|
|
|
|
|
|
by 0x0359463
2363 days ago
|
|
|
So Google Titan keys have a pretty bad track record when it comes to security: https://www.engadget.com/2019/05/15/google-recalls-some-tita... It's not possible to have a provable chain of trust on hardware as others have mentioned in the thread, even in the device you mentioned there is no proof that the code the manufacturer intended to run on device is the same code running on the device. Also its closed source so you wouldn't even know what code they intended to run. In fact with Google Titan you have lots of other issues like that it's actually just a rebranded Feitian key, a China based company with unknown supply chain or possibly even China govt mandated backdoor. More on that here https://www.securitynewspaper.com/2018/09/06/experts-ask-goo... You can check out the hardware of your key here, there is no tamperproofing at all. http://hexview.com/~scl/titan/ |
|
|