I need a Pixel 3 for advancing my mobile security research. I don't have access to a current generation mobile device with a Snapdragon 845, the Linux 4.9 LTS with CFI and a StrongBox keymaster implementation.
Bitcoin address for contributing: 34J5mcUveTUr99ZNB2SnFxCPFjXQCAxyuB.
Conversation
Replying to
Adding support for next generation devices to github.com/AndroidHardeni should be easy but l need access to at least one device rather than just attestation sample submissions from users.
I'll also need it for testing and integrating OS hardening work like github.com/AndroidHardeni.
2
This Tweet was deleted by the Tweet author. Learn more
Replying to
It's "STRONGLY RECOMMENDED" by the CDD (source.android.com/compatibility/) but it isn't mandatory.
It's likely that many or even most other phones won't provide it because they cut corners on security and avoid doing much more than the bare minimum required by the contract with Google.
Show replies
Replying to
A user build of AOSP using github.com/anestisb/andro that's signed with properly secured release keys.
It needs to be a phone with full security updates available and support for using hardware security features with another OS. Can't do much if the hardware has garbage security.
1
2
Show replies
Replying to
Nice idea asking for BTC for your work... Where's your bc1 address though? That's not a real Segwit one😋
1
Replying to
For now, it's just to raise the money to buy a Pixel 3 rather than funding any work. I won't need both models yet since I don't have the resources to work on a broader OS hardening project with releases for devices.
It's not worth it to publish both a P2SH and Bech32 address.
1
Show replies
This Tweet is from a suspended account. Learn more