now use Binary Transparency to see that it’s not a sanctioned release they should be running.
The new system is in effect as of the start of May, and going forward, will keep a record of every officially published Google Android app and Mainline module.
Thank you for being part of our community. Read our Comment Policy before posting.
