this post was submitted on 13 Sep 2023
106 points (94.9% liked)
Privacy
31974 readers
325 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Here's another source about 2 month wait times sometimes, if you don't believe me: https://www.xda-developers.com/xiaomi-2-month-wait-unlock-bootloader/. It has never personally been 2 months for me, but it has been over a week before for me, and their support team refused when I asked nicely to shorten it despite the fact my daily driver phone was broken and I couldn't restore my LineageOS from backup - I just had to wait. That's why I don't buy Xiaomi stuff any more.
The wait time is determined by their servers, which sends a cryptographically signed certificate specific to the serial number of the device that the bootloader reads. The key to sign the certificate stays on their servers, and the client just calls to the server, and either gets a response saying to wait for this much longer, or containing the certificate. Xiaomi explicitly call it 'apply for unlocking' (e.g. see the title of https://en.miui.com/unlock/index.html), as in, they think it is their right to decide who gets to decide what runs on my hardware I've bought from them, and us mere consumers must come begging to them and 'apply' to unlock.
The bootloader is designed not to boot anything except MIUI without the certificate from the unlocking tool. While there are open source clients (like https://github.com/francescotescari/XiaoMiToolV2) they still work by calling Xiaomi's server to get the unlock code, so if you want to run anything except Xiaomi's MIUI (which is a bad idea from a privacy perspective), you kind of do have to use it (at least their server). The only way around it would be if someone found a vulnerability in the bootloader or the processor itself that allows for the 'treacherous computing' aspect of the boot to be bypassed without the certificate - and as far as I'm aware there isn't a reliable approach yet for that.