I am one of people who doesn’t like his phone being stolen, but also who doesn’t like to have bloatware and forced to use outdated official software. I also never broke and I don’t plan to break the law.
But here is the dilemma I am facing:
if I unlock the bootloader, in order to get rid of bloatware or use higher Android version in case company stops updating - then the thief can flash other or stock OS to it and sell it for parts.
If I stay with locked bootloader and hence use stock OS, I have antitheft, because only stock images are flashed and purging user data requires to unlock linked account (on xiaomi and samsung (knox)) first, hence thief will get bricked phone if he attempts to delete data.
So, either stick with stock until they stop releasing or unlock and loose theft protection.
Here is a simple solution I am asking Fairphone implements - implement optional passwording of download mode and recovery, similar to PC BIOS password kept in non-volatile memory. The password must survive resets and energy loss. Password must be allowed to be strong (with wait times and 16+ characters. You can offer password unlocking service for price of 2/3 of the phone (to prevent thieves profiting) and if authorities require it ofc, no problem if you need this. This way you can also generate additional profit while adding unique feature to your product!
This way, thief can’t flash any different OS image and if userdata is encrypted, its a brick for him unless he pays 2/3 market price to you (which he won’t do). If you do this, I give a word to sell all my phones and get Fairphones that support this, thats gonna be 4 devices.
I don’t know which bloatware you’re exactly having in mind here. But have you might have a look at FP3 with /e/ OS. This OS is focusing on privacy and long term OS support and it works with the bootloader locked.
I don’t get it. Even if the bootloader is locked, can’t you unlock it through a single command (or nearly) and this way install the OS anew?
AFAIK locked bootloader prevents a datatheft because it does a hard reset, but doesn’t stop from reinstalling the OS. Or did I miss something?
Actually, seeing the software support of the FP2, your phone might die before this happens
Wouldn’t that be defeating Fairphone’s motto: “The most sustainable phone is the one you keep”? Sustainibility would want that you keep your phone the longer possible
(You do what you want of course, I am not criticizing anyone’s decision’s)
I would love an option to password access to both recovery partition and download mode (heimdall/odin, fastboot), with a strong non-resetable (or via factory auth) password. Of course as it should be opt-in choice.
On Galaxy S9 for example its: google and its many apps(*): play books/music, drive, chrome (duplicate of browser), gmail, youtube; facebook, instagram, linkedin, microsoft office/word/excel/…; of course Samsung software (from which only Samsung Member is what I need) . I opened Applications list and its lots and lots of things that I never need, which are non-removable and implemented as installers that jump out of the corner and make noise. A lot of work needed to block them without touching root, but its only possible to hide Google apps (not remove), yet one needs Google account for this. So, bloat basically. On Lineage Microg in comarsion, its possible to hide and/or lock even the few basic software. But this is not topic of discussion, discussion is about theft protection on custom rom.
/e/ is very outdated** and offers no advantage vs Lineage MicroG + APKPure**. For example, /e/ for S9 is Android 8, with installation that will mess vendor partition, requiring stock rom reinstall. But this is not topic of discussion, discussion is about theft protection on custom rom.
** I read now that Fairphone partnered /e/ and allows bootlock rearming, I find this excellent. I understand that any company needs money to progress. My statement above is about general situation about /e/ vs non-Fairphones. Can you lock bootloader on FP when installing other custom roms, except /e/ ? If I understand correctly, FP added /e/ kernel keys to their bootloader - but this still imposes limits and I doubt its possible to support custom roms this way, I think its very secretive process, where trust happens only between companies. So from user freedom standpoint its of little value in my opinion.
If bootloader is locked, then one can only flash stock rom. If one flashes stock rom, userdata partition is not changed. If one decides to wipe userdata partition, then knox blocks bootloader unlock option and calls home, which I call a very good solution. But if custom rom is installed, which means phone was not set to locked state remotely - thus supposely owner is installing that custom rom, then Knox no longer functions/offers no protection and one can install any rom/wipe userdata with no consequences. Same for Xiaomi.
I am looking at FP3+ now, it hardware is very nice. About stock software, I care very little although its very nice to have. Anyways, I always preferred to pay app developer directly for paid and register to Amazon account or similar.
I acknowledge that some or many like google and like stock rom. My question is about anti-theft security for custom rom users. Even if FP3+ phone support drops in 3 years after release, this ability will allow anti-theft protection to leave on.
A device with download and recovery password locked, can’t be reflashed or wiped without serious effort, plus userdata can’t be purged - and on any boot custom antitheft service will start in background. This isn’t very different from PC BIOS password lock, but with password stored into non-volatile rom.
Yes, I accept that loosing password will make phone a brick or cost a lot to unlock - but its far better option for todays’ teenagers from parents perspective and seniors. Which antitheft solution is installed in userdata is then left to user, but sure Fairphone can offer theirs as well.
AFAIK not same for Fairphone. FP doesn’t have Knox or the same sort of vendor specific software.
You can unlock bootloader and suppress data to reinstall the stock OS more or less easily.
Is this really such a big consideration? Not only is there no bloatware on the FP3, but I have never had a phone stolen in my life! Is it really necessary to base all your decisions on such an unlikely event? Also, I’m with Alex: don’t replace your phones if they’re still working.
Same function can be achieved with Cerberus or Prey. The only problem, which is why the thread, - if phone has download mode unlocked, then system and userdata partitions can be wiped.
On Xiaomi and Samsung download mode is locked by default only to stock rom, which respects vendor-specific antitheft in userdata.
This is issue with unlock bootloader method, because it only trusts companies, not owners. This is understandable, but not of any use for owner. Passwording method can easily compensate that as optional addition and it will not get in a way of vendor or law.
Yes. Well FP3 still goes with GApps if I am not mistaken, but its not the actual subject as any other phone can be bootloader unlocked. The problem appears exactly when bootloader is unlocked, as system and recovery partitions can then be flashed regardless of userdata partition state.
The only advantage of FP if I am not mistaken is trust to /e/ ROM, which means for just this ROM is possible to keep anti-theft integrity. This is very cool, but its only one project among many custom firmware; plus trusting everyone would defeat its meaning.
I am happy for you, but never say never. It depends who are you and where you walk. A phone stolen from a girl at school - easy money. See phone theft statistics, a phrase like “phone theft statistics” in search engine returns: “70 million smartphones are lost each year, with only 7 percent recovered. 4.3 percent of company-issued smartphones are lost or stolen every year.” or “In the United States, 113 smartphones are lost or stolen every minute.” But it doesn’t return “my phone was never stolen” even once. A phone easily costs $100-500. Ain’t this beautiful for a thief? I am sure you are not supporting them.
Yes, because event is likely.
But if I pay for a phone, I am willing to accept the (disadvantage of) risk of forgetting password, for (an advantage) of phone being useless spyware brick to a thief. Besides it must be implemented as option. Imagine thief dumps it to seller phone shop, which can’t easily bypass it with spyware running. I tell you, thieves will avoid such phone like hell.
Working in thief hands, hm? I wish I would be that rich.
I don’t think so. Look at those who stole Iphones, made pictures with it of them self that are uploaded to the owners cloud account.
I would guess a good percentage of phone theft is opportunity. Most will not study which phone to steal and put it back into your pocket if its not worth it.
Apple has tried it with a far more walled garden and included anti theft measurements.
None is working, you can reset every Iphone afaik.
Same goes for bios locks. I can’t say all but the majority can be bypassed.
A little bit off topic, this memory stick is for you:
You can set up hardware self destruction after X wrong attempts to decrypt it.
Whoa! Nice to see such a commitment to a cause. And welcome to this forum :-).
This might be a bit off topic for your likings, but in my opinion the advantages on the software side are only minor advantages. Even many of the hardware advantages are minor to me. Of course I like to be able to insert 2 sims (*). And I like the (for my standards) huge battery inside too. But I would gladly throw any of those features away if my phone was not so damn fair and sustainable compared to the competitors.
I do see the advantage of what you would like to see in a phone. But for me, the biggest advantage is not the co-operation with /e/ (which is cool), or any other user-friendly option. The biggest advantage is the fact that I can follow my ideals, that when one day I leave this world, it might look slightly less messed up than when I was born into it (and in the mean time make phone calls ). That challenge is big enough as it is already, unfortunately. So if you would ask me what should be a priority, it would not be privacy-friendly anti-theft, but a better world.
Now, I could ramble on about how defending individuals (= walls, locks, fences) against a societal problem (= theft) is treating the symptoms instead of the disease. But like I said, I think you’ll considder it off topic. Also, that doesn’t do justice to the fact that if a structural solution is not close at hand, we sometimes need to resort to treating the symptoms.
I wish you good luck with your search :-).
(*) Whoa, I realize only now that this choice might have been for sustainability-purposes too! Instead of having to use 2 phones (1 personal, 1 for work), you only use 1.
). That challenge is big enough as it is already, unfortunately. So if you would ask me what should be a priority, it would not be privacy-friendly anti-theft, but a better world.