PlugOS – An isolated OS that runs on an untrusted phone
The OS runs on a separate USB device.
The phone is treated as an untrusted terminal for display, input, and network access. How is this secure if all the I/O is untrusted?... The threat model is a bit different, according to their security paper. What's the threat model? Similar devices like those from Ledger or Trezor have trusted inputs (buttons) and/or trusted outputs (screen) which make the whole thing work. Is there a link?