Ads
Ads
Ads
Knox leverages a processor architecture known as ARM TrustZone. In TrustZone, there are two worlds, the Normal World, and the Secure World. Virtually all smartphone software as we know today still runs in Normal World. The Secure World is reserved for highly sensitive computations, and is used extensively by Knox for protecting enterprise confidential data.
Titan M's CPU is an ARM Cortex-M3 microprocessor specially hardened against side-channel attacks
TPM Mobile was rarely implemented in real devices primarily due to lack of trust in its software nature.
software-cum-hardware combo implementation appeared in ARM-based mobile CPUs by the name of TrustZone as a trade-off between hardware and software. Although widely adopted ARM TrustZone has also been considered as inadequate vis-a-vis TPM standards. After conducting a comparative analysis of various security standards, this paper proposes mTPM, a comprehensive security standard.
其實佢做connectivity check就應該會send埋HTTP request去qq dot com,因為有啲hotspot係用transparent proxy redirect人去captive portal,同埋captive portal唔一定係intranet入面。呢個某程度上可以係attack vector嚟,只要將qq dot com resolve去攻擊目標,就可以做到DDOS嘅效果,不過唔會有太大效果。
所以重點應該要擺返落114DNS到,因為114DNS配合中国嘅Root CA,可以MITM HTTPS session,可以間接解密加密通訊,或者setup phishing site。除咗privacy之外,亦有security concern。
TLDR 睇最後一段