I understand that KNOX is specific to Samsung, but I'm wondering if other Android manufacturers employ similar mechanisms of permanently modifying the phone if you make software changes (ie blowing an efuse if you unlock the bootloader of your device so that even relocking the bootloader does not reset the phone.)
Asked
Active
Viewed 101 times
1
-
1No.... Some just prevent unlocking bootloader – beeshyams Dec 27 '23 at 23:27
-
Some like Huawei make you wait for 7 days before letting you unlock. Given the huge number of OEMs and how they customize, it's not possible to answer what other manufacturers do-it's an impossibly wide scope to answer – beeshyams Dec 28 '23 at 04:48
-
1To add some like Oneplus Xiaomi (some devices) break the TEE on unlocking and can't be reset after locking also – beeshyams Dec 28 '23 at 04:51
-
@beeshyams thank you for your comments. I was unaware of the term TEE, but do have a general understanding of secure enclaves. My Google-foo is weak - can you provide me any models that can't be reset after [un]locking? The only thing I have found thus far is https://xdaforums.com/t/tee-broken-after-unlocking-bootloader.4555297/ which seems to imply the opposite! – davidgo Dec 28 '23 at 09:17
-
@beeshyams Also - and I acknowledge I am probably wrong - https://android.stackexchange.com/questions/23330 would almost seem to indicate that TEE - correctly implemented - can work with the boot loader lock/unlock but provided this can still be reversed - ie its not an efuse blown type scenario. This further hints that some Xiaomi devices can bypass this - but the implication in those devices would be the reverse of your comment - ie TEE can be bypassed and can unlock a bootloader which should not be unlockable. – davidgo Dec 28 '23 at 09:25
-
TEE if correctly implemented only affects STRONG_INTEGRITY meaning it will fail on unlocking bootloader but TEE is not broken. On locking it should pass STRONG_INTEGRITY. There are many Oneplus and Xiaomi and some other users who reported TEE is broken (separate from failing) when boot loader is unlocked and does not get fixed when it is locked. All due to faulty implementation//Just search for TEE in this Telegram to get an idea of how prevalent it is – beeshyams Dec 28 '23 at 10:22
-
Also fails DEVICE_INTEGRITY on unlocking. Missed that – beeshyams Dec 28 '23 at 12:43