this post was submitted on 31 Dec 2024
398 points (98.1% liked)

Technology

60284 readers
3990 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 2 years ago
MODERATORS
L3s
[email protected]
[email protected]
L4s
enu
398
LineageOS now officially supports the Pixel 9 series (9to5google.com)
submitted 6 days ago by cm0002 to c/technology
80 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] CrazyLikeGollum 5 points 5 days ago (1 children)

It is largely an anti-tampering measure. Without it you could have things injected into the system. For example, a stalker could install a hidden tracking program as a service and then return your phone without you knowing.

Iirc it's also a prerequisite for full-disk encryption on modern android. So, without it your user data is available to be dumped in an unencrypted state. Most phone thieves are interested in reselling the phone, so they're provably not going to go through the effort and risk damage to the phone just to dump encrypted data from the chips directly. However, if it's just available unencrypted from fastboot why not dump it? They could get info that could be used to blackmail or scam you or people you know. Or they could just sell the data.

[–] [email protected] 2 points 5 days ago* (last edited 5 days ago) (1 children)

Iirc it’s also a prerequisite for full-disk encryption on modern android.

How modern? It's still working on Evolution X with Android 14 (although maybe it needs custom rom support).

It would be a bit less secure since the bootloader itself could be compromised, however (but I wouldn't be concerned about random thieves/snooping in this case).

[–] CrazyLikeGollum 4 points 5 days ago

https://source.android.com/docs/security/features/encryption/file-based

I did not remember correctly, kind of. From AOSP, Android 7 and later use file-based encryption (FBE) rather then full-disk encryption (FDE). FBE is dependant on verified boot, which itself requires a locked bootloader.

Custom ROMs may have back ported FDE, modified FBE, or implemented their own encryption.