After I got such elaborate technical and promising (though unfortunately not fruitful) reply to the question about JTAG, I asked the same contact from support about UART.
The support person was again very helpful and forwarded the question. However they received this slightly unsettling reply:
- Debug UART is not accessible for customers
I interpret that as “There is a debug UART, but we don’t want you to know about it” – which doesn’t look promising regarding helping the community getting this phone opened up. Quite a contrast to FP2. I wonder why.
That probably means we best keep reverse engineering this piece of locked down hardware, as if it was an Iphone. Maybe we should start looking into root-exploits.
For people interested in active development this probably means its better to not install updates anymore for the time being, so you don’t get patched out of potential local privilege escalation vulnerabilities you might need later.
Not happy about this. Can’t blame the support, but not happy about this.
Edit: This actually increases the probability that we are on the right track with the solder pads.