• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!
Search This thread

cromcromc

New member
Oct 22, 2021
3
0
Hello guys, This is my first thread on XDA forum.
I just bought Xiaomi device (Poco X3 Pro Global) a few days ago.
So this is my first time to try custom rom, I searched what I'm trying to do, I'd like to make sure whether what I understand is correct or not since I'm totally new on custom rom.

the sources I mainly referred to:

source1

source2

Basic assumption:
1. Only flash custom rom without rooting
2. All unlocking bootloader and flashing custom rom process done perfectly, and all resouces (recovery, rom, ADB tool etc...) used during process are 100% clean and genuine.
3. No cold boot attack (source2) happens on me.


Q1. source1 is really helpful, but it's from 2012, is this still valid today?

Q2. source1 is posted on Galaxy Nexus forum, but is this applied to all android based devices, right?

Q3. This threat model assumes attacker has physical access to device, then I guess unlocking bootloader itself is 100% totally irrelevant to software level security risks like malware or OS vulnerability, is this right? (assuming no rooting and 100% genuine rom and resources)

Q4. From source1 you can choose between [device encryption] and [relocking bootloader] to protect security, which methods do you recommend using?
I feel I'm much more inclined to try device encryption method since I don't know if it's possible to relock bootloader safely after migrating from Global stock rom to xiaomi.eu rom. (Can anyone confirm this?) I fear it become bricked during relocking process.

Q5. So if I set device encryption with strong password and turn off USB debugging mode, I need not too worrysome?
Are there any other points in terms of security to bear in mind if you use device with unlocked bootloader?


Thank you for reading my thread
 

cromcromc

New member
Oct 22, 2021
3
0

jwoegerbauer

Senior Member
Jul 11, 2009
7,555
26
1,758
European Union
Only a side-remark:

An Android Smartphone bootloader is processor-specific and every OEM has its own version of bootloader specific for the hardware present in its environment.
It's the primary task of every bootloader to verify the Android OS to be loaded is genuine means signed by OEM to ensure the Android OS ( it's by nature a Custom ROM ) works flawlessly as it can be expected by user. People who use a phone as a tool and not as a toy probably never come up with the idea to unlock the bootloader because they know about the strengths and weaknesses of the phone when they bought it, they can expect that OEM did their best with regards to a phone's performance - OEMs are certainly not dumber than generally claimed by the modder / hacker scene.
My POV: Unlocking a phone's bootloader is an unnecessary action at all. If people do so they indirectly admit that they have purchased a phone that does not meet their expectations - they have made a wrong purchase.
 
Last edited:
  • Like
Reactions: blackhawk

cromcromc

New member
Oct 22, 2021
3
0
Thanks for comment.

I understand your POV.

I realized later Global rom can't do call recording, that's the main reason why I try to flash xiaomi.eu rom and other optimazations are second reason.

And this phone will be my main phone so I wanted to make sure about security risk before I will change rom.
 

Andrologic

Senior Member
Apr 29, 2016
183
1
80
Huawei Mate 20 X
ASUS ROG Phone 3
Thanks for comment.

I understand your POV.

I realized later Global rom can't do call recording, that's the main reason why I try to flash xiaomi.eu rom and other optimazations are second reason.

And this phone will be my main phone so I wanted to make sure about security risk before I will change rom.

Having an unlocked bootloader doesn't need to be a risk whatsover as long as you're not flashing untrusted ROMS and other components to the device and critically control anything being flashed to the device. If you're flashing a signed ROM from the manufacturer as it sounds like is your plan, there is nothing to worry about. You can even lock the BL again after flashing & optimizing if you absolutely wish to although usually not recommended.
 

Top Liked Posts

  • There are no posts matching your filters.
  • 1
    Only a side-remark:

    An Android Smartphone bootloader is processor-specific and every OEM has its own version of bootloader specific for the hardware present in its environment.
    It's the primary task of every bootloader to verify the Android OS to be loaded is genuine means signed by OEM to ensure the Android OS ( it's by nature a Custom ROM ) works flawlessly as it can be expected by user. People who use a phone as a tool and not as a toy probably never come up with the idea to unlock the bootloader because they know about the strengths and weaknesses of the phone when they bought it, they can expect that OEM did their best with regards to a phone's performance - OEMs are certainly not dumber than generally claimed by the modder / hacker scene.
    My POV: Unlocking a phone's bootloader is an unnecessary action at all. If people do so they indirectly admit that they have purchased a phone that does not meet their expectations - they have made a wrong purchase.