Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Wednesday September 06 2017, @02:46PM   Printer-friendly
from the dunk-it-in-milk dept.

Google is using the boiling frog method to exclude power users and custom ROMS from android.

A new feature in Android 8.0 Oreo, called "Rollback Protection" and included in the "Verified Boot" changes, will prevent a device from booting should it be rolled back to an earlier firmware. The detailed information is here.

As it rejects an image if its "rollback index" is inferior than the one in "tamper evident storage", any attempts to install a previous version of the official, signed ROM will make the device unbootable. Much like iOS (without the rollback grace period) or the extinct Lumias. It is explained in the recommended boot workflow and notes below, together with some other "smart" ideas.

Now, this might seem like a good idea at first, but let's just just imagine this on a PC. It would mean no easy roll back from windows 10 to 7 after a forced installation, and doing that or installing linux would mean a unreasonably complex bootloader unlocking, with all your data wiped. Add safetynet to the mix, and you would also be blocked from watching netflix or accessing your banking sites if you dared to install linux or rollback windows.

To add insult to injury, unlocked devices will stop booting for at least 10 seconds to show some paternalist message on how unlocking is bad for your health - "If the device has a screen and buttons (for example if it's a phone) the warning is to be shown for at least 10 seconds before the boot process continues."

Now, and knowing that most if not all android bootloaders have vulnerabilities/backdoors, how can this be defended, even with the "security/think of the children" approach? This has no advantages other than making it hard for users to install ROMs or to revert to a previous official ROM to restore missing functionality.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Insightful) by jmorris on Wednesday September 06 2017, @11:07PM (3 children)

    by jmorris (4844) on Wednesday September 06 2017, @11:07PM (#564321)

    PayPal has banned political groups because they're extremists...

    So? Stormfront, Antifa (well maybe not them now that they are a designated terror org) and the SPLC are all vile organizations but they can walk into the doors of any brick and mortar bank and open an account. They are assured of this ability because that sort of non-discrimination is part of the laws regulating FDIC insured banks. PayPal is an FDIC insured bank too, what gives them these special rights they are asserting to be exempt from the law? Obama of course had perverted the banks so they could refuse service to enemies of The Party but that has been reversed, all banks must again serve all customers who aren't criminals. Of course they spy on them for law enforcement but that is an entirely different debate.

    And guess what? Google, Facebook, Twitter, etc. are going to get regulated as utilities eventually and be barred from discriminating. Because they are utilities in everything but official government designation already. The electric company can't decide it doesn't want to service scum like SPLC and disconnect their lights. The trash company can't decide Anglin is just too extreme and leave dailystormer's trash out on the curb to stink. But godaddy (and every single competitor... no collusion here) can suddenly decide it can't track their DNS record? On what planet is this sort of nonsense sustainable?

    Starting Score:    1  point
    Moderation   +1  
       Insightful=1, Total=1
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3  
  • (Score: 2) by J053 on Thursday September 07 2017, @12:11AM (1 child)

    by J053 (3532) <dakineNO@SPAMshangri-la.cx> on Thursday September 07 2017, @12:11AM (#564340) Homepage
    Actually, PayPal is not FDIC insured - they hold funds in your PayPal balance in FDIC-insured banks, so your funds are protected, but PayPal itself is not a member of FDIC and thus does not have to follow their rules.
    • (Score: 2) by jmorris on Thursday September 07 2017, @03:30AM

      by jmorris (4844) on Thursday September 07 2017, @03:30AM (#564399)

      Mere sophistry and proving my point they are a bank pretending to not be a bank when the rules cramp their free wheeling .com style. So, you think Chase could get away with pretending they aren't a bank but the customer deposits are safely in one and then start refusing service to people for whatever reasons?

      Why do so many people get caught up in this "on the Internet" mania, believing simply adding those magic words to any existing business instantly transforms it into something entirely new? Banks aren't new. Wire transfers aren't new. Paypal isn't anything new merely because it does those things on the Internet. Chase has a webpage too, they are still bound by the financial regulations when you bank through it.

  • (Score: 2) by Grishnakh on Thursday September 07 2017, @03:27AM

    by Grishnakh (2831) on Thursday September 07 2017, @03:27AM (#564397)

    On what planet is this sort of nonsense sustainable?

    The planet where the government refuses to regulate ISPs as utilities.

    Google, Facebook, Twitter, etc. are going to get regulated as utilities eventually and be barred from discriminating.

    I see no evidence to support this assertion. They aren't regulated as utilities now, and they've been around for ages, especially Google. There's no political will right now to increase regulation on anything at all, and no indication that this will change before the country tears itself apart and breaks down into separate nations or has a civil war.