Oh, and you would also need to enforce signed OS images from trusted sources (i.e. Trusted Computing) for it to be secure against someone just flashing a version of Android that didn't enforce the rules. This problem exists regardless what solution is proposed. Whether it is worth that price I leave to the reader.
A few more precautions in the hardware could close most of the remaining bugs but probably at expenses in bill of materials and user irritation most would be unwilling to pay for. So stop 99% of the problem and leave the 1% for secure MILSPEC hardware.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds