← Back to context

Comment by zb3

5 hours ago

Note that Google also forces this indirectly via their "certification" - if the device doesn't have unremovable AVB (requires qualcomm secure boot fuse to be blown) then it's not even allowed to say the device runs Android.. if you see "Android™" then it means secure boot is set up and you don't have the keys, you can't set up your own, so you don't really own the SoC you paid for..

2 comments

zb3

Reply
subscribed  2 hours ago

I don't think it's accurate.

Specifically GrapheneOS on Pixels signs their releases with their own keys. And with the rollback protection without blowing out any fuses.

  • zb3  2 hours ago

    I was talking about different keys and different fuses. I know about "avb_custom_key" (provisioned by GrapheneOS), but all this AVB is handled by abl/trustzone and I can't modify those because those need to be signed with keys that I don't own.

    I know that all these restrictions might make sense for the average user who wants a secure phone.. but I want an insecure-but-fully-hackable one.