Hi,

A friend wants to degoogle his phone, so I suggested the OS I’m currently using. The one we can’t talk about… He wants a small/compact phone, so I suggested pixel 4a (not buying second hand though), but I’m afraid that planned obsolescence may kill the phone rather soon. What’s your opinion?

Cheers and thank you for your help,

  • jet@hackertalks.comEnglish
    1·
    1 年前

    https://learn.microsoft.com/en-us/windows/security/hardware-security/tpm/tpm-fundamentals

    Devices that incorporate a TPM can create cryptographic keys and encrypt them, so that the keys can only be decrypted by the TPM. This process, often called “wrapping” or “binding” a key, can help protect the key from disclosure.

    This is how cell phones and windows hello justify short pins, the pin goes into a rate limited TPM that then discloses a larger key to decrypt the actual secret.

    • delirious_owl
      2·
      1 年前

      Do you need me to link to the vulnerabilities of TPMs? They do not provide physical security.

        • delirious_owl
          2·
          1 年前

          Hardware keys can be used well to increase your secuirty (U2F MFA) or used to increase convienence and reduce security (passwordless auth)

          It depends how the tool is used.