Hacker News new | ask | show | jobs
by yjftsjthsd-h 427 days ago
What makes you think it's not encrypted? https://wiki.postmarketos.org/wiki/Full_disk_encryption seems to indicate that support varies a bit by device but it's perfectly doable.
1 comments
Arnavion 427 days ago
Note that the initramfs is stored without encryption or signing. So while your data won't be leaked when your phone gets stolen, it should be considered compromised if you get it back.
link
yjftsjthsd-h 427 days ago
Sure, lack of secure boot is a tradeoff. Of course, by the same token you can just reflash the boot partition and fix that.
link
netsharc 426 days ago
How does flashing work, who controls the writes? I remember reading about hacking the controller of an SD card to override the read/write functionality.

I think if the bootloader is overwritable, it could lie to you about reflashing the boot partition...

link
yjftsjthsd-h 426 days ago
It varies by device. Obviously something has to handle writes, but generally it's a lower stage that isn't easily writable itself.
link