Conversation

i would also like to have a third security model, something in between "anyone who downloads fastboot.exe can do anything with your phone" and "if you forget the passphrase you have to desolder the eMMC and reimage it with a sector level backup of OEM partitions"

Daniel Micay

@DanielMicay

Sep 10, 2020

Replying to

@whitequark

If you forget your passphrase, you can boot up recovery and use the menu to wipe the data partition. Play services uses an AOSP API for storing a factory reset protection (frp) data block to preserve Google account registration through wiping data. Pixels provide it via TItan M.

Replying to

and

If you have Play services and the phone was registered to a Google account, the Google account credentials are needed to start using it. AOSP itself provides the API but doesn't implement any kind of anti-theft protection itself, so wiping from recovery gives a usable device.

Replying to

and

It means that continuing to use the device after wiping involves the standard Google account recovery process if those credentials were lost. Often users wipe their device without realizing this. It's common enough that 2nd-hand Android phones are often received bricked this way.

10:06 AM · Sep 10, 2020Twitter Web App

Replying to

and

Leads to bad situations where the seller of the phone needs to resolve the issue by either providing their Google account credentials to the buyer, or they need to enter them into the phone (hopefully not a different malicious one) temporarily given back to them by the buyer...

Replying to

and

If it's your own phone, forgetting the passphrase can't really brick it unless you patched out recovery's wipe data option. Factory Reset Protection isn't helpful as someone that had their phone stolen. Helps deter phone theft in general since stock Android + iOS have it though.

Show replies