Hacker News new | past | comments | ask | show | jobs | submit login

I guess having an account enables that deterrance, but I don't see how it is related to unlocking the bootloader if there was not an account bound beforehand.

If signing into an account can be preserved despite the "unlocked" bootloader, there has to be some sort of hypervisor/"secure chip" type deal denying access to the part of the device the account info is stored, no? Otherwise one could erase the account info and pass the device as untainted anyways.

So, if that information is secured against alternative operating systems, then there is no harm in allowing them by default or upon local user authorization.

In other words, if it was strictly for theft deterrence then surely you would need an account to be able to factory reset the device at all, even with the bootloader locked?




> If signing into an account can be preserved despite the "unlocked" bootloader, there has to be some sort of hypervisor/"secure chip" type deal denying access to the part of the device the account info is stored, no? Otherwise one could erase the account info and pass the device as untainted anyways.

All Android devices have some sort of TEE these days, otherwise they wouldn't get Netflix and a bunch of other apps people will demand to work.


Yeah, I'm not denying the existence or need for a TEE, I just mean that either the TEE is secured against custom OSs and therefore signing in beforehand is unnecessary, or the sign-in information could be erased by a custom OS.

So requiring a login to unlock the bootloader doesn't really disincentivise any theft in either case, as I understand it.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: