|
|
|
|
|
|
by djsumdog
2559 days ago
|
|
|
Yea. It's bullshit. You can't install something like Magick and then relock the bootloader with a new signature. A PC with UEFI (except for a few of those which Microsoft locked down) lets you turnoff secure boot, and install your own keys, and turn it back on. So you actively delete the stock keys that boot stock Microsoft/Ubuntu/Redhat, and then custom sign your Grub bootloader or UEFI-Stub Kernel, add that cert to SecureBoot and turn it back on. You can argue device security all day long, but if manufactures can't update Android security patch sets as they come out, then you have gaps in your device security anyway. Google controls ASOP. They could literally force manufactures to be compliant, have UEFI or devicetree as a standard, demand every device allow a stock reinstall just like Windows and even create shims to fix the broken Linux driver ABI. But there is more money in planned obsolescence. Gotta throw out that phone after two years and just buy a new one. |
|
|