[Replicant] Trustonic TEE in Samsung SoCs
Bob Summerwill
bob at summerwill.net
Sat Mar 5 15:54:11 UTC 2016
Thanks for the extra context, guys.
Much appreciated!
On Sat, Mar 5, 2016 at 1:46 AM, Paul Kocialkowski <contact at paulk.fr> wrote:
> Le mardi 01 mars 2016 à 11:02 -0800, Blibbet a écrit :
> > On 02/29/2016 09:16 PM, Bob Summerwill wrote:
> > [...]
> > > * Samsung KNOX, using Trustonic's TEE (
> > > https://www.trustonic.com/technology/trusted-execution-environment)
> which
> > > sounds much like the notorious Intel ME to me. Does anybody here
> have
> > > experience of Trustonic TEE, and can confirm that. or explain what it
> does
> > > better than me? I think it's more proprietary software on-silicon,
> > which
> > > constrains what you can run on your own device.
> > [..]
> >
> >
> https://en.wikipedia.org/wiki/Trusted_execution_environment#Implementations
> >
> > Most ARM chips have TrustZone or some other TEE. Most Intel systems have
> > a Mangement Engine. Most AMD systems have a Platform Security
> > Processor. There are open source implementations of TEE, like OP-TEE.
> > TEEs protect 'untrusted' software stacks (Windows, Linux, Android,
> > etc.). It can be helpful for security, and may also be misused by
> > attackers to abuse security and privacy. It is 'notorious' if you want
> > to reconfigure a system in a way that the vendor would consider
> > something more a security attack than a normal use case of a consumer.
> :-(
>
> TruztZone and TEE are not inherently a bad thing indeed, but on some
> platforms,
> those are only available when bootrom signature verification is enforced.
>
> For instance on OMAP[0], TrustZone is only available on HS (High Security)
> devices that enforce signature verification, while it's disabled on GP
> (General
> Purpose) devices. In practice, it means that since we cannot replace the
> bootloader (the signature fuses are always already programmed on HS
> devices), we
> can't have control of TrustZone either on HS devices.
>
> On some other platforms (such as the i.MX53 and perhaps the latest Tegra
> platforms), the user can be in control of it. This is the case on the USB
> armory.
>
> Bear in mind that TEE on TrustZone is a separate system, running with more
> privileges (regarding hardware access) than the regular operating system.
> This
> is really bad for user's privacy and security. It is very likely that
> TrustZone
> TEE is actively used on most devices that enforce bootloader signature
> checks,
> (including those with Replicant support). This is yet another very strong
> reasons to focus on devices that are able to run free bootloaders.
>
> [0]: https://e2e.ti.com/support/omap/f/849/t/58680
>
> --
> Paul Kocialkowski, Replicant developer
>
> Replicant is a fully free Android distribution running on several
> devices, a free software mobile operating system putting the emphasis on
> freedom and privacy/security.
>
> Website: https://www.replicant.us/
> Blog: https://blog.replicant.us/
> Wiki/tracker/forums: https://redmine.replicant.us/
>
> _______________________________________________
> Replicant mailing list
> Replicant at lists.osuosl.org
> http://lists.osuosl.org/mailman/listinfo/replicant
>
>
--
bob at summerwill.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osuosl.org/pipermail/replicant/attachments/20160305/10e6483c/attachment.html>
More information about the Replicant
mailing list