Daniel Micay

icon indicating a website link https://daniel.micay.dev/ icon indicating an email [email protected]

icon company @GrapheneOS icon location Toronto, Ontario, Canada icon location Security researcher/engineer working on mobile privacy/security. Founder of @GrapheneOS.

Results 1141 comments of Daniel Micay

save last state of OS enforced data and notify when a change occurs

This is saved in the server implementation along with a log of attestations.

add UserManager.getUserCount for versions with signature permissions

Why close this?

add UserManager.getUserCount for versions with signature permissions

I just need time to properly test and review changes like this and it has to be mirrored for AttestationServer. It can't be done only for the Auditor app. This...

support detecting rollback resistance for key attestation v3 onwards

Seems the new API isn't actually implemented upstream yet.

Implement strictly optional device identifier based attestation

We can initially provide it for only the local verifications if we want.

add support for checking CRLs

Google doesn't appear to be publishing CRLs yet and there's not much point until the key attestation ecosystem is more mature.

Add support for the Samsung Galaxy Z Flip3 5G (SM-F711B)

We need a project member to verify this and we're not set up for that right now. We're supposed to be doing this ourselves with the submitted samples, but we...

Add support for the Samsung Galaxy Z Flip3 5G (SM-F711B)

The main thing that needs to be done is verifying that it's a valid sample based on one of Google's roots and extracting the different properties from, along with testing...

Add support for the Samsung Galaxy Z Flip3 5G (SM-F711B)

Also, we need to test verifying both with and without StrongBox. Auditor will only use StrongBox but I like to know that we have the correct setup for TEE too....

Add support for the Samsung Galaxy Z Flip3 5G (SM-F711B)

I can try providing some more details later.