See the entire conversation

If employees organized around it, Google would manufacture a secure Pixel phone, because keeping employees happy still matters to Google
34 replies and sub-replies as of Sep 11 2017

this was already involved, so the Russian connection there is still possible.
Do most Google employees have any sense of the world beyond the bubble they live in? Using their apps/hardware abroad answer always feels no
Which isn’t to say they are bad people. But vacations matter
I genuinely support your cause but I wonder; do you think enough employees care ethically to make a change? Goog is a super good job
Google doesn't manufacture anything. They could design something to be made by HTC or whatever. But their stuff is all high end.
They would have to get someone to make a cpu and chipset with a secure enclave equivalent. They don't make that either.
I think Google could make the supply chain problems go away (like Apple did) if they cared to actually do it
They need to hire one engineer to work on leveraging the capabilities provided by their current hardware. It's not some monumental task.
They finally assigned resources to leverage the hardware for inline hardware decryption on Pixels but didn't leverage the sec properties.
Typical Google short-sightedness.
Expect explains it. They fixed OS <-> firmware API for key derivation and shipped garbage tier impl of the fw side.
They just don't seem to understand that they need Pixel security engineers leveraging hardware features properly, not only Android ones...
It's their product / hardware... and yet they treat anything below the firmware API as someone else's problem and don't assign resources.
Maybe that’s why they’re trying to acquire HTC’s smartphone division.… is fine and permits proper hardware-bound key derivation where delay is based on time to do hw-bound KDF operation.
File-Based Encryption  |  Android Open Source Project
(no description)
So how about shipping an impl of that using QCE instead of just generating a key stored in TrustZone... ? Can't understand Google sometimes.
They don’t staff the Android team with adequate expertise & headcount. Google doesn’t take as much pride in their work as Apple does, sadly.
There are reasons why I’m glad I don’t work on the Android AOSP team any more. I used to feel ashamed that they failed so badly at security.
They're doing a much better job with AOSP these days but this code is below the OS layer and none of them seems to actually work on it.
As another example of this, they haven't released the September security update yet. All thrown off because last Monday was a US holiday.
Other vendors shipped it already. Apparently bus factor is so low that a few people on vacation -> can't do a release they already built...
Anyway, so frustrated with them lately. Maybe they should stop making people relocate if they have such a hard time hiring engineers...
My guess is either FBI, another FIS, or the GRU, or Google, those are all different.
Could have proper hardware-bound key derivation instead of TZ approach, and they could have less important frill of key inaccessible to OS.
They just don't seem to understand that they need Pixel security engineers leveraging hardware features properly, not only Android ones...
Qualcomm CE exists and ships on their Pixel phones. Google chooses to only use it for hardware acceleration rather than improving security.
Can't blame Qualcomm for this when they've included hardware-bound crypto operations in their SoC and Google chooses to only use TrustZone.
Providing security updates for 5 years like their Chromebooks instead of 3 years is something they need to work with Qualcomm to fix though.
They don't need their own SoC to pay Qualcomm for 2 extra years of support and to adopt Qualcomm Crypto Engine hardware-bound operations.
Have talked to their engineers working encryption and they understand the problem space but their job is improving it on Android not Pixels.
Problem seems to be that while they have great security engineers they don't have people focused on it for their own phones specifically.
If their employees cared enough about privacy to demand this, they wouldn't be working at Google in the first place 🙄