• TCB13@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    1 year ago

    But yes, perhaps a disclaimer for the paranoid people on Calyx’s website could be a decent idea.

    It isn’t about being paranoid. It’s about knowing where you’re stepping, not everyone has time / can do proper research and I’m sure there are people running Calyx / others that aren’t aware of that boot security issue and if they were they wouldn’t be using it.

    Look those projects are great as you said and I’m very grateful they exist but people should know what they’re “buying into” when it comes to security and privacy.

    • MigratingtoLemmy@lemmy.world
      link
      fedilink
      arrow-up
      1
      arrow-down
      1
      ·
      1 year ago

      I think the industry/market generally realises that Graphene is the most secure Android OS there is. I’m interested in trying to understand how they implemented locking the bootloader and why other ROMs aren’t picking this up yet. Maybe it’s just a lot of work.

      I think people who go on to flash Calyx definitely know the advantages of locking one’s bootloader and that using Calyx doesn’t let you do that. I think ROMs such as these also explicitly mention that the bootloader cannot be locked once said ROM is installed. I understand if someone doesn’t have the time but if they had enough time to understand how to flash a ROM on their mobile one would think they’d be interested in such details too (well, if they aren’t, then they likely don’t care).

      • TCB13@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        1
        ·
        1 year ago

        I think the industry/market generally realises that Graphene is the most secure Android OS there is. I’m interested in trying to understand how they implemented locking the bootloader and why other ROMs aren’t picking this up yet. Maybe it’s just a lot of work.

        From what I know it isn’t only about “a lot of work” its about phone vendors having to support that in the first place.

        I think people who go on to flash Calyx definitely know the advantages of locking one’s bootloader and that using Calyx doesn’t let you do that

        From what I see in this post and others doesn’t seem like it. Seems like a lot of people are unaware of this issue.

        • cyberwolfie@lemmy.ml
          link
          fedilink
          arrow-up
          0
          ·
          1 year ago

          Bootloader is relocked after flashing Calyx on an FP4. Are you saying that isn’t actually the case?

          • TCB13@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            That’s only possible on a small subset of devices and I actually remember that even for the FP4 they said in some devices it doesn’t work due to some bug and may lead to a bricked phone.

            • cyberwolfie@lemmy.ml
              link
              fedilink
              arrow-up
              1
              ·
              1 year ago

              Ok. My understanding is that Calyx only supports devices that allows relocking, which essentially means Pixels, FP4 and some Shift-device (according to their documentation). So I become a bit confused when it is claimed that it cannot be done at all in Calyx, and that this is some big truth that its users (me included) are not privvy to.

              https://calyxos.org/docs/guide/device-support/