clarify attack surface reduction a bit
This commit is contained in:
parent
93a197fd6b
commit
2d516a56f7
@ -82,8 +82,8 @@
|
||||
<li>Enhanced hardware-based attestation with more precise version information</li>
|
||||
<li>Eliminates remaining holes for apps to access hardware-based identifiers</li>
|
||||
<li>Greatly reduced remote, local and proximity-based attack surface by stripping out unnecessary
|
||||
code, making more features optional and disabling optional features by default or when the
|
||||
screen is locked</li>
|
||||
code, making more features optional and disabling optional features by default (NFC, Bluetooth, etc.) or when the
|
||||
screen is locked (connecting new USB peripherals, camera access)</li>
|
||||
<li>Low-level improvements to the filesystem-based full disk encryption used on
|
||||
modern Android</li>
|
||||
<li>Support for logging out of user profiles without needing a device manager: makes them inactive so that they can't continue running code while using another profile, purges disk encryption keys (which are per-profile) from memory and hardware registers</li>
|
||||
|
Loading…
x
Reference in New Issue
Block a user