April 15, 2026

Google integrates Rust DNS parser into Pixel phones for enhanced security

Google has integrated a Rust-based Domain Name System (DNS) parser into the modem firmware of its Pixel phones to bolster security, particularly targeting vulnerabilities in low-level firmware code. This initiative follows Google’s broader deployment of Rust to address memory safety issues often associated with legacy C and C++ code, which have historically led to serious security risks. With the evolving threat landscape—where attackers increasingly target cellular modems, which are complex and contain a large amount of executable code—the new parser aims to mitigate these risks by significantly reducing potential vulnerabilities linked to parsing untrusted data. The Pixel 10 series devices mark the first to incorporate this memory-safe technology, setting the stage for enhanced security in future iterations.

Google: Google is a technology company that develops hardware, software, and services including the Pixel phone line and Android operating system. In this news, Google is implementing memory-safe programming practices by deploying a Rust-based DNS parser in Pixel 10’s modem firmware to address security vulnerabilities in cellular baseband code.
hickory-proto library: Hickory-proto is a foundational DNS protocol library written in Rust that provides DNS client, server, and resolver functionality with memory safety guarantees. Google selected and modified this library specifically for bare metal and embedded use in Pixel 10’s modem, making it the core component of the new DNS parser deployment.

Memory Safety: Rust eliminates an entire class of memory safety vulnerabilities—such as buffer overflows and use-after-free errors—that have historically plagued C and C++ implementations in low-level firmware.
Attack Surface: DNS protocol implementation requires parsing of untrusted data from the network, making it a high-risk area for exploitation when implemented in memory-unsafe languages.
Cellular Modem Security: Cellular modems have become increasingly targeted by attackers and contain significant executable code, creating complex remote attack surfaces that require hardening.