Printer's avatar
Printer GoBrrr@printer.gobrrr.me 8 months ago
Of course you can do all of that and then have a makeshift "probably secure" signer for not very critical stuff. But the sheer amount of components in a smartphone will always be a blind spot imo. Building your own dedicated signer from general purpose hardware used with peer reviewed, and proven open-source software will always be a superior approach, just less convenient.
↑ Parent

Replies (1)

Zaikaboy's avatar
Zaikaboy 8 months ago
You are not suggesting anything bad but you are condemning an approach that is cheap and as secure as most, if not all as long as the user is sensible. Which is where all systems fail, eventually