At the moment the only option for us with full verified boot other than Nexus / Pixel devices would be having our own device manufactured...
There's all sorts of tampering that can be done that wouldn't be detected, like adding touchscreen equivalent of a keylogger.
-
-
If you want to protect integrity of the delivery, live stream video from inside the container from moment of shipping until arrival.
-
If they need to open up the device and physically tamper with it, that's a big improvement over the current state of things.
-
Should at least be defending against attackers without the resources to design and stealthily apply some kind of hardware implant.
-
Detection of physical tampering is also something that devices will probably end up being able to include in their attestation results.
-
An attacker could extract the key used for attestation from the hardware. The point is to make it more expensive / difficult to do this.
-
We're not solely focused on trying to defend against sophisticated attackers doing very expensive, targeted attacks.
-
There are other niches for us like someone concerned about being spied on by a family member and Android / iOS both handle that very poorly.
-
Features don't have to be useful vs a $200k investment by the NSA, etc. to do a targeted attack on a specific person to be valuable.
- 4 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.