And this is why monopoly of one giant monolith is bad, in any area or case! They get to the whatever the f they want! It's not like everything is made today to track, and give access to "authorities" when they want it. But what really drives me mad is that I feel tricked! You put trust into someone and it's work, and give them money for that, but they do this, without you even knowing.
I was always making fun of sworn GNU guys, always thought they were overblowing things out of the context. But maybe they were on the track! Anyhow, I want more competitive CPU space, we need AMD to get back into game, IBMs Power9, ARM, anything. But as things are standing right now, we won't see that anytime soon.
That's why I like the initiative to revive the SuperH architecture now that the patents have run out - completely as open source. [1][2] Sure they are not fast enough to replace Intel or AMD CPU's but they could replace the smaller chips in our computers, which would be a good start.
Trustzone is different, although it can be used to wall things off from the user (and their viruses) it's more of a secure hypervisor, or way of constructing a TPM-equivalent that shares chip resources.
If you have control over the boot process on an ARM chip, you don't have to enable Trustzone.
Trustzone in itself is not closed though, and FAFAIK is not a separate engine. Trustzone is more like IOMMU on steroids, and runs on the main processor (it relies on hardware support to fence off system resources).
The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka internal bug 24446875.
then it's not strictly TrustZone that have been cracked, but some software running within, already patched. TrustZone itself is a hardware mechanism, basically a new level above the usual user/kernel modes.
But sure, this hack reportedly gave possibility to run arbitrary code as "trusted" and mess up any other software running on the CPU, trusted or not.
I don't know what those keys were and whether they were indeed "Qualcomm private" or per-device or something else. Google quite uselessly returns only news about this hack.
Yeah I thought so, but I hoped competition would make things different, where one of leaders would go like full transparent, without these "spy" sectors, and it would give it edge over others.
And it's not about securing, it's about control! Who owns the thing I bought, that I use. It's not only they can watch, but now they can control whole computer. That's what bugs me the most. :(
See the USB Armory, which gives you the keys to control the TrustZone system (or rather, you give your public key to it so that it will only run code YOU signed).
I was always making fun of sworn GNU guys, always thought they were overblowing things out of the context. But maybe they were on the track! Anyhow, I want more competitive CPU space, we need AMD to get back into game, IBMs Power9, ARM, anything. But as things are standing right now, we won't see that anytime soon.