freenode

Query

Channels

All channels

#grapheneos

Specific Channels

#access-news #amongus #ananumut #ansible-lockdown #aomedia #archlinux-cn #archlinux-cn-offtopic #asl-br #athallin #ays #binaryoutcast #blockcity #blohsh #bluespec #btpd #bugzilla #cafe-racer #carbslinux #celery #ckmp #columbus-elixir #coronavirus-updates #crux #crux-devel #danctnix-porting #darcs #datrs #dav1d #debian-malaysia #devuan-br #domogik #egyptgeeks #ember-csi #etm #exahype #fedora-coreos #fedora-riscv #firefox #firefox.de #foot-terminal #fosdem19newerlangs #fuchsia #ganesha #genode #geokrety #gitlab #glpxrp #gnl #gobolinux #godotengine-devel #grapheneos #grapheneos-offtopic #graylog #gyore-net.one #hackerspace-krk #haiku #hammerspoon #hpy #html5 #idk-development-kit #illumos #indico #indieweb #indieweb-dev #indieweb-wordpress #ipfs-events #itext #janitor #jenkins #kaniyam #keyboardio #kirc #kisslinux #kitesafe.de #linux-imx #linuxgurukulam #lkv373a #maemo-leste #mew #microformats #monero-pools #mozilla-uk #nentra #node.js #nogalliance #nomad-browser #obarun #octoprint #oggcamp2020 #oi-dev #omnios #opencog #openindiana #openlp #openmrs #opennebula #openocd #openscad #optimization_engine #osdev #ostc #otto #ozgurkon #ozgurkon-tartisma #palemoon #pipewire #popeyes #pulseaudio #py4web #quantumznc #quick-lint-js #realm.one #reflex-frp #riscv #ritmo-latinos #rocket #rocstreaming #ros #rust-embedded #salt #salt-image-builder #saltstack-formulas #scs.community #seamonkey #selenium #serenityos #sinsajo #sivntestrun #smartos #smoke #srain #stripe #surgesynth #svt #tamilirc #tangerine-testnet #tba-dev #tc39 #titandev #tr-linux #trainsplorer #twisted-dev #ubuntu-indonesia #ubuntu_unity #whatwg #xentaoslinux #zapps-wizards #zeronet #zettelkasten #zool-corp

When

All Time

Recently

Specific Range

Between

and

Who

Exclude Bots

Using

Natural Language

Exact Match (Slower)

• #grapheneos
• 02:05
  grapheneosbridge
  <basedmeow:matrix.org> > <@strcat:grapheneos.org> and even US gov coercing Google to sign malicious Titan M firmware that bypasses the limit does NOT bypass this for the owner account because owner account must authenticate successfully to upgrade the firmware
• 02:05
  grapheneosbridge
  <basedmeow:matrix.org> Is the current Titan M firmware open source?

• #grapheneos
• 21:36
  grapheneosbridge
  <entry1:matrix.org> Interesting. So one couldn't theoretically clone the device to try bruteforcing on several devices (before all the time delays) because the Weaver token/key because it is located in the secure element/Titan M.
• 21:36
  grapheneosbridge
  <entry1:matrix.org> Interesting. So one couldn't theoretically clone the device to try bruteforcing on several devices (before all the time delays) since the Weaver token/key is located in the secure element/Titan M.
• 21:47
  grapheneosbridge
  <strcat:grapheneos.org> physical access + compromise OS completely -> you're still only making 1 attempt / day after it quickly throttles up to that, unless you can compromise the Titan M
• 21:48
  grapheneosbridge
  <strcat:grapheneos.org> and even US gov coercing Google to sign malicious Titan M firmware that bypasses the limit does NOT bypass this for the owner account because owner account must authenticate successfully to upgrade the firmware

• #grapheneos
• 05:14
  grapheneosbridge
  <len:monero.social> can the Titan M chip be trusted despite it being a black box security chip?
• 05:15
  grapheneosbridge
  <len:monero.social> Google promised to release the source code for the Titan M firmware years ago, but so far hasn't delivered on that promise to this day
• 05:15
  grapheneosbridge
  <len:monero.social> > Finally, in the interest of transparency, the Titan M firmware source code will be publicly available soon. While Google holds the root keys necessary to sign Titan M firmware, it will be possible to reproduce binary builds based on the public source for the purpose of binary transparency.
• 05:15
  grapheneosbridge
  <len:monero.social> > Finally, in the interest of transparency, the Titan M firmware source code will be publicly available soon. While Google holds the root keys necessary to sign Titan M firmware, it will be possible to reproduce binary builds based on the public source for the purpose of binary transparency.
• 05:16
  grapheneosbridge
  <len:monero.social> > Finally, in the interest of transparency, the Titan M firmware source code will be publicly available soon. While Google holds the root keys necessary to sign Titan M firmware, it will be possible to reproduce binary builds based on the public source for the purpose of binary transparency.
• 05:33
  grapheneosbridge
  <leeya:kde.org> > <@len:monero.social> Google promised to release the source code for the Titan M firmware years ago, but so far hasn't delivered on that promise to this day
• 06:04
  grapheneosbridge
  <anupritaisno1:m.apex.to> kelmscott: the security properties of the titan m can be verified regardless

• #grapheneos
• 10:45
  grapheneosbridge
  <mynacol:mynacol.xyz> Equally, the Titan M chip in Pixels is like a separate system guarding storage and other encryption keys, enforcing timeouts (bruteforce prevention) etc. Look around the grapheneos.org site for more hints at this stuff.
• 10:59
  grapheneosbridge
  <Braillynn:telegram> Equally, the Titan M chip in Pixels is like a separate system guarding storage and other encryption keys, enforcing timeouts (bruteforce prevention) etc. Look around the grapheneos.org site for more hints at this stuff.)

• #grapheneos
• 06:39
  grapheneosbridge
  <zhaoziyang:matrix.org> sorry to ask a million questions, but do the more modern pixel phones post pixel 2 have more secure features at the hardware level? Or is the Titan M the main advance?

• #grapheneos
• 19:57
  grapheneosbridge
  <cx7dd:matrix.org> Is there a way that there will be a exploit for the titan-M chip one day?

• #grapheneos
• 22:39
  FieryBinary
  M7777777y[m]: Titan M is proprietary, but that's negligible

• #grapheneos
• 21:21
  Railgun_Lover[m]
  <blaqkbsd[m] ""booting another operating syste"> The Titan M, responsible for verified boot, always says that if the OS you're booting is not the stock OS
• 21:22
  Railgun_Lover[m]
  If there is any difference between the hardware key burned into the Titan M, and the key flashed to it, it will say that

• #grapheneos
• 00:09
  gqz5
  yes, i know that this state is the worst possible. I know about this state. The phone have the 'Titan M' chip inside
• 00:09
  strcat[m]
  Titan M is not particularly relevant other than it protecting data encrypted with the StrongBox keystore very well, since the (only) profile is logged in
• 00:10
  strcat[m]
  Titan M doesn't protect the application processor or OS, it protects the keystore and helps with encryption (how it does the latter is covered in the docs well)
• 00:10
  strcat[m]
  * Titan M doesn't protect the application processor or OS, it implements the modern keystore and helps with encryption (how it does the latter is covered in the docs well)
• 00:11
  strcat[m]
  Titan M is part of verified boot enforcement but bypassing verified boot is pretty far from being the lowest hanging fruit

• #grapheneos
• 18:46
  GrapheneOS-Teleg
  <!Fiery> It does that whenever the key flashed to the titan m is different from the burned key
• 18:50
  Jens85
  Hi everybody, thank you for the fast response...  :-)   So that means, that the titan m can not protect the new operation system graphene like it did with the google system?
• 18:51
  Pratyush[m]
  Jens85: " So that means, that the titan m can not protect the new operation system graphene like it did with the google system?"
• 19:00
  TheJollyRoger
  Although I've delidded credit card processors before, the Titan M actually has tamper resistant circuitry that will brick the chip should I attempt to remove the casing. Mind you, the Titan is tiny, it's about the width of a few pennies.

• #grapheneos
• 22:32
  GrapheneOS-Teleg
  <s​ilentsolutions> does factory reset via settings menu also completely wipe the titan m?

• #grapheneos
• 11:58
  duck[m]
  rate limiting is enforced by titan m yes
• 18:21
  grapheneosisamaz
  I'm guessing the first step would be the Titan M?
• 18:30
  strcat[m]
  for an alternate OS, it loads the key from a secure element (Titan M on Pixels)
• 18:31
  strcat[m]
  the Titan M is only involved for the OS stuff: lock state, user chosen OS signing key, etc.

• #grapheneos
• 23:12
  TheJollyRoger
  Back then, those enclaves had no means to tell time internally. This has changed with the addition of the Titan M which contains its own internal counter and clock integrated within the secure chip.
• 23:15
  sklv1
  It should certainly be opt-in, and it's not obvious to me whether titan M supports such a thing
• 23:38
  strcat[m]
  rny: if you freeze the Titan M your data is gone
• 23:41
  strcat[m]
  sklv1: the model for the Titan M with Weaver is significantly stronger than what the iPhone does
• 23:41
  strcat[m]
  sklv1: the Titan M has a 1 million USD bounty so if you really think it can be broken for < $25k I suggest getting that easy money
• 23:44
  strcat[m]
  you cannot exploit the Titan M to get back deleted data
• 23:45
  strcat[m]
  i.e. it is possible that the secure storage in the Titan M fails... which bricks your phone
• 23:46
  anupritaisno1[m]
  Best way is to just tell the titan M to forget the keys
• 23:51
  sklv1
  strcat[m]: "the model for the Titan M with Weaver is significantly stronger than what the iPhone does" - what are the differences? I am researching now
• 23:56
  strcat[m]
  you cannot actually update the Titan M with that valid signed evil firmware
• 23:57
  strcat[m]
  sklv1: Pixels got this feature with Pixel 2 (before Titan M)

• #grapheneos
• 11:07
  covid-1984[m]
  anupritaisno1: what's their alternative to the Titan M in order to stop brute force attacks?
• 20:28
  strcat[m]
  since we wouldn't have Titan M
• 20:36
  snowlynx[m]
  Will updates for titan m work with grapheneos ? Because of signing keys?
• 20:36
  strcat[m]
  Titan M updates can only be applied by the OS once owner authenticates
• 20:37
  strcat[m]
  since Titan M requires that in addition to the firmware being correctly signed

• #grapheneos
• 04:53
  TheJollyRoger
  The Titan M security chip will not allow its firmware to be upgraded, even if the firmware update is validly signed, and the OS image is validly signed, if it doesn't have the password.
• 20:12
  mynacol[m]
  <bikeman1234[m] "What actually happens when i do "> A factory reset will wipe the cryptographic keys in the Titan M chip. Without them, nobody can access the data, even if you have the correct password/pin. Overwriting the data is therefore not needed and reduces stress on the flash storage.
• 22:11
  Cliff[m]
  <TheJollyRoger "bikeman1234: if you do a factory"> Is this the same for the titan m chip in the pixel 4a?
• 22:13
  TheJollyRoger
  Cliff[m]: all Pixels including the 3, and all a-series pixels, such as the 3a, include the Titan security chip.
• 23:15
  TheJollyRoger
  bikeman1234[m]: Even if someone did compromise the owner profile, it still wouldn't be possible to brute force the secondary profiles; a four-digit pin number on the Pixel 3 and later would take roughly 650 years to completely exhaust the key space of 0000 to 9999 because of the Titan M. Although the owner profile is capable of creating and deleting other profiles and granting and denying
• 23:18
  TheJollyRoger
  Cliff[m]: GrapheneOS allows you to use up to 64 character passphrases at your discretion. This is if you'd like to, if you believe that you want to rely on more than the strength of the Titan. Google took a very pragmatic approach because they realized that most users expect security out of a 4-digit pincode, and took steps to help with that.

• #grapheneos
• 01:09
  strcat[m]
  the Titan M provides a Weaver implementation which offers hardware enforced throttling growing with failed attempts up to 1 day per attempt delays
• 01:10
  strcat[m]
  one of the uses of the key is sending a derived key to Titan M as part of Weaver, and Titan M gives back a token that was randomly generated earlier
• 01:10
  strcat[m]
  if you don't provide correct credential-derived key to Titan M, it won't give back the token

• #grapheneos
• 13:39
  hypokeimenon[m]
  If we assume Qualcomm is largely responsible for laying the foundations for that support, and see that Google have worked with Nvidia and Intel on hardware with no interest in alternative OS support, then we might assume that Graphene OS would be more interested in Qualcomm reference devices as a development platform (when their SPUs are up to speed in required features vs. Titan M)
• 13:40
  hypokeimenon[m]
  If we assume Qualcomm is largely responsible for laying the foundations for that support, and see that Google have worked with Nvidia and Intel on hardware with no interest in alternative OS support, then we might assume that Graphene OS would be more interested in Qualcomm reference devices as a development platform (when their SPUs are up to speed in required features vs. Titan M)

• #grapheneos
• 13:20
  akc3n
  iamagrilledguru[: root of trust is also mentioned in the FAQ. The Titan M chip firmware code would be/was 'propriatery software' you were asking about earlier. I'm not qualified to answer your question, however after a quick search online, I was able to find, perhaps what you maybe were looking for in your research on 'writing an article on degoogled roms' and 'many people say that there is no
• 13:20
  akc3n
  propriatery software'. Hope this helps your article: reddit.com/r/GrapheneOS/comments/fb…ce=share&utm_medium=web2x&context=3
• 15:29
  piggu[m]
  <akc3n "iamagrilledguru: root of trust i"> i think titan m is open source and fully documented, can't find repo right now but remember that google anounced in 2018 that titan m source code would be published
• 15:31
  DHFuchsiaOSwhen
  <piggu[m] "i think titan m is open source a"> Titam M is still not open source, OpenTitan is
• 15:37
  piggu[m]
  Xiaowen Xin in 2018 said titan m would become open source, guess it never materialized
• 15:40
  piggu[m]
  "Finally, in the interest of transparency, the Titan M firmware source code will be publicly available soon. While Google holds the root keys necessary to sign Titan M firmware, it will be possible to reproduce binary builds based on the public source for the purpose of binary transparency. "

• #grapheneos
• 17:44
  anupritaisno1[m]
  Titan m has security to prevent brute forcing the pattern anyway

• #grapheneos
• 19:45
  TheJollyRoger
  Modern Pixels (3 and later) have verified boot which is assisted by the presence of the Pixel's secret weapon: its Titan M security chip, which acts as a secure element and hardware security module. The chip is small, isolated, and is designed specifically for these functions in a mobile phone.

• #grapheneos
• 21:11
  grapheneos_user_
  Keith89: It does that whenever the key flashed to the Titan M is different from the hardware key

• #grapheneos
• 06:43
  zooobla[m]
  That's now during this chat after sending all that. I can see it in WiFi but I'm wondering if anyone else has usage show up for their apps or its persistent malware trying to hide usage that survives factory image flashing and the security features of the titan chip
• 06:52
  zooobla[m]
  It went past Samsung Knox and the titan m even on devices that just do stock like my parents

• #grapheneos
• 11:31
  strcat
  including moving from the limited NXP security chip on the Pixel 2 to the more secure and more useful Titan M on the Pixel 3

• #grapheneos
• 08:26
  TheJollyRoger
  "Security Level" will tell you how secure the attestation is: on Pixels, they use the Strongbox keymaster API, and all the cryptographic operations take place within a physically isolated, secure coprocessor, the Titan M Hardware Security Module.

• #grapheneos
• 23:17
  skwisgaar[m]
  asdf5465: face unlock is actually more secure than fingerprint, so you don’t need to be concerned about using it. Whether you use a long passphrase or not depends on whether you want to rely on the Titan M chip to protect against someone trying to guess your password.

• #grapheneos
• 14:44
  bauershades[m]
  If i understand correctly it is not a bad idea to factory reset GOS from time to time so the token in the Titan m chip is deleted. So it makes it even harder to do digital forensics
• 14:46
  GrapheneOS-Teleg
  <N​orwegianFrost> Titan m chip data are only saved locally so a factory reset doesn't change your online digital footprint in any way
• 14:46
  DHFuchsiaOSwhen
  <GrapheneOS-Teleg "<NorwegianFrost> Titan m chip da"> This is true too

• #grapheneos
• 22:36
  strcat[m]
  Pixels no longer have the visual / neural core since the SoC gained superior functionality so the main difference from just properly setup secure Qualcomm SoC phone + nicely built hardware/components is the secure element (Titan M)

• #grapheneos
• 18:57
  Guest989
  How has the project addressed the closed source nature of the titan M chip microcode in the pixels? Is there any way to verify the integrity or ensure nothing malicious (ie google) is occurring that we don't want on that front? I'll fully admit I don't understand that deep into things, it was juts something I've seen thrown around and unsure if FUD
• 19:00
  strcat[m]
  Guest989: the Titan M is not in control of the device

• #grapheneos
• 07:11
  strcat
  due to Titan M, Pixel 3 / 3a did get secure element improvements, although newer generations probably have better physical anti-tampering

• #grapheneos
• 22:15
  MrJack
  lock screen and encryption, and some consider it to be a backdoor.  According to what i've read from you elsewhere, pixels have switched to using titan m, so this is aspect is no longer an issue then if I understand correctly?  Any good sources to reference for these things?

• #grapheneos
• 00:01
  duck[m]
  how does the security of arm trustzone compare to titan m
• 00:02
  TheJollyRoger
  duck[m]: the Titan M is a different chip entirely, it's physically separated and it's specifically designed to isolate against things like timing attacks or side-channels.
• 00:03
  TheJollyRoger
  The Titan M was designed for mobile phones specifically.

• #grapheneos
• 12:32
  somenerd[m]
  since Titan M already provides protection

• #grapheneos
• 01:45
  TheJollyRoger
  So even if your pin code is short (provided it's not easily guessable), the secret contained in the Titan M security chip should be able to bolster the length of a short pin.
• 01:46
  TheJollyRoger
  The Titan M contains its own timer that doesn't respond to the host clock, so it can enforce this timeout.

• #grapheneos
• 22:00
  TheJollyRoger
  Last I had heard, Google put up a $1 million bet: if you can get a full chain remote code execution exploit with persistence on the Titan M and produce a working proof of concept, the money's yours.

• #grapheneos
• 17:01
  came2complain[m]
  that's the plan. I intend to copy the hw ingredients of the pixel 3a 1 to 1 - but I am sure I can't use the Titan M so I wonder if it can be replaced with a tpm from STM
• 17:09
  came2complain[m]
  I assume the Titan-M can't be purchased from google to be used in non-google products?
• 17:57
  strcat[m]
  if you take the Titan M from one Pixel and swap it with another you bricked it if the batch keys are different

• #grapheneos
• 19:14
  jonmonty[m]
  <strcat[m] "even if it was supported, it doe"> Is that partially because it's lacks the Titan M chip?

• #grapheneos
• 22:11
  anupritaisno1[m]
  The only way to wipe it would be to probably send a wipe request to the titan m while the system is running

• #grapheneos
• 07:48
  jalb
  Hello, can anyone confirm if this breaks the Titan M security?: ninjalab.io/a-side-journey-to-titan
• 07:49
  take_a_deep_brea
  <jalb "Hello, can anyone confirm if thi"> titan secure keys are not closely related to titan m chip
• 07:55
  heri[m]
  <take_a_deep_brea "jalb: i am no expert. but the t"> Titan M is explicitly hardened against such side-channel attacks as the one linked
• 07:59
  Ramp23
  So the article on titan m is lies ?
• 08:00
  somenerd[m]
  > So the article on titan m is lies ?
• 08:00
  somenerd[m]
  > titan secure keys are not closely related to titan m chip
• 08:00
  somenerd[m]
  take_a_deep_breath said that the article wasn't about Titan M
• 08:03
  take_a_deep_brea
  its not a lie. and has got nothing to do with the Titan M housed in a pixel
• 08:08
  strcat[m]
  nothing to do with the Titan M

• #grapheneos
• 00:30
  FuchsiaOS_when
  > highly doubt the malicious firmware would get very far with the Titan M chip and verified boot
• 00:30
  FuchsiaOS_when
  Titan M doesn't detect fake hardware components
• 01:32
  jonmonty[m]
  tytydestroi my bad I completely missed the fact that you asked specifically about hardware security. They both have the titan M chip so
• 05:25
  CanadaisCold1
  I think the Google Titan M security chips are unique to google,
• 05:25
  CanadaisCold1
  But perhaps an open source variant of Titan M, secure boot etc can be coded using signature matching/validation and verification.
• 05:28
  strcat
  CanadaisCold1: the Titan M is far from the only secure element, we have no specific dependency on the Titan M
• 05:32
  anonhat[m]
  I'm getting together some capital to hopefully develop a decent phone with an Open Titan based security chip. It's still an early project, but I'll likely come back here with updates once something materializes.
• 05:33
  strcat
  a secure element that's comparable to the Titan M and provides Weaver, StrongBox and the other features

• #grapheneos
• 15:20
  strcat[m]
  factory reset wipes Titan M data and the data partition, not that atm
• 15:21
  jandroid[m]
  <strcat[m] "factory reset wipes Titan M data"> thank you!

• #grapheneos
• 11:59
  jftn[m]
  * Ironically, the Google Pixels. They have superiour hardware security (full verified boot, strong hardware-backed encryption, Titan M and much more). Also, regular and fast firmware patches.
• 11:59
  jftn[m]
  * Ironically, the Google Pixels. They have superiour hardware security (full verified boot, strong hardware-backed encryption, Titan M and much more). Also, regular and fast firmware patches.

• #grapheneos
• 08:11
  tryingraphene
  so does the titan m chip operate the same as regards lockscreen password guesses, etc with other profiles as it does with rebooting phone?
• 08:16
  tryingraphene
  oh yes i see that is what i was wondering is if fingerprint data was housed in titan m as well
• 08:19
  tryingraphene
  i see- so that was a big question i had too with the hardware titan m chip- do i need to have a super long complicated password randlomly generated like i used to with older phones or with titan m is a random 20 char fine?
• 08:20
  strcat[m]
  tryingraphene: the Titan M Weaver implementation quickly throttles to 1 attempt per day at decryption
• 08:20
  tryingraphene
  i read the titan m will ramp up timeouts for guesses but in my recent tests of guessing patterns wrong 30 times in a row with a newly created profile it was still at 30 seconds per guess
• 08:25
  strcat[m]
  that's for the Pixel 2 security chip at least, probably similar for Titan M
• 08:27
  tryingraphene
  because the way i understand it you can't even really bypass the titan m even taking the phone apart
• 08:29
  tryingraphene
  that is what i really like too is that it can't be easily offloaded to say a gpu array and bruteforced because it has to go through the titan m
• 08:29
  strcat[m]
  tryingraphene: even without the Titan M, there's hardware-bound key derivation
• 08:30
  strcat[m]
  Weaver (Titan M on Pixels) for the exponential throttling via secure element is an extra thing on top of that
• 08:46
  tryingraphene
  yeah i figure a 20 character randomly generated password that i memorize is totally cool since the titan m chip is present. for my threat model at least

• #grapheneos
• 01:00
  strcat[m]
  valldrac: StrongBox is a proper secure element (Titan M on Pixels, Qualcomm SPU on most other devices that have support for it) and has internal secure storage

• #grapheneos
• 14:22
  ayaen_t[m]
  secondly that would require some sort of partnering with qualcomm (entirely my guess good chances i am wrong here ) but they still dont support the proper development of a strongbox like the titan M implemented by google

• #grapheneos
• 13:33
  graphiteos[m]
  yeah I already know the things on the homepage. I was looking for documentation from google about the titan M chip what functions it has, supported crypto algorithms how it implements Android KeyStore or Android TEE
• 13:38
  graphiteos[m]
  also is ther epublic reasoning from google why they include the titan M instead of using the Quallcom TEE includes in the Snapdragon 730G for example ( I know that ARM TrustZone is a different design from a dedicated copressesor Im interested in first party sources)
• 13:53
  somenerd[m]
  to the Titan M
• 16:16
  strcat[m]
  graphiteos: TEE is not a secure element, and it's not comparable to one, you should do more research first - the comparison is between the Qualcomm SPU and the Titan M, the Titan M has lower attack surface and additional features like a secure timer for Weaver
• 16:29
  strcat
  graphiteos[m]: Pixels aren't the only phone with a secure element, and again the comparison for that is between SPU and Titan M
• 16:29
  strcat
  Titan M has secure timer and lower attack surface

• #grapheneos
• 00:41
  yzrhjocizuwkjlqo
  What is the difference between an secondary security chip like T2, Secure Enclave, Titan M etc, than the one that is in Snapdragon processors which is also separated from the main processor?
• 01:13
  yzrhjocizuwkjlqo
  Makes sense. Is snapdragons secure enclave as good as Titan M?
• 01:22
  strcat
  no the SPU is not competitive with the Titan M

• #grapheneos
• 17:50
  Adam1776A
  I think Pixel 4a has the Titan M security chip
• 17:51
  steppingonyou[m]
  more precisely do any new pixels use titan m equivalent?
• 17:55
  steppingonyou[m]
  i was curious about the titan m chip specifically i wasnt aware all pixels > 3 were using it

• #grapheneos
• 18:25
  arpysco[m]
  <naribia "which security capabilities spec"> Look up the titan m chip
• 18:26
  naribia
  is the titan m chip the thing that holds the keys for checking os image signatures?

• #grapheneos
• 20:10
  strcat[m]
  on a Pixel 3 and later, the Titan M secure element implements Weaver
• 20:19
  strcat[m]
  which could not be said about it before the Pixel 2 (which introduced an NXP security chip for this, later replaced by the Titan M in the Pixel 3 which provides much more than this feature)

• #grapheneos
• 21:10
  TheJollyRoger
  yzrhjocizuwkjlqo: you're close. If I recall right there are other secret parts of information that the Titan uses (I'm not sure of all of them) for key derivation but you're correct that the Titan is capable of bolstering the strength of a short pin. With respect to phones without a security chip, it tends to vary depending on the phone's CPU and the OEM's attentiveness to security.
• 21:14
  yzrhjocizuwkjlqo
  <TheJollyRoger "yzrhjocizuwkjlqocf: you're close"> Titan M is close to Apples Secure Enclave, right? How can Cellebrite then brute force an iPhones standard 6 pin in a couple of hours/days if the secure chip should stop that? I'm talking about Apples security chip here, as that's the only info we got about adversaries with lots of money trying to get into phones.
• 21:15
  TheJollyRoger
  The Titan M is very different than Apple's Secure Enclave Processor; if I recall right what they were doing to brute force the SEP was they were spoofing the time. The Titan M contains its own timer, for this reason.

• #grapheneos
• 10:10
  anupritaisno1[m]
  mistazaki: try Titan M attestation
• 10:12
  mistazaki[m]
  <anupritaisno1[m] "mistazaki: try Titan M attestati"> How?
• 10:45
  Dylanger[m]
  Because it's an EVT, you might even have a dev version of Titan M potentially

• #grapheneos
• 20:32
  TheJollyRoger
  ultracard[m]: oh yeah. You asked about the Titan security chip a bit back, did you? I've got a bit of a moment now to discuss it.

• #grapheneos
• 17:01
  strcat[m]
  or just use a random PIN (8 digit or so) without biometric unlock if you want to rely on the Titan M for security instead of your passphrase

• #grapheneos
• 14:37
  lolly
  But could government and police parties have backdoors into the titan M chip?
• 15:34
  anupritaisno1[m]
  lolly when you press wipe the decryption key is wiped from the titan M
• 17:02
  strcat[m]
  anupritaisno1: the decryption key isn't on the Titan M, it's not stored anywhere
• 17:03
  strcat[m]
  without one, you depend on the hardware-based security features, such as if you have a 6 digit PIN, you're depending on the Titan M throttling
• 20:46
  strcat[m]
  if someone uses a 6 digit PIN, then they depend on the security of the Titan M

• #grapheneos
• 17:12
  anupritaisno1[m]
  Titan M
• 17:13
  Remu[m]
  Just curious, so I assume any Pixel with Titan M will support it when they will get Auditor support?

• #grapheneos
• 19:41
  strcat[m]
  there is a far superior security chip built into the phone (Titan M) along with a secure element on the SoC (SPU)

• #grapheneos
• 17:09
  incognitopeople
  features. We're also working together with Incognito and theirs developers and we want to find a way to integrate a Cold wallet for incognito chain with titan-M chip. As we know, company like Omerta used and sell smartphone with you OS. We would like to do similar but before that, we would like to make a partnership and work together with you to

• #grapheneos
• 21:41
  alex-resist_
  It said "Wiping Titan M" and then "Can't send spi message: Try again" about 25 times. In the end it still said "Data wipe complete"

• #grapheneos
• 09:33
  Dylanger[m]
  Does the 4a have the Titan M?
• 11:42
  strcat[m]
  Dylanger: it's not a general purpose SoC, it's a secure element like the Titan M
• 11:59
  Dylanger[m]
  <strcat[m] "> works differently"> I know that these 2 things are totally seperate, the shell I was dropped into was some sort of UART terminal, the cable itself added resistance to D- line, muxing me to the Titan M, I only mentioned adb was disabled because I was able to take his _totally untouced Pixel 3, and interact with the (debatable) most IC of the device_
• 12:00
  Dylanger[m]
  * I know that these 2 things are totally seperate, the shell I was dropped into was some sort of UART terminal, the cable itself added resistance to D- line, muxing me to the Titan M, I only mentioned adb was disabled because I was able to take his _totally untouced Pixel 3, and interact with the (debatable) most important/private IC in the device_
• 12:01
  strcat[m]
  you can't "interact" with the Titan M using it
• 12:02
  strcat[m]
  and you also seem confused about what the Titan M provides
• 21:44
  Dylanger[m]
  Has anyone done any side channel fun with Titan M?

• #grapheneos
• 13:41
  Resynth[m]
  Graphene works fine with Titan M
• 13:41
  Resynth[m]
  I still think Titan M is shit, but it exists on GrapheneOS
• 13:42
  Resynth[m]
  androidauthority.com/titan-m-security-chip-915888
• 15:00
  strcat[m]
  the Titan M has dedicated hardware entropy generation + CSPRNG, so that's what's used internally for the StrongBox keystore
• 15:00
  strcat[m]
  Titan M random number generation is just for StrongBox

• #grapheneos
• 21:29
  blacklight447[m]
  <anupritaisno1[m] "It is very hard to brute force e"> As long as they do not beat the titan M right?
• 22:43
  anupritaisno1[m]
  BTW did your titan m throw some weird errors?

• #grapheneos
• 04:13
  strcat[m]
  the Titan M is the main place that a custom AVB key is stored along with vbmeta rollback indices
• 17:14
  jpds
  esmspwdcesmrcbtt: Yes, through the use of Titan M

• #grapheneos
• 11:19
  renlord
  when you say titan m is broken, what sort of symptoms are we looking at?
• 18:54
  engulf[m]
  Titan M is open source but its near to impossible to verify that its running the code
• 18:56
  JTL
  > 11:54 <engulf[m]> Titan M is open source but its near to impossible to verify that its running the code
• 19:10
  strcat[m]
  BalooRJ: so for example the Titan M just provides specific features, it doesn't have any control beyond implementing the APIs it is supposed to implement

• #grapheneos
• 18:58
  strcat[m]
  with Titan M
• 19:06
  strcat[m]
  this seems like an Android 11 Titan M bug
• 19:09
  strcat[m]
  seems Titan M is not getting time synced to it properly
• 19:09
  strcat[m]
  seems like a Titan M bug

• #grapheneos
• 17:55
  res4[m]
  <louipc "need tshirts and stickers and al"> Or package actual jazz with every install of GrapheneOS. Randomly generated with encryption keys stored in the Titan M chip, so no one but you will get to listen to your sweet, sweet personal privacy-jazz.

• #grapheneos
• 17:07
  anupritaisno1[m]
  Google might tie it with the titan M
• 17:08
  strcat[m]
  Titan M doesn't have an API for that stuff just the regular keystore API
• 18:11
  anupritaisno1[m]
  [strcat](matrix.to/#/@strcat:matrix.org): then should this password be backed on titan m or no?

• #grapheneos
• 14:38
  strcat[m]
  on a Pixel the Titan M provides the API for this

• #grapheneos
• 10:32
  cn3m[m]
  it takes 650 years to break a Titan M with a 4 digit random PIN
• 10:35
  cn3m[m]
  and of course that primary unlock method is super strong since the Titan M
• 10:35
  strcat[m]
  it's super strong if you use a strong passphrase regardless since it uses scrypt combined with hardware-accelerated, hardware-bound encryption with the Titan M protection added on top of that
• 10:36
  strcat[m]
  the Titan M protection added on top is what makes it so that even a 6 digit PIN will take a ridiculous amount of time to brute force unless they can exploit the tiny attack surface of the Titan M
• 10:40
  strcat[m]
  and if the Titan M is not exploited successfully, then even a crappy PIN unlock lasts that long
• 10:41
  strcat[m]
  and Titan M firmware cannot be updated until authentication of the owner account is done successfully so you'd actually need to exploit it, can't do something like bribing insiders millions to steal the keys to sign firmware

• #grapheneos
• 21:29
  cn3m[m]
  <bypassbob[m] "Is that the facial recognition? "> it is a fuzzed mathmatical representation stored in the Titan M

• #grapheneos
• 19:21
  jpds
  lev[m]: The biometric data is stored in the Titan M security chip