(1) A unique key built into each device, which can't be read directly
by software, but which can be used to derive other keys (e.g. for disk
encryption) at a limited rate, slowing down brute-force attacks
against such keys.
(2) An effaceable area of flash storage where the operating system can
store encryption keys for the entire disk and/or individual files,
making it possible to securely delete the corresponding data without
having to smash the device into tiny little pieces.
(3) A pony.
Presuming the smartphone is ARM-based, and presuming if (1) is applied,
it'll probably have ARM TrustZone installed, then:
(4) Install a modern firmware on your smartphone, with useful security
features.
(4a) Linux-based Coreboot. or
(4b) UEFI.
Use UEFI's SecureBoot feature, to enhance your Linux/Android/B2G/etc OS,
something none of your competitors are doing, except MS/Win8. To do so,
you need TPM on x86 or TrustZone on ARM, and you need to get your OS
vendor to sign the firmware, and not let MS Win8 hardware logo
requirements confuse you.
Beyond the default TianoCore source, leverage Linaro's ARM-centric fork
of TianoCore, and Intel's MinnowBoard's UEFI which targets Linux
(Angstrom/Yocto), but neither of these Linux-centric UEFI targets
support the SecureBoot feature.
Extend the current UEFI SecureBoot feature, which only targets 1 OS, to
one that lets you securely boot more-than-1 OS, for systems that want to
securely multiboot a handful of OSes (not necessarily installed, but
later, if your device is open, your user may opt to install another
distro; your job is to gather certs of the major ones, so they can
securely boot the main distros.)
(5) Learn from FairPhone's model. Compete with them, by making something
*more* open.
Thanks.
--
Too many emails? Unsubscribe, change to digest, or change password by emailing
moderator at [email protected] or changing your settings at
https://mailman.stanford.edu/mailman/listinfo/liberationtech
