Comment by rickdeckard
3 months ago
If this is a reasonable direction, it could still be achieved on the same device. There would be sufficient security architecture available to completely isolate those two areas.
But I feel the issue is less about malware gathering your banking, ID etc, but malware holding your data hostage, using your (social) network for nefarious purposes or tricking you into something you don't want to do.
And for all those cases, having that "other" device doesn't help.
> If this is a reasonable direction, it could still be achieved on the same device. There would be sufficient security architecture available to completely isolate those two areas.
The problem here is: Who controls the means of input and output - the screen and keyboard? The trusted identity thingy sometimes needs to show the user some details, have them key in a pin number, things like that. So they know whether they're approving a $2 in-app purchase, or a 10-bitcoin transfer.
If the free and open part of the system controls the screen and keyboard, the details could be shown wrong and the pin number could be keylogged and replayed later.
If the secure-and-locked-down part of the system controls the screen and keyboard, the free and open part of the system is basically reduced to an app or website.
And if the secure-and-locked-down part of the system has its own separate screen and keyboard - it's hardly the same device.
Dual boot + secure boot solves it. People just don't want to use it.
You want to reboot your device any time you need to, say, approve a credit card payment?
No thanks.
1 reply →