Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @DanielMicay
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @DanielMicay
-
Prikvačeni tweet
The newly created
@GrapheneOS handle will be used for official project announcements. I'll continue to use this personal account to talk about GrapheneOS development work and security research. I'll be retweeting all the announcements here, so it'll remain a subset of this feed.Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
DanielMicay proslijedio/la je Tweet
GrapheneOS 2020.02.04.01 release: https://grapheneos.org/releases#2020.02.04.01 ….
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
DanielMicay proslijedio/la je Tweet
HWASAN (think of it as ASAN v2) has become available to developers on Android outside of Google. If you use C or C++ on Android, please give it a try. https://developer.android.com/ndk/guides/hwasan … HWASAN is also available on Aarch64 Linux with a recent kernel.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
DanielMicay proslijedio/la je Tweet
Thrilled to see that our fuzzing efforts are now also described at https://www.sqlite.org/testing.html .pic.twitter.com/gHpL6BwhNU
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
DanielMicay proslijedio/la je Tweet
GrapheneOS 2020.01.06.21 release: https://grapheneos.org/releases#2020.01.06.21 ….
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Initial implementation of secure time updates for GrapheneOS from Renlord: https://github.com/GrapheneOS/platform_frameworks_base/commit/7cfbd3f50f41220cb09f417c71fff85b5c9e30e8 … To avoid regressions, it won't be validating certificate issuance / expiry times, so it can still fix significant time issues. Could add validation based on OS build date later.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
DanielMicay proslijedio/la je Tweet
Starting a function name with “is” or “to” followed by a letter in C is undefined behavior
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
DanielMicay proslijedio/la je Tweet
GrapheneOS 2019.12.02.23 release: https://grapheneos.org/releases#2019.12.02.23 ….
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Titan M StrongBox keystore implementation uses sha256 of the Android Verified Boot key in the pkmd.bin format generated by avbtool. Qualcomm used something more complicated and may have switched to using a simple sha256 instead. It shouldn't change on existing devices though...
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The verified boot key fingerprint is included in the normal hardware-based attestation, unlike the device model, and it's not supposed to change. Qualcomm may have changed how they calculate the fingerprint in their keymaster and some vendors are shipping this breaking change...
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The app uses the verified boot key fingerprint as a key to look up the device in the database of known devices. It uses this to identify the device model and obtain the other information needed to verify the device, including which workarounds to apply for device-specific quirks.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
It would be helpful if people submitted more samples from the OnePlus 7 Pro with Auditor. See https://attestation.app/tutorial#expanding-device-support … for instructions. It appears that OnePlus may have shipped an update changing the calculation of the verified boot key fingerprint, so it's failing verification.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Devices using the Snapdragon SPU for the StrongBox keymaster could provide similar other features, but they'll probably be missing the neat approach to insider attack protection. Titan M firmware updates can only be done after the owner account is successfully unlocked on boot.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Other Titan M features: * Weaver, which enforces an exponentially increasing delay for decryption attempts * Protects state for bootloader lock mode, OS verified boot key / rollback index, factory reset protection * Insider attack protection (firmware updates require owner auth)
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
It's an HSM-based keystore with far better security than the traditional TEE keystore. On Pixels (3, 3 XL, 3a, 3a XL, 4, 4 XL), the StrongBox keystore is one of the features provided by the Titan M. I assume it's provided via the Snapdragon 855 SPU on the Snapdragon Note 10/10+.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Snapdragon Galaxy Note 10 and Note 10+ are the first non-Pixel devices supported by Auditor with a StrongBox keystore. Samples from the Auditor hardware survey which were used to add support ('Submit sample data' option in menu): https://github.com/GrapheneOS/AttestationSamples/tree/103c84f0db068ac66c05ce2d8be9255f4fdef116/SM-N970U … https://github.com/GrapheneOS/AttestationSamples/tree/103c84f0db068ac66c05ce2d8be9255f4fdef116/SM-N975U …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
DanielMicay proslijedio/la je Tweet
Auditor app version 17 released: https://github.com/GrapheneOS/Auditor/releases/tag/17 …. See the linked release notes for a summary of the notable changes and a link to the full list of commits. See https://attestation.app/about and https://attestation.app/tutorial for info about the app and optional monitoring service.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
DanielMicay proslijedio/la je Tweet
GrapheneOS 2019.11.05.23 release: https://grapheneos.org/releases#2019.11.05.23 ….
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Custom hardware based on an SoC reference model for Android would be a great starting point, but one of the concerns that I've had is that the Titan M will be missing and it's unrealistic for GrapheneOS or our partners to take on the burden of implementing an equivalent to it.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.