Could also approach from usb/wifi/bluetooth/etc instead of local userspace.
The problem specifically is that unlocking the bootloader the official way deletes drm keys stored in a "TA" partition, and that makes the camera less functional. It would be sufficient to find a vulnerability that let me back up the DRM keys - but that seems unlikely without gaining root access and I'd have more confidence that I backed up the right thing with root access.
Could also approach from usb/wifi/bluetooth/etc instead of local userspace.
The problem specifically is that unlocking the bootloader the official way deletes drm keys stored in a "TA" partition, and that makes the camera less functional. It would be sufficient to find a vulnerability that let me back up the DRM keys - but that seems unlikely without gaining root access and I'd have more confidence that I backed up the right thing with root access.