Fairphone 4 locked-down software = planned obsolescence?

I have already asked support about this, but have had no response or confirmation in four days, so asking the community instead:

Hi,

I purchased a Fairphone 4 expecting it to be relatively open and easy to install my own software such as /e/os or iodé, but I find that it this is far from the case.

1, The bootloader requires a special code from Fairphone to unlock - wtf? I have never seen this before from any manufacturer, I am really surprised to see it from Fairphone!
(according to this thread, it is “likely” that Google are informed of the IMEI/Serial of any device that has been OEM-unlocked. Can anyone confirm if this is true?)
2, The bootloader unlock process apparently disables “important security features” it but doesn’t specify what is being disabled or if it is possible to re-enable them. Can anyone give me more info about exactly what is being disabled?
3, When I look at installing /e/os myself, I find that there is some evil thing called an “anti-rollback” PROM, consisting of electronic fuses (eFuses), which are irreversibly blown one-at-a-time by each update to Android, and will apparently BRICK the device if a non-Google-approved software is loaded, or if one tries to load an earlier version of Android than the latest that was installed on the phone. Again this is the very last thing I would expect from Fairphone!

4, I want to disable automatic updates (to try to preserve some of my eFuses… And what if I don’t like the next version of Android and I want to go back to the old one? Apparently I can’t?) but I am told that there is No way to completely disable automatic system updates, and that my phone will download and install the update itself (and presumably blow the next eFuse) in 30 days, whether I like it or not! WTF.

So Google can/will/did push a mandatory update that permanently damages my device (by blowing a physical fuse in the CPU) and I can’t do anything to stop it? This sounds like planned obsolescence to me, exactly what Fairphone are supposed to be against…
How many eFuses does the device have and how many are blown already? What will happen when some update blows the last one?

Why does Fairphone lock down its phones in this way? I feel that I do not own the hardware I just bought. What can be done about this? What is the unspecified effect of unlocking the bootloader?

If phones are bricking themselves so readily, it must mean that a lot more phones are going straight to landfill. Doesn’t this fly in the face of everything that Fairphone stands for?

2 Likes

Hi and welcome, just a side note: be lucky its so easily possible to unlock the bootloader (thats not the standard!) and relock the bootloader. All phones nowadays have a locked bootloader. You are concerned about security, so another point why you can be happy about the fact that the bootloader is locked. Also it is not a good idea to refuse updates when you are concerned about safety and security.

Have you done some reading/search in the Forum, this could give some answers already.

If you want a FP4 running e/OS without the need to unlock the bootloader, buy one pre-installed from Murena.

9 Likes

Thanks. Yes I already read that thread (it was the one I linked to)… But I can’t directly ask my questions there since it’s locked.

“Be lucky that it’s possible at all, all phones nowadays have a locked bootloader” is not really the answer I was looking for… :joy: I think Google (and Apple) need an antitrust lawsuit for this sort of behaviour TBH!

Indeed, if I had known about this locked bootloader with the fairphone-shop bought phones, I would have purchased my phone elsewhere, either from Murena or Iodé.

In terms of security, I am far more concerned about the threat from Google itself (invasions of privacy, leaking of my personal info to Google and third parties, forced installation of software that I don’t want).
As long as I can still encrypt the storage with my own passkey, I don’t see any security risk in running an unlocked bootloader and unsigned software that I compiled myself.

Maybe you would like to amend the title as the firmware, OS, software etc. is not locked, in the sense you cannot unlock it. It is only locked from the sense another person cannot install without your unlocking the GUI and then unlocking the bootloader.

So I don’t understand your problem, nor you assertions, just unlock the bootloader

4 Likes

Well, I can’t unlock it until I have asked Fairphone’s server for an unlock code, so in that sense it IS locked.

And even if I did request the code and unlock the bootloader, it appears I can’t do anything about the eFuses and the device potentially bricking itself. What security features are disabled by unlocking the bootloader? Can they be re-enabled after /e/os is installed?

I wanted to ask you, did you ever find a source for your suggestion that Google is notified when someone requests an unlock code?

Also, I notice that the “offline unlock code generator” script doesn’t work anymore, since they have changed the serial number format. Also, the code entry now requires internet access to contact Fairphone’s server (it fails with a “no internet connection” message if the phone is offline). I am curious as to why Fairphone are going to such lengths to track who is unlocking their bootloader.

1 Like
  1. I know this behaviour from LG for example, I even had to create an account for this. I think this is for warranty reasons, but I can’t make but wild guesses here.

  2. The bootloader unlock process apparently disables “important security features” it but doesn’t specify what is being disabled or if it is possible to re-enable them. Can anyone give me more info about exactly what is being disabled?
    If you unlock your bootloader, everyone with physical access to your phone can load a modified ROM on it, that’s most likely the “important security feature” which is getting disabled.

  3. The anti-rollback feature should prevent that an older security patch level is applied to your phone and known breaches can be used to attack you. I never heard of eFuses in that context. I heard about them in combination with unlocking the bootloader, if I recall correctly for example Samsung with the Knox features. As far as I know, Fairphone doesn’t use such things to track if your bootloader was unlocked and I would be surprised if they did.

  4. Mostly answered by 3, I think. In addition, you do not receive updates directly by Google. All updates are published by Fairphone.

8 Likes

If you still can, why don’t you send your phone back to Fairphone and buy one with e/os/ already installed on Murena website ?

I know it doesn’t answer your questions but it is a way to live without Google without having to unlock the bootloader

4 Likes

Not sure who you directed this at as I didn’t mention it, but your post follows/i.e. responds to mine. But as the default OS is Google certified it does make sense that they would want to know when you dump them as they are very insecure.

Here, specifically:
Continuing the discussion from Unlocking bootloader online vs offline:

@jimbowen

After unlocking the bootloader you likely won’t be able to run *some banking apps, some mobile device management apps (if you are going to use your Fairphone for work emails) won’t run and some other apps may have reduced functionality.

Regarding forced updates: There is nothing worse than an unpatched device roaming the internet. I’m responsible for the operation of a companies IT infrastructure and cybersecurity…the devices that rob me of sleep are not necessarily the ones updating automatically but the ones where for some reasons we can’t or won’t update.

I agree that to some extent your mistrust in Google is valid. On the other hand I want to be able to use my Fairphone for banking apps and agree that - in order to protect their systems - they require some security features. As those features could be circumvented with an unlocked bootloader…I understand why Fairphone delivers their phones with a locked bootloader.

* added the some as @AlphaElwedritsch demanded.

2 Likes

Please correct it to “some banking apps” because it’s not true what you are telling

3 Likes

Seems like unlocking and locking the bootloader after other os install, will brick the fairphone.
I installed some fairphones 4 with ubports in the past without problems.
But the last one i received is now bricked. Fairphone wants me to send to France for repair, costs 45 euro + transport. I will not do that, because it will brick again after install. Or there must be a tool to unbrick.
Fairphone must tell this on their website: other os install will brick the phone.

1 Like

They do tell you and it might brick and might not brick.

Still everyone would appreciate they could fix the bug after 1.5 years.

that’s not true in general. The only critical point is relocking the bootloader. As repeatedly mentioned here in the forum, you should always check fastboot flashing get_unlock_ability before relocking the bootloader.
If the answer is 1, it should be possible to relock the bootloader.
If the answer is 0, you should not relock the bootloader.

AFAIK this happens when the the previously installed OS has a security patch that is newer than the OS currently installed.

But I also don’t understand why Fairphone doesn’t communicate this problem more openly or finally fix it. It is not at all ecologically justifiable how many devices have been bricked and rendered unusable due to this problem.

2 Likes

The only thing I have done is make a Paypal complaint (i have paid with paypal).
I have asked them to refund, or give a tool or howto to fix this.
Maybe this will speed up a solution.

1 Like

Why should this speed up a bug fix?It will not change that your phone is bricked and that it con only be repaired in France. I guess you knew playing around with flashing other systems would void your warranty?

2 Likes

I will not pay for a bootloader bug to be fixed in France.
I guess that was the reason to void warranty.

Nope flashing another system voided your warranty not the bug itself.

The problem is, at least from my limited understanding at this point, that …

… so the rollback index should be cleared when you switch between locked / unlocked and vice versa. I’ve talked to a Calyx dev in the past, they didn’t get a response out of Fairphone either, and they agreed that it’s broken.

Now, when you switch between ROMs, you should start with a blank slate regarding rollback protection, but you don’t. That leads to it getting triggered if you install the wrong version and lock the bootloader.

Combine that with Fairphone probably resetting OEM unlocking on first boot (I know for a fact CalyxOS does), because that’s the state your phone is in when you buy it and that’s what you should get after installing factory images.

Wrong image + Android booted before locking = :brick:

As I said, that’s from my limited understanding, so this might be completely wrong, but since after all this time no one at Fairphone has bothered to clear this up, that’s what I’m going with … :man_shrugging:

Oh, and in my opinion they shouldn’t charge more than shipping to get bricked phones fixed, it’s a proprietary component, it’s on them to solve the issue.

4 Likes

But unfortunately because the Google bootloader for the Qualcomm Snapdragon uses eFuses on the chip to store this rollback index, it’s physically not possible to reset it, ever. The bootloader causes permanent damage to the CPU whenever an update is installed, by irreversibly blowing those fuses. Fairphone should never have used such a chip that bricks itself, or they should have used a bootloader that doesn’t blow / read them in the first place.
Really it’s up to ME which version of software I want to use on MY phone that I bought. It’s not a rented phone.
It would be great if they could make the phone “unbrickable” by allowing to boot from SD card to install an OS, like the Pinephone / Librem 5 does. Or indeed like any PC/Laptop does.
Only then could they truly say that they are saving phones from landfill.