This has been a commonplace feature on SOCs for a decade or two now. The comments seem to be taking this headline as out‑of‑the‑ordinary news, phrased as if Oneplus invented it. Even cheapo devices often use an eFuse as anti-rollback. We do it at my work whenever root exploits are found that let you run unsigned code. If we don't blow an eFuse, then those security updates can just be undone, since any random enemy with hardware access could plug in a USB cable, flash the older exploitable signed firmware, steal your personal data, install a trojan, etc. I get the appeal of ROMs/jailbreaking/piracy but it relies on running obsolete exploitable firmware. It's not like they're forcing anyone to install the security patch who doesn't want it. This is normal.

▲

palijer 4 hours ago | parent | next [-]

It ain't normal to me. If I bought a phone, I should be able to decide that I want to run different software on it.

Let's say OP takes a very different turn with their software that I am comfortable with - say reporting my usage data to a different country. I should be able to say "fuck that upgrade, I'm going to run the software that was on my phone when I originally bought it"

This change blocks that action, and from my understanding if I try to do it, it bricks my phone.

▲

jnwatson 4 hours ago | parent [-]

The whole point of this is so that when someone steals your phone, they can't install an older vulnerable version of the firmware than can be used to set it back to factory settings which makes it far more valuable for resale.

▲

palijer 2 hours ago | parent | next [-]

Phone thieves aren't checking which phone brand I have before they knick my phone. Your scenerio is not improved by making Oneplus phones impossible to use once they're stolen.

▲

creato an hour ago | parent [-]

It reduces the expected value of stealing a phone, which reduces the demand for stolen phones.

▲

palijer an hour ago | parent [-]

I find it hard to believe that Oneplus is spending engineering and business recourses, upsetting a portion of their own userbase, and creating more e-waste because they want to reduce the global demand for stolen phones. They only have like 3% of the total market, they can't realistically move that needle.

I don't understand what business incentives they would have to make "reduce global demand for stolen phones" a goal they want to invest in.

	▲	charcircuit 9 minutes ago \| parent [-]
		This is a security feature from Qualcomm. So there is little of their own time spent on this.

▲

echelon an hour ago | parent | prev | next [-]

I'm fine with a total loss of hardware. I'd rather the hardware do what I want. I own it.

▲

QuiEgo 3 hours ago | parent | prev [-]

It'd be ideal if the phone manufacturer had a way to delegate trust and say "you take the risk, you deal with the consequences" - unlocking the bootloader used to be this. Now we're moving to platforms treating any unlocked device as uniformly untrusted, because of all of the security problems your untrusted device can cause if they allow it inside their trust boundary.

We cant have nice things because bad people abused it :(.

Realistically, we're moving to a model where you'll have to have a locked down iPhone or Android device to act as a trusted device to access anything that needs security (like banking), and then a second device if you want to play.

The really evil part is things that don't need security (like say, reading a website without a log in - just establishing a TLS session) might go away for untrusted devices as well.

	▲	charcircuit 7 minutes ago \| parent [-]
		>and then a second device if you want to play. With virtualization this could be done with the same device. The play VM can be properly isolated from the secure one.

▲

g947o 3 hours ago | parent | prev [-]

Sounds like that should be an option in "Developer Options" that defaults to true, and can only be disabled after re-authentication / enterprise IT authorization. I don't see anything lost for the user if it were done this way.