| ▲ | zb3 4 hours ago |
| It's Google's fault. I want to buy a smartphone without AVB at all. With no "secure boot" fuse blown (yes I DO know that this is not the same fuse) and ideally I'd want to provision my own keys. But vendors wouldn't be able to say the device runs "Android" as it's trademarked. AVB is therefore mandatory and in order for AVB to be enforced, you can't really control the device - unlocking the bootloader gives you only partial control, you can't flash your own "abl" to remove AVB entirely. But I don't want AVB and I can't buy such device for money.. this isn't free market, this is Google monopoly.. |
|
| ▲ | digiown 2 hours ago | parent [-] |
| The closest thing you can get is probably the Pixel, ironically. You can provision your own keys, enroll it into AVB, and re-lock the bootloader. From the phone hardware's perspective there is no difference between your key and Google's. No fuse is ever blown. |
| |
| ▲ | zb3 2 hours ago | parent [-] | | That's not really true, there will be a warning shown that "the phone is loading a different operating system" - I've seen that when installing GrapheneOS on my pixel. But it's not just about that, it's about the fact that I can't flash my own "abl" or the software running in the TrustZone there at all as I don't control the actual signing keys (not custom_avb_key) and I'm not "trusted" by my own device.. There were fuses blown as evident by examining abl with its fastboot commands - many refuse to work saying I can't use it on a "production device". Plus many of those low-level partitions are closed source proprietary blobs.. Yes yes - I DO understand that for most people this warning is something positive, otherwise you could buy a phone with modified software without realizing it and these modifications could make it impossible to restore the original firmware. | | |
| ▲ | digiown 2 hours ago | parent [-] | | Ah, I forgot about the warning. Are the blown fuses you're talking about related to to your unlocking though? Or did they just remove the debug functions. I guess it reduces the attack surface somewhat. I do agree it's far from ideal though. But there are so many, much worse offenders that uses these fuses to actually remove features, and others that do not allow installing a different OS at all. The limited effort should probably be spent on getting rid of those first. | | |
| ▲ | zb3 2 hours ago | parent [-] | | I'm not sure I'd agree with your last conclusion, we as consumers can choose what to buy, so for me the situation where there's one brand that produces open devices (with competing specs, not like pinephone..) where I could install postmarketos/ubuntu touch without any parts of android would be better than there being many brands producing smartphones allowing only basic unlocking and without open firmware. Of course there are bigger problems in the ecosystem, like Play Integrity which actively attempt to punish me for buying open hardware. Unfortunately that's the consequence of putting "trusted" applications where they IMO don't belong - there are smartcards with e-ink displays and these could be used for things like banking confirmations, providing the same security but without invading my personal computing devices. But thanks to Android and iOS, banks/governments went for the anti-user option. |
|
|
|
