• gravitas@lem.ugh.im
    link
    fedilink
    arrow-up
    0
    ·
    22 days ago

    Its not up to grapheneos devs which devices support bootloader relocking with different keys, literally only pixels allow this and without it you cant properly secure the phone.

    • unhrpetby@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      1
      ·
      22 days ago

      …without it you cant properly secure the phone.

      My understanding is that a locked bootloader helps protect against evil maid attacks and bootloader-level malware persistence. I find this a security risk that I would absolutely take for Google independence. “Properly secure” is subjective.

      GrapheneOS do decide what phones they support. It is exactly their choice to support only Google Pixels, rather than taking a security hit for hardware independence (whether you agree with the decision or not).