SoylentNews is people
SoylentNews
Google is using the boiling frog method to exclude power users and custom ROMS from android.
A new feature in Android 8.0 Oreo, called "Rollback Protection" and included in the "Verified Boot" changes, will prevent a device from booting should it be rolled back to an earlier firmware. The detailed information is here.
As it rejects an image if its "rollback index" is inferior than the one in "tamper evident storage", any attempts to install a previous version of the official, signed ROM will make the device unbootable. Much like iOS (without the rollback grace period) or the extinct Lumias. It is explained in the recommended boot workflow and notes below, together with some other "smart" ideas.
Now, this might seem like a good idea at first, but let's just just imagine this on a PC. It would mean no easy roll back from windows 10 to 7 after a forced installation, and doing that or installing linux would mean a unreasonably complex bootloader unlocking, with all your data wiped. Add safetynet to the mix, and you would also be blocked from watching netflix or accessing your banking sites if you dared to install linux or rollback windows.
To add insult to injury, unlocked devices will stop booting for at least 10 seconds to show some paternalist message on how unlocking is bad for your health - "If the device has a screen and buttons (for example if it's a phone) the warning is to be shown for at least 10 seconds before the boot process continues."
Now, and knowing that most if not all android bootloaders have vulnerabilities/backdoors, how can this be defended, even with the "security/think of the children" approach? This has no advantages other than making it hard for users to install ROMs or to revert to a previous official ROM to restore missing functionality.
(Score: 2) by Arik on Wednesday September 06 2017, @10:39PM
"So what are you going to use then? An Apple? Did you not notice how they already do the exact same thing? (And worse, there's *never* been a possibility of having an open-source ROM for an iPhone, unlike Android devices.)"
Now this may be defensible as technically correct, but it's deceptive. Any reader who doesn't already know otherwise could be excused for understanding you to have said that Android devices, generally, had the possibility of running an open-source ROM before this. And that's just not true, as I'm sure you are aware. In fact, you may well be more knowledgeable about it than I am. Is there, actually, a single android device that was ever manufactured that doesn't rely on an opaque blob or a superior processor or both? Certainly the Nexus S was never and will never be in that category and IIRC that's the one I've heard praised the most: https://redmine.replicant.us/projects/replicant/wiki/NexusSI902xPrivacySecurityEvaluation
"(the radio firmware probably can't be open-source, but that's OK; we don't really care about that, just like we don't usually care about the firmware on a WiFi radio in our PC, we just want it to work with Linux)"
1) I know of no reason it can't be, and it certainly should be, and yes I do care.
2) If you don't care you're just being careless. If you have a subsystem with its own processor running a proprietary blob it has to be considered as compromised from day one. If it's possible for it to be used to compromise your 'main' system then the main system, similarly anything you load as a main system will also be compromised from day one. It doesn't matter how carefully each line of code you load into the main system has been vetted when there's a second cpu that has unsupervised DMA access to the main systems memory, for an incredibly common and utterly indefensible example.
If laughter is the best medicine, who are the best doctors?