Mobile phones become more powerful, more users will store sensitive information, in order to resist the phone's internal attacks (Insider attack), Google 2 for full data encryption technology in their own phones Pixel, and be protected by secure hardware, Google said, As long as the hackers do not have the lock password of the device, it is impossible to change the firmware to crack the device unless the device data is erased.
Google encrypts all data in the Pixel device, and also uses secure hardware to protect the encryption key. When the user enters the correct password, the device will unlock the data. The high security of the security hardware is responsible for checking the user's password, and for the prevention The brute force method, the firmware will also limit the speed of the password input, improve the attack difficulty.
In order to prevent the malware from replacing the firmware of the secure hardware, digital signatures have also been used to protect it. Google stated that there are two ways to crack the digital signature and replace the firmware of the hardware. First, the hacker discovered the digital signature check. The program's loopholes and cracks, and the other is to obtain digital signature access rights, in order to make the malware become legitimate applications. But Google mentioned that this digital signature checking software is small and isolated, through careful inspection, to crack It's not easy.
However, the existence and access of digital signature keys is another problem. The past security design concept was to store these keys in a secure location and limit the number of people with access to protect these keys. This approach has its advantages, but Google believes that in the enterprise, this approach puts pressure on these people and allows them to directly face attacks and suffer social engineering attacks. It is not only dangerous for employees, but also for user data. There is also great risk.
To solve this problem, Google uses tamper-proof module technology at Pixel to protect keys against internal attacks. This will prevent hackers from writing malicious software to stolen or lost devices without the help of users. That is, unless you enter the correct password on the device, it is not possible to perform a firmware update. Google stated that the only way to update the firmware on a locked pixel is to erase data from the device. This situation occurs when the user updates the device for an update.
The Android security team believes that internal attack defense is an important strategy for protecting user data. Google demonstrated this technology on its own device, Pixel 2, and suggested that all Android device manufacturers adopt the same method to protect user data.