Android Security Symposium 2017

Honey, I shrunk the attack surface – Adventures in Android security hardening

About the speaker

Nick Kralevich

Google, Mountain View, CA, USA
Nick Kralevich is head of Android platform security at Google and one of the original members of the Android security team. In his 8 years in Android, he led the development of Android's key security features and has been on the forefront of modern operating system security. Nick's expertise is in defensive security technologies with a focus on native code hardening, application containment, and exploit mitigation.


Information security is ever evolving, and Android's security posture is no different. Users and application developers have high expectations that their data will be kept safe, private, and secure, and it's the responsibility of the Android Security Team to enable this. To do this, Android has focused on four critical principles of information security: exploit mitigation, exploit containment, attack surface reduction, and safe-by-default features.

In this talk, we will discuss Android's attack surface reduction history, and how that fits into the broader Android security story. We will go into detail on the specific technical strategies used to achieve the attack surface reduction, and explore specific bugs which were made unreachable as a result of the hardening over the last several years. And we will examine the overall result of the hardening, and areas for improvement.