Want to create an interactive transcript for this episode?
Podcast: Chaos Computer Club - recent audio-only feed
Episode: Not To Be Trusted - A Fiasco in Android TEEs (39c3)
Description: Trusted Execution Environments (TEEs) based on ARM TrustZone form the backbone
of modern Android devices' security architecture. The word "Trusted" in
this context means that **you**, as in "the owner of the device", don't
get to execute code in this execution environment. Even when you unlock
the bootloader and Magisk-root your device, only vendor-signed code will
be accepted by the TEE. This unfortunate setup limits third-party
security research to the observation of input/output behavior and static
manual reverse engineering of TEE components.
In this talk, we take you with us on our journey to regain power over
the highest...