So much for using your phone as a signing device
Quarkslab sent Google a new exploit that demonstrates code execution on the chip and exfiltration of encryption keys from it. A detailed description of the exploitation technique, the exploit’s source code, and a video showing its use to exfiltrate a StrongBox-protected AES key were provided.