Replies: 3 comments
-
|
Good idea, I've thought about it before too, but I didn't know how to make it happen. |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
There already seems to be an proof of concept for this idea https://github.com/vocolboy/RemoteKeyAttestation https://xdaforums.com/t/tricky-store-bootloader-keybox-spoofing.4683446/page-423#post-90511378 |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
Yes, that is what we are working on to defeat RKP. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
There's some recent exploits that let us have root with a locked bootloader. So TEE is happy, no keyboxes are swapped and hardware attestation doesn't fail.
But, those are exploits that will be patched quickly. And it will be hard to do OTAs unless you keep your phone on an old version.
Is it possible to proxy all TEE operations from a good device to another?
It probably makes it easier than finding leaked keyboxes, or pitifully extracting your own.
Instead you have an old device you keep on 24/7 .
Beta Was this translation helpful? Give feedback.
All reactions