Lately, I have also been reading a lot about locked vs unlocked boot loader in context of LineageOS on Fairphone [1], and I would like to add the following points:
- Fairphone 3 does not have ‘secure boot’ enabled [2]
- EDL is easily accessible, and a working EDL programmer is publicly known [3]
Generally, this means that anyone with physical access can put the phone in EDL mode and reprogram it. There is even an published method to unlock the boot loader using EDL, leveraging those issues [4].
Yes, Android’s encryption helps here. As explained in that same topic, that EDL unlocking method still does not allow access to the encrypted data as it also modifies the encryption keys. More devastating attacks are likely possible though.
To address those issues, I have experimented with enabling avb_custom_key to override the built-in root of trust [5]. Contrary to what is stated here, this seems to work, as I can see that the key has been set in devinfo.bin.
However, that still does not help if ‘secure boot’ is not enabled. Here I got stuck - enabling secure boot requires blowing some qfuses [6]. I think this should be possible with the EDL programmer, but at this point things become risky, with a very high chance of hard bricking the device.
Bottom line: a locked Fairphone 3 boot loader provides additional security compared to an unlocked one, but keep in mind that secure boot will still be disabled, and EDL mode easily accessible, meaning that the additional security is more limited than you might think.
That being said, I do think the additional security is real and significant, so I personally run LineageOS with relocked boot loader (and some additional security measures).
[1] Official LineageOS 17.1 for Fairphone 3/Fairphone 3+ - #70 by Micka
[2] Fairphone 3 unlocking without oem unlocking - #19 by sooorajjj
[3] Fairphone 3 unbricking - #52 by k4y0z
[4] Fairphone 3 unlocking without oem unlocking
[5] Estado do dispositivo | Android Open Source Project
[6] Android boot sequence - verified boot security - Information Security Stack Exchange