It's a mix of insecure client-side checks with some potentially useful server-side checks that are generally not implemented in an exhaustive or robust way so they're also generally insecure, but less obviously broken. Applies to most user-facing OEM and ROM security features.
This Tweet was deleted by the Tweet author. Learn more