Comment by subscribed
4 hours ago
I don't think it's accurate.
Specifically GrapheneOS on Pixels signs their releases with their own keys. And with the rollback protection without blowing out any fuses.
4 hours ago
I don't think it's accurate.
Specifically GrapheneOS on Pixels signs their releases with their own keys. And with the rollback protection without blowing out any fuses.
I was talking about different keys and different fuses. I know about "avb_custom_key" (provisioned by GrapheneOS), but all this AVB is handled by abl/trustzone and I can't modify those because those need to be signed with keys that I don't own.
I know that all these restrictions might make sense for the average user who wants a secure phone.. but I want an insecure-but-fully-hackable one.