[Replicant] Android Platform Security Model

Federico Leva (Nemo) nemowiki at gmail.com
Fri May 10 17:27:00 UTC 2019


Denis 'GNUtoo' Carikli, 10/05/19 18:44:
> Does it contains information about the bootloader security requirements?

It briefly discussed the "verified boot"; plus, "As such, only 
CDD-compliant devices are considered. While many devices support 
unlocking their bootloader and flashing modified firmware , such 
modifications may be considered incompatible under CDD if security 
assurances do not hold. Verified boot and hardware key attestation can 
be used to validate if currently running firmware is in a known-good 
state, and in turn may influence consent decisions by users and developers".

And I thought the "trusted computing" hype was over a decade ago. :)

Federico


More information about the Replicant mailing list