Jeff Fortin T. (風の庭園のNekohayo)2d ago

Looking at https://support.google.com/pixelphone/answer/6300638 and https://www.androidcentral.com/how-does-android-save-your-fingerprints, I'm curious what y'all think about modern #Android devices' "Trusted Execution Environment" storing #fingerprints (for authentication, unlocking, etc.) in, allegedly, a TPM-backed secure enclave that the OS doesn't have access to (really?)… For Pixel phones, Google claims biometrics never leave the TEE enclave, never touch servers, etc.

I wouldn't use it to travel… but local? I saw some geek friends using it.

#biometrics #security

It's fine even for travel, just poweroff/Lockdown
It's fine for local use (not travel)
I'm unsure / I don't know
Absolutely don't trust the system!
Poll ends at .
Understand fingerprint security - Pixel Phone Help

Your fingerprint data is stored securely and never leaves your Pixel device or Nexus phone. Your fingerprint data isn't shared with Google or any apps on your device. Apps are notified only wheth

Show threadJasper Vinkenvleugel

@nekohayo on Arm, this uses TrustZone: https://source.android.com/docs/security/features/trusty

For my master’s thesis I worked a bit on hardware security, specifically side-channel analysis, and at the same time someone else in the group was working on clock glitching and TrustZone if I remember correctly. From this, my takeaway is: actually leaking anything useful is at the same really easy and really hard, at least from a hardware perspective.

Trusty TEE  |  Android Open Source Project

Android Open Source Project
Jun 16 at 6:09amWeb