Add Google Pixel 6 sources. Improve text.

2022-11-07 07:54:16 +00:00 · 2022-11-07 07:54:16 +00:00 · fb3892e7f5
commit fb3892e7f5
parent da7213e166
1 changed files with 25 additions and 12 deletions
--- a/about.html
+++ b/about.html
@ -71,36 +71,49 @@
 								<br>
 								They also include a
 								<a class="table-link" href="https://developer.android.com/training/articles/keystore#HardwareSecurityModule">hardware security module</a>
-								(Titan M2, improving on the first generation
+								(Titan M2, improving on the previous generation
 								<a class="table-link" href="https://security.googleblog.com/2018/10/building-titan-better-security-through.html">Titan M</a>)
 								which is extremely resistant to both remote and physical attacks due to being
 								completely isolated from the rest of the system, including the operating system.
 								Titan M2 ensures that the device cannot be remotely compromised by requiring the
 								side buttons of the device to be physically pressed for some sensitive operations.
 								Titan M2 also takes the role of
-								<a class="table-link" href="https://source.android.com/docs/security/best-practices/hardware#strongbox-keymaster">Android Strongbox Keymaster</a>,
+								<a class="table-link" href="https://source.android.com/docs/security/best-practices/hardware#strongbox-keymaster">Android StrongBox Keymaster</a>,
 								a <a class="table-link" href="https://source.android.com/docs/security/features/keystore">hardware-backed Keystore</a>
 								containing sensitive user keys which are unavailable to
-								the OS or apps running on it without authorisation from Titan M2 itself. Insider attack
-								resistance ensures that Titan M2 firmware can be flashed only if the user PIN/password
+								the OS or apps running on it without authorisation from Titan M2 itself.
+								<a class="table-link" href="https://android-developers.googleblog.com/2018/05/insider-attack-resistance.html">Insider attack
+								resistance</a> ensures that Titan M2 firmware can be flashed only if the user PIN/password
 								is already known, making it impossible to backdoor the device without already knowing
 								these secrets.<br>
 								<br>
-								Google Pixel device kernels are compiled with fine-grained, forward-edge control-flow
-								integrity and backward-edge control-flow integrity to prevent code reuse attacks against
-								the kernel. MAC address randomisation is implemented well, with minimal probe requests
-								and randomised initial sequence numbers.<br>
+								Google Pixel device kernels are compiled with
+								<a class="table-link" href="https://android-developers.googleblog.com/2018/10/control-flow-integrity-in-android-kernel.html"
+								>forward-edge control-flow integrity</a> and
+								<a class="table-link" href="https://security.googleblog.com/2019/10/protecting-against-code-reuse-in-linux_30.html"
+								>backward-edge control-flow integrity</a> to prevent code reuse attacks against
+								the kernel. MAC address randomisation is
+								<a class="table-link" href="https://android-developers.googleblog.com/2017/04/changes-to-device-identifiers-in.html"
+								>implemented well, along with minimal probe requests and randomised initial sequence numbers</a>.<br>
 								<br>
-								Google releases guaranteed monthly security updates, ensuring Google Pixel devices are
+								Google releases
+								<a class="table-link" href="https://source.android.com/docs/security/bulletin/pixel/"
+								>guaranteed monthly security updates</a>, ensuring Google Pixel devices are
 								up-to-date and quickly protected against security vulnerabilities.<br>
 								<br>
 								Pixel 6-series devices are a large improvement over the already very secure and private
 								previous generation Pixel devices. They replace ARM-based Titan M with RISC-V-based Titan M2,
 								reducing trust by removing ARM from the equation. Titan M2 is more resiliant to attacks than
-								Titan M, and is AVA_VAN.5 certified, the highest level of vulnerability assessment. Google's
+								Titan M, and is
+								<a class="table-link" href="https://www.tuv-nederland.nl/assets/files/cerfiticaten/2022/09/nscib-cc-22-0228971-cert-final.pdf"
+								>AVA_VAN.5 certified</a>, the highest level of vulnerability assessment. Google's
 								in-house Tensor SoC includes Tensor Security Core, further improving device security.<br>
-								Pixel 6-series devices are supported for a minimum of 5 years from launch, an increase from
-								previous generations' support lifecycles of 3 years.</td>
+								Pixel 6-series devices are supported for a
+								<a class="table-link" href="https://support.google.com/nexus/answer/4457705#zippy=%2Cpixel-and-later"
+								>minimum of 5 years from launch</a>, an increase from
+								previous generations'
+								<a class="table-link" href="https://support.google.com/nexus/answer/4457705#zippy=%2Cpixel-xl-a-a-g-and-a-g"
+								>support lifecycles of 3 years</a>.</td>
 						</tr>
 				</table>
 		<br>