English

Is it insecure to have an unlocked bootloader?

Tags: #<Tag:0x00007f05db259968>

This is a bold statement that is outright wrong in my opinion. Please consider editing that post to prevent less technically inclined users falling for this.

An unlocked bootloader allows anyone who has temporary access to the phone to tamper with the boot process and in consequence with the system partition. This enables a slightly sophisticated attacker to implant a backdoor or extract the decryption key/your passphrase while you unlock the phone the next time.
Of course there are layers of trust and not everyone may want to root their trust into the security of an opaque locked boot process. However, I can hardly think of any thread model in which an unlocked bootloader does not compromise the phone’s security in one way or another.

I am aware that this post is off-topic – sorry for that but I felt like this statement needed some additional context.

7 Likes

Hi @plokta and welcome to the forum! Next time you could click the
grafik chain symbol below a post and then choose “New Topic” to create a new topic that is linked to a post in another topic.

grafik

I’ll move your post because I think that this discussion is very important and it deserves it’s own topic.

6 Likes

You are right, that’s a concern, I agree.
I was only thinking about “My phone gets lost or stolen. What can a person who then has it do?” and read a bit on the internet … I see that fell short.

But is at least the lost/stolen scenario covered by encryption as long as third parties don’t get the decryption key?

2 Likes

Thanks @Stefan for moving the post!

This should be the case unless there is an unknown issue within the encryption or its implementation. However, the question we need to consider here is whether an unlocked bootloader could make it easier for an attacker to extract or brute-force the key. I am no expert but I’d imagine that this could be the case: As an example, if the bootloader is unlocked it might be easier to circumvent some brute-force prevention mechanisms such as delays or a limit of unlock attempts. If that would be the case, the lock pattern on a 3x3 grid that most users use has a rather small input space and can likely be brute-forced.

Personally, I also use my day-to-day phone with encryption and an unlocked bootloader. However, I would not rely on Android’s encryption and its security model to protect really sensitive data against skilled adversaries. There is so much that can go wrong in cryptography and Android encryption has been criticized in the past for being broken [1] and not being well designed [2]. Even though this post is from 2016, checking the Android source documentation suggests that not much has been changed since [3].
Furthermore, given the various proprietary binary blobs running on a common Android phone, potential issues in the trust zone [4] or even in the hardware (e.g., vulnerable chips with DMA), I personally deem it reasonable to assume that physical access to the device eventually results in data access when dealing with sophisticated adversaries – regardless of the state of the bootloader.

In the case of a lost or stolen phone, Android’s encryption should propably suffice to keep the data secure from the prying eyes of the common pickpocket – at least I do hope so. And in the end it all comes down to your threat model :wink:


[1] https://www.theregister.co.uk/2016/07/01/turns_out_breaking_android_fulldisk_encryption_is_easy_with_the_right_code/
[2] https://blog.cryptographyengineering.com/2016/11/24/android-n-encryption/
[3] https://source.android.com/security/encryption/file-based
[4] https://research.checkpoint.com/2019/the-road-to-qualcomm-trustzone-apps-fuzzing/

5 Likes