this post was submitted on 05 Sep 2025
106 points (100.0% liked)

Linux

12973 readers
216 users here now

Welcome to c/linux!

Welcome to our thriving Linux community! Whether you're a seasoned Linux enthusiast or just starting your journey, we're excited to have you here. Explore, learn, and collaborate with like-minded individuals who share a passion for open-source software and the endless possibilities it offers. Together, let's dive into the world of Linux and embrace the power of freedom, customization, and innovation. Enjoy your stay and feel free to join the vibrant discussions that await you!

Rules:

  1. Stay on topic: Posts and discussions should be related to Linux, open source software, and related technologies.

  2. Be respectful: Treat fellow community members with respect and courtesy.

  3. Quality over quantity: Share informative and thought-provoking content.

  4. No spam or self-promotion: Avoid excessive self-promotion or spamming.

  5. No NSFW adult content

  6. Follow general lemmy guidelines.

founded 2 years ago
MODERATORS
MigratingtoLemmy@lemmy.world
106
ELI 15: How do phone manufacturers "lock" bootloaders? Is that software truly unhackable? (lemmy.world)
submitted 1 day ago by Maroon@lemmy.world to c/linux@lemmy.world
36 comments fedilink hide all child comments
 

I am seeing a growing discussion on the need for more Linux phones in the market given Google's problematic behaviour w.r.t the changes that will be introduced to that OS.

One very good point that some community member raised was that Android itself wasn't the problem but the locking of the bootloader in the phone. If the bootloader could be unlocked, then it significantly lowers the bar for the end user to install their OS of choice.

I have dabbled with flashing OSs in old smartphones (GrapheneOS, Post market and Lineage). I commend the developers because I could do that without truly having to "understand the code" at the lower levels. But I assume that was possible because the boot loader could be unlocked somehow*. It seems that isn't the case with many/most phone fro. Samsung / Xiomi, etc.

Are their bootloaders truly unlockable? Is it simply impossible to unlock and relock bootloaders?

  • I know that with lineage, the bootloader couldn't be relocked and that was touted as a security flaw. If someone could explain why this lock/unlock is so complex, I'd appreciate it.
you are viewing a single comment's thread
view the rest of the comments
[–] ragebutt@lemmy.dbzer0.com 61 points 1 day ago (22 children)

Different ways:

Sometimes it’s a cryptographic key thing, if the bootloader doesn’t see an image signed with a trusted key it won’t boot.

Sometimes it’s a flag set in storage that is secure and not writable. Bootloader checks the flag, if it’s set then it enforces signature verification.

Sometimes it’s a hardware thing. Newer chips can come with programmable fuses that can be set to pop. This literally severs an electrical connection within the soc or cpu or whatever and then that is the flag. The nintendo switch’s tegra used this to prevent downgrading; if you upgraded legitimately you’d “burn fuses” and then would be locked on that firmware permanently. downgrading could potentially brick the system. (Maybe someone’s figured out a way around this now, I haven’t fucked with switch stuff since tears of the kingdom came out).

There’s other ways too.

Defeating these methods is generally quite difficult. Sometimes you get lucky and a glaring bootloader exploit is found early on (fusee gelee for the switch) or one that applies to many generations of hardware (checkm8, unpatchable bootrom exploit for iphone 4s-iphone x) but at the same time companies have learned to harden their shit as much as possible and throw money at people who do find these exploits. Even nintendo, who has been notoriously laughably bad at this kind of thing seems to have come much harder at the switch 2. The only thing released to date is a minor userland exploit and even if something more substantial is released they’ll just brick your console for finding/running it

[–] TheLeadenSea@sh.itjust.works 5 points 1 day ago (5 children)

Why do people buy this hardware in the first place then if it won't be theirs?

[–] ragebutt@lemmy.dbzer0.com 51 points 1 day ago (3 children)

What kind of phone, laptop, game console, car, iot devices, etc do you have? I guarantee you support this stuff somewhere in your life. It’s inescapable.

But to answer you more directly apathy and consumerism. Why do people buy the switch 2 despite extremely anti consumer practices? Because they want to play slightly better Mario kart. Why do people buy a macbook? Because they want a computer that largely “just works”.

With phones it’s a bit different though. The choices are slowly being taken from you. It’s still possible right this second to buy something with an open bootloader but in 2030? Maybe not so much unless you’re cool with going back to a flip phone

[–] Goodlucksil@lemmy.dbzer0.com 0 points 23 hours ago

You won't need a flip phone, a Nexus or OPO will work as well.

load more comments (2 replies)
load more comments (3 replies)
load more comments (19 replies)