Inferencium/website
1
0
Fork 0
Code Issues Activity

Add Google Pixel 6 sources. Improve text.

Browse Source
This commit is contained in:
inference 2022-11-07 07:54:16 +00:00
parent da7213e166
commit fb3892e7f5
1 changed files with 25 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
about.html
View File

@ -71,36 +71,49 @@
<br> <br>
They also include a They also include a
<a class="table-link" href="https://developer.android.com/training/articles/keystore#HardwareSecurityModule">hardware security module</a> <a class="table-link" href="https://developer.android.com/training/articles/keystore#HardwareSecurityModule">hardware security module</a>
(Titan M2, improving on the first generation (Titan M2, improving on the previous generation
<a class="table-link" href="https://security.googleblog.com/2018/10/building-titan-better-security-through.html">Titan M</a>) <a class="table-link" href="https://security.googleblog.com/2018/10/building-titan-better-security-through.html">Titan M</a>)
which is extremely resistant to both remote and physical attacks due to being which is extremely resistant to both remote and physical attacks due to being
completely isolated from the rest of the system, including the operating system. completely isolated from the rest of the system, including the operating system.
Titan M2 ensures that the device cannot be remotely compromised by requiring the Titan M2 ensures that the device cannot be remotely compromised by requiring the
side buttons of the device to be physically pressed for some sensitive operations. side buttons of the device to be physically pressed for some sensitive operations.
Titan M2 also takes the role of Titan M2 also takes the role of
<a class="table-link" href="https://source.android.com/docs/security/best-practices/hardware#strongbox-keymaster">Android Strongbox Keymaster</a>, <a class="table-link" href="https://source.android.com/docs/security/best-practices/hardware#strongbox-keymaster">Android StrongBox Keymaster</a>,
a <a class="table-link" href="https://source.android.com/docs/security/features/keystore">hardware-backed Keystore</a> a <a class="table-link" href="https://source.android.com/docs/security/features/keystore">hardware-backed Keystore</a>
containing sensitive user keys which are unavailable to containing sensitive user keys which are unavailable to
the OS or apps running on it without authorisation from Titan M2 itself. Insider attack the OS or apps running on it without authorisation from Titan M2 itself.
resistance ensures that Titan M2 firmware can be flashed only if the user PIN/password <a class="table-link" href="https://android-developers.googleblog.com/2018/05/insider-attack-resistance.html">Insider attack
resistance</a> ensures that Titan M2 firmware can be flashed only if the user PIN/password
is already known, making it impossible to backdoor the device without already knowing is already known, making it impossible to backdoor the device without already knowing
these secrets.<br> these secrets.<br>
<br> <br>
Google Pixel device kernels are compiled with fine-grained, forward-edge control-flow Google Pixel device kernels are compiled with
integrity and backward-edge control-flow integrity to prevent code reuse attacks against <a class="table-link" href="https://android-developers.googleblog.com/2018/10/control-flow-integrity-in-android-kernel.html"
the kernel. MAC address randomisation is implemented well, with minimal probe requests >forward-edge control-flow integrity</a> and
and randomised initial sequence numbers.<br> <a class="table-link" href="https://security.googleblog.com/2019/10/protecting-against-code-reuse-in-linux_30.html"
>backward-edge control-flow integrity</a> to prevent code reuse attacks against
the kernel. MAC address randomisation is
<a class="table-link" href="https://android-developers.googleblog.com/2017/04/changes-to-device-identifiers-in.html"
>implemented well, along with minimal probe requests and randomised initial sequence numbers</a>.<br>
<br> <br>
Google releases guaranteed monthly security updates, ensuring Google Pixel devices are Google releases
<a class="table-link" href="https://source.android.com/docs/security/bulletin/pixel/"
>guaranteed monthly security updates</a>, ensuring Google Pixel devices are
up-to-date and quickly protected against security vulnerabilities.<br> up-to-date and quickly protected against security vulnerabilities.<br>
<br> <br>
Pixel 6-series devices are a large improvement over the already very secure and private Pixel 6-series devices are a large improvement over the already very secure and private
previous generation Pixel devices. They replace ARM-based Titan M with RISC-V-based Titan M2, previous generation Pixel devices. They replace ARM-based Titan M with RISC-V-based Titan M2,
reducing trust by removing ARM from the equation. Titan M2 is more resiliant to attacks than reducing trust by removing ARM from the equation. Titan M2 is more resiliant to attacks than
Titan M, and is AVA_VAN.5 certified, the highest level of vulnerability assessment. Google's Titan M, and is
<a class="table-link" href="https://www.tuv-nederland.nl/assets/files/cerfiticaten/2022/09/nscib-cc-22-0228971-cert-final.pdf"
>AVA_VAN.5 certified</a>, the highest level of vulnerability assessment. Google's
in-house Tensor SoC includes Tensor Security Core, further improving device security.<br> in-house Tensor SoC includes Tensor Security Core, further improving device security.<br>
Pixel 6-series devices are supported for a minimum of 5 years from launch, an increase from Pixel 6-series devices are supported for a
previous generations' support lifecycles of 3 years.</td> <a class="table-link" href="https://support.google.com/nexus/answer/4457705#zippy=%2Cpixel-and-later"
>minimum of 5 years from launch</a>, an increase from
previous generations'
<a class="table-link" href="https://support.google.com/nexus/answer/4457705#zippy=%2Cpixel-xl-a-a-g-and-a-g"
>support lifecycles of 3 years</a>.</td>
</tr> </tr>
</table> </table>
<br> <br>