Add sources.

2022-11-03 05:24:14 +00:00 · 2022-11-03 05:24:14 +00:00 · eafec813ac
commit eafec813ac
parent c0e2332b7c
1 changed files with 12 additions and 7 deletions
--- a/about.html
+++ b/about.html
@ -65,17 +65,22 @@
 								which prevents an adversary from rolling back the OS or firmware version to a
 								previous version with known security vulnerabilities.<br>
 								<br>
-								They also include a hardware security module
-								(Titan M2, improving on the first generation <a class="table-link" href="https://security.googleblog.com/2018/10/building-titan-better-security-through.html">Titan M</a>)
+								They also include a
+								<a class="table-link" href="https://developer.android.com/training/articles/keystore#HardwareSecurityModule">hardware security module</a>
+								(Titan M2, improving on the first generation
+								<a class="table-link" href="https://security.googleblog.com/2018/10/building-titan-better-security-through.html">Titan M</a>)
 								which is extremely resistant to both remote and physical attacks due to being
 								completely isolated from the rest of the system, including the operating system.
 								Titan M2 ensures that the device cannot be remotely compromised by requiring the
 								side buttons of the device to be physically pressed for some sensitive operations.
-								Titan M2 also takes the role of Android Strongbox keystore, containing sensitive user
-								keys which are unavailable to the OS or apps running on it without authorisation from
-								Titan M2 itself. Insider attack resistance ensures that Titan M2 firmware can be flashed
-								only if the user PIN/password is already known, making it impossible to backdoor the device
-								without already knowing these secrets.<br>
+								Titan M2 also takes the role of
+								<a class="table-link" href="https://source.android.com/docs/security/best-practices/hardware#strongbox-keymaster">Android Strongbox Keymaster</a>,
+								a <a class="table-link" href="https://source.android.com/docs/security/features/keystore">hardware-backed Keystore</a>
+								containing sensitive user keys which are unavailable to
+								the OS or apps running on it without authorisation from Titan M2 itself. Insider attack
+								resistance ensures that Titan M2 firmware can be flashed only if the user PIN/password
+								is already known, making it impossible to backdoor the device without already knowing
+								these secrets.<br>
 								<br>
 								Google Pixel device kernels are compiled with fine-grained, forward-edge control-flow
 								integrity and backward-edge control-flow integrity to prevent code reuse attacks against