Relocking the boot loader after /e/Os install?


I just installed /e/OS on my FP4, using the easy installer made by e Foundation. I had to do a certain step several times to get it to work, but it worked out in the end. But now I’m left with an unlocked boot loader , and from what I understand this is a security risk. Relocking it however also seems to be a risk as I am reading in various topics that this could brick a phone.

I don’t know a lot about all of this and I could definitely use some advise. Could any one explain to me how this works, what my options are, what I would have to do to relock it, and if it is worth the risk?

Any help would be greatly appreciated.

You may search on the forum for security risk with unlocked bootloader
. One security risk may be that if someone gets hold of your unlocked device they might flash malware on it without you noticing it.
On the other side you have much more options yourself with an unlocked bootloader (by e.g. using Fastboot commands).
If you really want to relock the device I recommend you wait until the new /e/OS update is out (suppose it should be there very soon). Then you have a newer patch version than before and locking the bootloader should work. Just make sure that OEM unlock is enabled before relocking the bootloader so in case anything goes wrong your device is not bricked.

1 Like

So if I make sure OEM unlock is enabled my chances of bricking the phone are low?

You might not be able to boot it after locking it (if anti rollback feature thinks to have to intervene), but you’d still be able to unlock the bootloader again and fix the problem yourself…

Verified boot protects against persistence of remote attacks and is only enforcing when locked.

1 Like