One Article Review
| Source |  GoogleSec |
|---|---|
| Identifiant | 8365763 |
| Date de publication | 2023-08-04 13:50:22 (vue: 2023-08-04 18:06:18) |
| Titre | Pixel Binary Transparence: Sécurité vérifiable pour les périphériques Pixels Pixel Binary Transparency: verifiable security for Pixel devices |
| Texte | Jay Hou, Software Engineer, TrustFabric (transparency.dev) Pixel Binary TransparencyWith Android powering billions of devices, we\'ve long put security first. There\'s the more visible security features you might interact with regularly, like spam and phishing protection, as well as less obvious integrated security features, like daily scans for malware. For example, Android Verified Boot strives to ensure all executed code comes from a trusted source, rather than from an attacker or corruption. And with attacks on software and mobile devices constantly evolving, we\'re continually strengthening these features and adding transparency into how Google protects users. This blog post peeks under the hood of Pixel Binary Transparency, a recent addition to Pixel security that puts you in control of checking if your Pixel is running a trusted installation of its operating system. Supply Chain Attacks & Binary TransparencyPixel Binary Transparency responds to a new wave of attacks targeting the software supply chain-that is, attacks on software while in transit to users. These attacks are on the rise in recent years, likely in part because of the enormous impact they can have. In recent years, tens of thousands of software users from Fortune 500 companies to branches of the US government have been affected by supply chain attacks that targeted the systems that create software to install a backdoor into the code, allowing attackers to access and steal customer data. |
| Envoyé | Oui |
| Condensat | merkle one pixel supply the try 500 about access added adding addition additionally affected against all allow allowing already also altered android anyone append are aspects assurance attacker attackers attacks attest audited auditing available backdoor backdoors because been before being beyond billions binary bittorrent blockchain blog boot branches build building but called can cannot case caught certain chain change changed changes check checked checking checks code comes comethe companies compare compromised compromises computations computed concepts confirm confirms consistency constantly containing contents context continually control corruption create cryptographic cryptographically customer daily data databases deeper deleted derived detail details detectable detection deterring dev device devices difficult documentation during each engineer enormous ensure entirety entries entry established even ever evolving example executed expands extracting factory features firmware first flag fortune forward from function further git goes google government groundwork grows guaranteed has hash hashes hashing have haven hood hou how however ideally image images images” impact implementation important included including inclusion increasing information insert inserted install installation integrated integrity interact intermediate iteration its jay keep keeping key know lays leaf learn leaves less level like likely log long longer look made make making malicious malware match mathematically meaning means merkle metadata might mobile modified more most multiple need never new node nodes nosql not now obvious official officially once only operating other outmost owners page part particular peeks perform performed personally phishing phone phone pixel pixels place possible post powering previous proactive process processes proof proofs proofsthere property protection protects prove provides public published put puts rather read recent records recursively regularly release released represents resilience responds rise root running runs safeguards same scans security set should show signature signed signing since single site software somewhere source spam steal strengthening strives structure supply sure system systems tampered targeted targeting technical tens than thanks that themselves then there these thoroughly those thousands through thus together top track transit transparency transparency: transparencypixel transparencywith transparent tree tree: trees trillian trust trusted trustfabric trusting two types under understand unofficially upon use used users validity value verifiable verified verifying version visible walk want wants wave way well what when whether which who will without won works workspixel would years your “factory |
| Tags | Spam |
| Stories | |
| Notes | ★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.