Google’s Android Red Team Had a Full Pixel 6 Pwn Before Launch

When Google launched the Pixel 6 and 6 Pro in October 2021, key features included its custom Tensor system-on-a-chip processor and the security benefits of its onboard Titan M2 security chip. At the Black Hat security conference in Las Vegas today, members of the Android red team are recounting their mission to hack and break as much as they could in the Pixel 6 firmware before launch—a task they accomplished. The Android red team, which primarily vets Pixel products, caught a number of important flaws while attempting to attack the Pixel 6. “This is the first proof of concept ever to be publicly talked about getting end-to-end code execution on the M2 Titan chip,” Farzan Karimi, one of the red team leads, told WIRED ahead of the talk. The Pixel developers wanted a red team to focus these types of efforts on them, and they were able to patch the exploits in this chain prior to release.” The researchers say that the Android red team prioritizes not just finding vulnerabilities but spending time developing real exploits for the bugs.