this post was submitted on 05 Sep 2025
108 points (100.0% liked)

Linux

12985 readers
227 users here now

Welcome to c/linux!

Welcome to our thriving Linux community! Whether you're a seasoned Linux enthusiast or just starting your journey, we're excited to have you here. Explore, learn, and collaborate with like-minded individuals who share a passion for open-source software and the endless possibilities it offers. Together, let's dive into the world of Linux and embrace the power of freedom, customization, and innovation. Enjoy your stay and feel free to join the vibrant discussions that await you!

Rules:

  1. Stay on topic: Posts and discussions should be related to Linux, open source software, and related technologies.

  2. Be respectful: Treat fellow community members with respect and courtesy.

  3. Quality over quantity: Share informative and thought-provoking content.

  4. No spam or self-promotion: Avoid excessive self-promotion or spamming.

  5. No NSFW adult content

  6. Follow general lemmy guidelines.

founded 2 years ago
MODERATORS
MigratingtoLemmy@lemmy.world
108
ELI 15: How do phone manufacturers "lock" bootloaders? Is that software truly unhackable? (lemmy.world)
submitted 2 days ago by Maroon@lemmy.world to c/linux@lemmy.world
36 comments fedilink hide all child comments
 

I am seeing a growing discussion on the need for more Linux phones in the market given Google's problematic behaviour w.r.t the changes that will be introduced to that OS.

One very good point that some community member raised was that Android itself wasn't the problem but the locking of the bootloader in the phone. If the bootloader could be unlocked, then it significantly lowers the bar for the end user to install their OS of choice.

I have dabbled with flashing OSs in old smartphones (GrapheneOS, Post market and Lineage). I commend the developers because I could do that without truly having to "understand the code" at the lower levels. But I assume that was possible because the boot loader could be unlocked somehow*. It seems that isn't the case with many/most phone fro. Samsung / Xiomi, etc.

Are their bootloaders truly unlockable? Is it simply impossible to unlock and relock bootloaders?

  • I know that with lineage, the bootloader couldn't be relocked and that was touted as a security flaw. If someone could explain why this lock/unlock is so complex, I'd appreciate it.
you are viewing a single comment's thread
view the rest of the comments
[–] gandalf_der_12te@discuss.tchncs.de 3 points 1 day ago

Uhm, so, the problem isn't only the unlocking but also the re-locking of the bootloader.

Leaving the bootloader unlocked while you're storing sensitive data on the phone means that thieves, but also law enforcement, can read the data that's stored on your phone if they guess the cryptographic key that protects your data correctly. If you're using a 4-digit PIN, there's only 9999 combinations, and guessing the PIN correctly can be done in a few minutes on a modern computer.

If you use a strong password, your data would be secured against thieves and law enforcement. But then you'd have to enter a strong password every time that you boot up the device, which is annoying.

So, if you can re-lock the bootloader after having installed the operating system, then an attacker can't just access the raw, encrypted data and try every possible PIN combination on it. Instead, they'd have to go through the operating system's user interface that's installed on the phone, and that can limit the number of allowed password attempts down to 10 or so, so they probably won't have access to the data on the phone if they don't guess the PIN correctly within 10 attempts.