Comment by palijer

5 hours ago

It ain't normal to me. If I bought a phone, I should be able to decide that I want to run different software on it.

Let's say OP takes a very different turn with their software that I am comfortable with - say reporting my usage data to a different country. I should be able to say "fuck that upgrade, I'm going to run the software that was on my phone when I originally bought it"

This change blocks that action, and from my understanding if I try to do it, it bricks my phone.

12 comments

palijer

Reply
jnwatson  4 hours ago

The whole point of this is so that when someone steals your phone, they can't install an older vulnerable version of the firmware than can be used to set it back to factory settings which makes it far more valuable for resale.

  • palijer  2 hours ago

    Phone thieves aren't checking which phone brand I have before they knick my phone. Your scenerio is not improved by making Oneplus phones impossible to use once they're stolen.

  • echelon  2 hours ago

    I'm fine with a total loss of hardware. I'd rather the hardware do what I want. I own it.

  • QuiEgo  4 hours ago

    It'd be ideal if the phone manufacturer had a way to delegate trust and say "you take the risk, you deal with the consequences" - unlocking the bootloader used to be this. Now we're moving to platforms treating any unlocked device as uniformly untrusted, because of all of the security problems your untrusted device can cause if they allow it inside their trust boundary.

    We cant have nice things because bad people abused it :(.

    Realistically, we're moving to a model where you'll have to have a locked down iPhone or Android device to act as a trusted device to access anything that needs security (like banking), and then a second device if you want to play.

    The really evil part is things that don't need security (like say, reading a website without a log in - just establishing a TLS session) might go away for untrusted devices as well.

    • fc417fc802  31 minutes ago

      > We cant have nice things because bad people abused it :(.

      You've fallen for their propaganda. It's a bit off topic from the Oneplus headline but as far as bootloaders go we can't have nice things because the vendors and app developers want control over end users. The android security model is explicit that the user, vendor, and app developer are each party to the process and can veto anything. That's fundamentally incompatible with my worldview and I explicitly think it should be legislated out of existence.

      The user is the only legitimate party to what happens on a privately owned device. App developers are to be viewed as potential adversaries that might attempt to take advantage of you. To the extent that you are forced to trust the vendor they have the equivalent of a fiduciary duty to you - they are ethically bound to see your best interests carried out to the best of their ability.

      1 reply →

    • charcircuit  1 hour ago

      >and then a second device if you want to play.

      With virtualization this could be done with the same device. The play VM can be properly isolated from the secure one.

      2 replies →