As new Jolla devices are rolling in, I was wondering do they have TEE (Trusted Execution Environment) support? And, is there any plans on integration to Sailfish side?
I’m asking this because of upcoming EU Digital Wallet and EU Business Wallet.
Their full specification actually required TEE functionality, due the fact that Qualified electronic Signature Creation Device spec has to be fulfilled. At the moment, no phone can fulfill that one. It would require EU audit of the TEE/secure enclave, and you can be sure that Apple and Samsung are not going to allow that.
So, there can be opportunity here, and probably also funding to implement.
Thoughts?
the discussion of getting away from the visa / mastercard (mostly visa) monopoly for payments is directly related to who controlls the ‘Trusted’ env. Supporting TEE looks like it would UNDERMINE european efforts to get free of the Visa (pracitaclly) monopoly.
IMHO Jolla must concentrate and remain that particular option for all those users who WILL find a way (one way or another) to opt out of the digital ID - surveillance panopticum, which the western Soviets are seeking for.
For all those normies, who want to comply, there is and there has been always the conventional IT solutions like Iphone and Android.
edit: if Jolla becomes like those, which most of its users are trying to escape from, then I’m done with it.
And I’m afraid I ain’t gonna be the only one who does choose to go to a framework, where the user remains boss and an almighty administrator of his very own device.
TEE in Sailfish could be built completely differently that in Android and IOS devices. API could be available for all developers, and you could monitor what is running - and disable processes you don’t want.
Well, not really. Since Sailfish sits on an Android hardware abstraction layer, communication with the TEE will be limited to doing it the Android way. That’s also the only thing that makes sense if you also have android support, or?
Then I wouldn’t even bother with such abrasive “tech” on my very own device and would patiently wait to the very last moment in order to see, what other working solutions may come out into the game.
I have to say that we can agree to disagree. TEE is not there to solely give digi giants or manufacturers an edge.
I was about a decade a ago in a research project with an unnamed phone manufacturer. We built a whole system, where app developer could leverage the TEE security, by developing an accompanying TEE-based service. It was really nice, you could use Android Studio for that. You had the TEE-side as a subproject, and whole thing would deploy to the phone as a single app as any.
Use cases were services like for example Signal, where you want the keys and ciphers to be safe.
Its too bad it stayed as a research project - but maybe with the upcoming new Jolla phone it could be the new reality?
So, What I’m trying to say here is that TEE does not have to be an evil Digi giant/government based crap, it can also enable new apps and new level of more hacking-proof services. What we want is transparency in TEE space. If EU wants a digi wallet to run in there - fine. Just be open about it.
Yes, my suggestion here would be that in the new Jolla Phone, we’d have OP-TEE and consider the programming environment, to something we were discussing back then.
As a side effect, perhaps we could have Alien Dalvik work better and safer, support most bank apps?
Well I am normie…. I just wish we could stop using arguments like “I think you are in forum” or “I suggest you keep using android”. Very dismissive and unpolite. At least me the conversation has sounded like SFOS related.
Ps. I understand the first comment if somebody for example starts to take deep dive to world politics or something
Interesting and rather sad how easily things can turn into feuds. It’s not like he asked for a stereo jack here in the TEE thread
There’s no harm if a TEE solution actually gets some traction in SFOS and sdk support. Say a TOH with the chip mentioned above by jgr.
