I still think that #GrapheneOS should not chain themselves to a single vendor but rather release actual proper specs for support.
-
I still think that #GrapheneOS should not chain themselves to a single vendor but rather release actual proper specs for support.
- Otherwise we'll continue to see lazy ripoffs / rebadgings of their #ROM / #Android - #distro instead.
I also doubt that #Motorola will release any affordable device with @GrapheneOS support.
- And I'm not even talking about their ≤€250 retail budget phones they neglect and refuse to update, but rather anything in the ≤ €500 price bracket.
- Pretty shure only ≥ €1k devices will get any chance of that, making it even more classist.
And unlike @tails_live / @tails / #Tails dropping #32bit support amidst the fact that there are almost no #32bitOnly machines that can run it, I don't see the benefit of trusting into an unauditable blackbox of a "#SecurityChip".
- I'm shure @stman could run entire semester-long classes at a university explaining why this blatant violation of #KerckhoffsPrinciple is irredeemably bad, but I digress…
-
I still think that #GrapheneOS should not chain themselves to a single vendor but rather release actual proper specs for support.
- Otherwise we'll continue to see lazy ripoffs / rebadgings of their #ROM / #Android - #distro instead.
I also doubt that #Motorola will release any affordable device with @GrapheneOS support.
- And I'm not even talking about their ≤€250 retail budget phones they neglect and refuse to update, but rather anything in the ≤ €500 price bracket.
- Pretty shure only ≥ €1k devices will get any chance of that, making it even more classist.
And unlike @tails_live / @tails / #Tails dropping #32bit support amidst the fact that there are almost no #32bitOnly machines that can run it, I don't see the benefit of trusting into an unauditable blackbox of a "#SecurityChip".
- I'm shure @stman could run entire semester-long classes at a university explaining why this blatant violation of #KerckhoffsPrinciple is irredeemably bad, but I digress…
@kkarhan @GrapheneOS @tails@fosstodon.org_live@venera.social @tails @stman Security chip is the most important part of Android security model. Without it, verified boot, anti brute force password and many features won’t work. Titan M2 is a variant of OpenTitan like Chrome is a variant of Chromium. It’s much more transparent than other security chips.
-
@kkarhan @GrapheneOS @tails@fosstodon.org_live@venera.social @tails @stman Security chip is the most important part of Android security model. Without it, verified boot, anti brute force password and many features won’t work. Titan M2 is a variant of OpenTitan like Chrome is a variant of Chromium. It’s much more transparent than other security chips.
@a53bdb @stman which makes @GrapheneOS's claims that they 'necessitate' it copletely pointless…
- Also you can't audit the integrity of it down to the last transistor!
-
I still think that #GrapheneOS should not chain themselves to a single vendor but rather release actual proper specs for support.
- Otherwise we'll continue to see lazy ripoffs / rebadgings of their #ROM / #Android - #distro instead.
I also doubt that #Motorola will release any affordable device with @GrapheneOS support.
- And I'm not even talking about their ≤€250 retail budget phones they neglect and refuse to update, but rather anything in the ≤ €500 price bracket.
- Pretty shure only ≥ €1k devices will get any chance of that, making it even more classist.
And unlike @tails_live / @tails / #Tails dropping #32bit support amidst the fact that there are almost no #32bitOnly machines that can run it, I don't see the benefit of trusting into an unauditable blackbox of a "#SecurityChip".
- I'm shure @stman could run entire semester-long classes at a university explaining why this blatant violation of #KerckhoffsPrinciple is irredeemably bad, but I digress…
@kkarhan I think, the security chip does exactly, what kerkhoff tells us: keep the keys secret
-
@kkarhan I think, the security chip does exactly, what kerkhoff tells us: keep the keys secret
@Kurt It violates said principöle by being obscure on it's own and not fully opensource'd!
- Just like #CensorBoot aka. #TPM it is thus not to be trusted!
-
@kkarhan @GrapheneOS @tails@fosstodon.org_live@venera.social @tails @stman Security chip is the most important part of Android security model. Without it, verified boot, anti brute force password and many features won’t work. Titan M2 is a variant of OpenTitan like Chrome is a variant of Chromium. It’s much more transparent than other security chips.
@a53bdb @kkarhan @GrapheneOS @tails Until we have "End-User verifiable free integrated circuits", all these tremendos efforts of GrapheneOS devs can be annihilated by just a single hardware backdoor in any IC composing those smartphones.
And here I ask you the question : Will hackers start worrying about empowering end-users with the power to verify their ICs one day ?
Ok, it's a lot of organizational work.
But it is existential !
-
R relay@relay.infosec.exchange shared this topic
