The model of depending on Google and then getting wiped out when they crack down on piracy and use of their services without permission?
Maybe so, but the security model is not something I'm interested in preserving. It's superfluous with individual sandboxes.
-
-
It still matters even with one app per sandbox. Breaking the IPC security breaks down stuff like the Chromium / WebView sandbox.
-
There are internal security boundaries, and the internal sandboxes are higher quality than a container or a VM with GPU, etc. exposed to it.
-
Who said anything about exposing GPU?
-
It depends on which apps you want to run. Lots aren't going to work well without GPU acceleration.
-
And BTW, SafetyNet means that banking apps, etc. aren't going to be viable in a sandbox like this w/o licensing Play Services from Google.
-
And apps deciding to adopt SafetyNet for fairly stupid reasons like Snapchat (screenshot prevention... ignoring the trivial analog hole).
-
Emulate ancient device that can't do safetynet robustly (no hardware support).
-
That works in the near term. Only extremely recent devices have stuff like the key attestation API. Can't keep it working reliably though.
- 9 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.