Add sources.
This commit is contained in:
parent
c0e2332b7c
commit
eafec813ac
19
about.html
19
about.html
@ -65,17 +65,22 @@
|
|||||||
which prevents an adversary from rolling back the OS or firmware version to a
|
which prevents an adversary from rolling back the OS or firmware version to a
|
||||||
previous version with known security vulnerabilities.<br>
|
previous version with known security vulnerabilities.<br>
|
||||||
<br>
|
<br>
|
||||||
They also include a hardware security module
|
They also include a
|
||||||
(Titan M2, improving on the first generation <a class="table-link" href="https://security.googleblog.com/2018/10/building-titan-better-security-through.html">Titan M</a>)
|
<a class="table-link" href="https://developer.android.com/training/articles/keystore#HardwareSecurityModule">hardware security module</a>
|
||||||
|
(Titan M2, improving on the first generation
|
||||||
|
<a class="table-link" href="https://security.googleblog.com/2018/10/building-titan-better-security-through.html">Titan M</a>)
|
||||||
which is extremely resistant to both remote and physical attacks due to being
|
which is extremely resistant to both remote and physical attacks due to being
|
||||||
completely isolated from the rest of the system, including the operating system.
|
completely isolated from the rest of the system, including the operating system.
|
||||||
Titan M2 ensures that the device cannot be remotely compromised by requiring the
|
Titan M2 ensures that the device cannot be remotely compromised by requiring the
|
||||||
side buttons of the device to be physically pressed for some sensitive operations.
|
side buttons of the device to be physically pressed for some sensitive operations.
|
||||||
Titan M2 also takes the role of Android Strongbox keystore, containing sensitive user
|
Titan M2 also takes the role of
|
||||||
keys which are unavailable to the OS or apps running on it without authorisation from
|
<a class="table-link" href="https://source.android.com/docs/security/best-practices/hardware#strongbox-keymaster">Android Strongbox Keymaster</a>,
|
||||||
Titan M2 itself. Insider attack resistance ensures that Titan M2 firmware can be flashed
|
a <a class="table-link" href="https://source.android.com/docs/security/features/keystore">hardware-backed Keystore</a>
|
||||||
only if the user PIN/password is already known, making it impossible to backdoor the device
|
containing sensitive user keys which are unavailable to
|
||||||
without already knowing these secrets.<br>
|
the OS or apps running on it without authorisation from Titan M2 itself. Insider attack
|
||||||
|
resistance ensures that Titan M2 firmware can be flashed only if the user PIN/password
|
||||||
|
is already known, making it impossible to backdoor the device without already knowing
|
||||||
|
these secrets.<br>
|
||||||
<br>
|
<br>
|
||||||
Google Pixel device kernels are compiled with fine-grained, forward-edge control-flow
|
Google Pixel device kernels are compiled with fine-grained, forward-edge control-flow
|
||||||
integrity and backward-edge control-flow integrity to prevent code reuse attacks against
|
integrity and backward-edge control-flow integrity to prevent code reuse attacks against
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user