No, because that’s not how the matching works. Stuff in your data partition, as well as app data, is signed with those keys and hashed to the device. All of those bits do that hash on their own, and they all have to match up. When you change the main system partition then it’s signature has to match with the one generated when you set up your phone initially in the data partition.
Basically you have to have access to the data partition to disable the checks or change the signature, which needs your pin/passcode/fingerprint, and if you have that you don’t even need the phone, you dump the data partition and unlock it in an emulated android environment and exfiltrate data from there as if it was the original phone.
I also want to reiterate: A locked bootloader does not stop anyone from dumping your phone, emulating it, and brute forcing it, completely bypassing any rate-limiting on password attempts. By the time a bootloader lock even comes into play you can consider your phone completely compromised.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]
5. Engage respectfully: Harassment, flamebaiting, bad faith engagement, or agenda posting will result in your posts being removed. Excessive violations will result in temporary or permanent ban, depending on severity.
6. Memes are not allowed to be posts, but are allowed in the comments.
7. Posts from clickbait sources are heavily discouraged. Please de-clickbait titles if it needs to be submitted.
8. Submission statements of any length composed of your own thoughts inside the post text field are mandatory for any microblog posts, and are optional but recommended for article/image/video posts.
Couldn’t an attacker just make an OS image that tells the system to disregard any signature mismatch?
No, because that’s not how the matching works. Stuff in your data partition, as well as app data, is signed with those keys and hashed to the device. All of those bits do that hash on their own, and they all have to match up. When you change the main system partition then it’s signature has to match with the one generated when you set up your phone initially in the data partition.
Basically you have to have access to the data partition to disable the checks or change the signature, which needs your pin/passcode/fingerprint, and if you have that you don’t even need the phone, you dump the data partition and unlock it in an emulated android environment and exfiltrate data from there as if it was the original phone.
I also want to reiterate: A locked bootloader does not stop anyone from dumping your phone, emulating it, and brute forcing it, completely bypassing any rate-limiting on password attempts. By the time a bootloader lock even comes into play you can consider your phone completely compromised.