Now Reading
Pixel telephones are offered with bootloader unlocking disabled – fitzsim’s growth log

Pixel telephones are offered with bootloader unlocking disabled – fitzsim’s growth log

2023-05-07 10:00:25

Request to Google: ungrey the “OEM unlocking” toggle within the manufacturing facility, earlier than delivery retailer.google.com units to prospects. Don’t make your prospects join the machine to the Web earlier than they’re allowed to put in the working system they need.

My spouse had a requirement to make use of Android1, and she or he needed to run GrapheneOS; I experimented with different units and ROMs to make sure the particular utility she wanted would run on GrapheneOS.

As a part of my analysis, I learn the GrapheneOS set up information2, which said:

Enabling OEM unlocking

OEM unlocking must be enabled from throughout the working system.

Allow the developer choices menu by going to Settings > About cellphone and repeatedly urgent the construct quantity menu entry till developer mode is enabled.

Subsequent, go to Settings > System > Developer choices and toggle on the ‘OEM unlocking’ setting. On machine mannequin variants (SKUs) which assist being offered as locked units by carriers, enabling ‘OEM unlocking’ requires web entry in order that the inventory OS can verify if the machine was offered as locked by a provider.”

Not one of the many many YouTube movies I watched about bootloader unlocking coated whether or not or not you want Web connectivity. Nor did any of Google’s official documentation3. GrapheneOS documentation is the one place on the Web that paperwork this requirement, so, properly completed GrapheneOS documentation workforce!

GrapheneOS solely helps latest Google Pixel telephones. These telephones are good {hardware}4, and I can simply (so I believed) set up a distinct working system, so I made a decision to purchase one. To be as future-proof as attainable, I purchased a Pixel 7 Professional from retailer.google.com (Canada).

I believed (based mostly on the aforementioned GrapheneOS docs) that the machine mannequin variant I purchased, being offered “unlocked”7 by Google, wouldn’t want the Web connection. NOPE; Google offered it to me with “OEM unlocking” greyed out:

The Pixel 7 Pro Developer options settings screen, showing the OEM unlocking slider greyed out, with the label Connect to the internet or contact your carrier

I contemplate this a customer-hostile follow. I mustn’t have to attach a bit of {hardware} to the Web, even as soon as, to make use of all of its options. If I hadn’t related the Pixel 7 Professional to the Web, then “OEM unlocking” would have stayed greyed out, thus I’d not have been in a position to unlock the bootloader, thus I’d not have been in a position to set up GrapheneOS5.

Take into account that I purchased this cellphone full value6 from retailer.google.com, the place it was marketed proper within the FAQ as an “unlocked smartphone”7. There may be zero provider involvement right here, so carriers can’t be blamed for this coverage. Additionally, I paid full value for the cellphone, so this isn’t a case of “if you happen to don’t pay for the product, you ARE the product”.

I most likely ought to have returned the machine for a refund. As an alternative, I arrange a community debugging surroundings to see what exercise occurs after I join the Pixel 7 Professional to the Web.

By tailing some log recordsdata and watching them carefully, I used to be in a position to decide that the ultimate web site accessed simply earlier than “OEM unlocking” goes from greyed to ungreyed is “afwprovisioning-pa.googleapis.com“. Right here is the video of “OEM unlocking” ungreying:

See Also

Right here is the remainder of the community exercise, all of which is TLS-encrypted by keys buried within the inventory Google working system, and thus not managed by the machine purchaser:

Hostname Downloaded to cellphone Uploaded from cellphone
storage.googleapis.com 383 MiB 8 MiB
fonts.gstatic.com 137 MiB 3 MiB
afwprovisioning-pa.googleapis.com 18 MiB 1 MiB
www.gstatic.com 8 MiB 287 kiB
googlehosted.l.googleusercontent.com 8 MiB 345 kiB
ota-cache1.googlezip.web 3 MiB 175 kiB
dl.google.com 3 MiB 86 kiB
instantmessaging-pa.googleapis.com 1 MiB 300 kiB
www.google.com 46 kiB 24 kiB
ssl.gstatic.com 25 kiB 3 kiB
ota.googlezip.web 17 kiB 6 kiB
digitalassetlinks.googleapis.com 17 kiB 4 kiB
purchasers.l.google.com 14 kiB 7 kiB
gstatic.com 13 kiB 3 kiB
mobile-gtalk.l.google.com 8 kiB 1 kiB
cell.l.google.com 5 kiB 1 kiB
lpa.ds.gsma.com 5 kiB 4 kiB
connectivitycheck.gstatic.com 3 kiB 3 kiB
app-measurement.com 1 kiB 0 bytes
time.android.com 180 bytes 180 bytes

Solely Google is aware of exactly what all that information is and what it’s used for.

Because the video exhibits, the ungreying did occur; I had the Settings utility open, then related the cellphone to the Web. I needed to shut then re-open the Settings utility; the entry to “afwprovisioning-pa.googleapis.com” appeared to be co-timed with the Settings utility restart. After the Settings appliation restart, the “OEM unlocking” possibility was operable.

I don’t know what subset of the hosts within the above desk have to be accessible to the cellphone for ungreying to happen; I thought-about firewalling every individually utilizing a script, however I ran out of time. I additionally don’t know if a manufacturing facility reset of the cellphone leads to “OEM unlocking” being greyed once more. I ended my experimentation when the ungreying happened and I proceeded to put in GrapheneOS efficiently (the remainder of the method was very simple, because of GrapheneOS’s nice documentation and set up scripts).

All in all, cheers to Google for releasing Android as Free and Open Supply software program, and for promoting units that are (with steps) bootloader-unlockable; each of which make GrapheneOS possible8. Jeers to Google for promoting units from retailer.google.com that can’t have their bootloaders unlocked with out first connecting them to the Web.

Footnotes

Source Link

What's Your Reaction?
Excited
0
Happy
0
In Love
0
Not Sure
0
Silly
0
View Comments (0)

Leave a Reply

Your email address will not be published.

2022 Blinking Robots.
WordPress by Doejo

Scroll To Top