Google wants Android phones to have a Secure Enclave chip like iPhones. Its OpenTitan project aims to help design an open source one.
OpenTitan is loosely based on a proprietary root-of-trust chip that Google uses in its Pixel 3 and 4 phones. But OpenTitan is its own chip architecture and extensive set of schematics developed by engineers at lowRISC, along with partners at ETH Zurich, G+D Mobile Security, Nuvoton Technology, Western Digital, and, of course, Google.
The consortium will use community feedback and contributions to develop and improve the industry-grade chip design, while lowRISC will manage the project and keep suggestions and proposed changes from going live haphazardly.
You can view the OpenTitan Github repo here, but it’s not fully fleshed out yet.
Check It Out: Google’s OpenTitan aims to Create an Open Source Secure Enclave
Isn’t open source security per se insecure as it makes it easier to design workarounds than a private, bespoke system?
Generally, open source is considered secure because no one can make changes to code without other people seeing. People can see the code and check if the company is trying to do something sneaky.