Hi there,
I just managed to install e/OS on my brand new Fairphone 5 which unfortunately was bought without it preinstalled. After solving some issues during the installation process I got through to the last point which says ‘Once you have completed the above steps and before rebooting you can lock your Bootloader.’ Following these steps unfortunately ended up in getting a message telling me my ‘Your device is corrupt. It can’t be trusted and will not boot’. Indeed it stayed in a bootloader loop with no other option left as reinstalling e/OS from the beginning. As I did that I just skipped the ‘re-locking’ of my Bootloader but now I get a message upon starting the phone which says
‘The boot loader is unlocked and software integrity cannot be guaranteed. Any data stored on the device may be available to attackers, Do not store any sensitive data on the device.
Visit this link on another device:
PRESS POWER KEY TO CONTINUE’
As you can imagine this message keeps me considering using the phone in a state like this.
Is there any known way to lock the Bootloader again on Fairphone 5 without ending in a bootloader loop?
Thanks in advance for reading and probably answering.
ps: Are there any Apps or something like that to improve security of phones with e/OS in general or especially with unlocked bootloader?
The instructions don’t warn you strongly enough about that. It should be a maximal warning, but it’s basically in fine print.
If the security update the phone shipped with is newer than the security update in the version of /e/os you’re installing, locking the bootloader will brick your phone. It’s the “anti-rollback” pitfall. The instructions should not state it’s recommended to re-lock the bootloader because people are ending up with bricked phones because of it.
Personally I have a phone where the bootloader has to stay unlocked which doesn’t really concern me, but the nomenclature makes it sound like more of a risk that it actually is. There really is almost zero risk in leaving it unlocked for the average consumer. Maybe if you’re a CIA spy or something it might be a concern.
You can try going to fastboot to unlock the bootloader again, but I’m not sure you’ll be able to do that. I’ve read where some people have been able to recover from fastboot and others have had to send the phone back to the OEM (manufacturer) to recover.
If you’re intent on locking the loader, wait until you’ve installed a version of /e/os that’s got a newer security patch than the original OEM android version.
I had a very similar problem with my new fp5 over the weekend where the link for the download showed a different security patch date to the downloaded file. When I tried locking I really thought I’d bricked the phone.
Thankfully was able to unlock the bootloader and reflash the phone.
Yesterday the phone updated to 2.8 official, so it seems the phone genuinely is now lockable. Not been brave enough to try. I am not sure it makes much difference other than the message on boot, triggers something in me.
From what I have read it seems the latest update is being staggered so you should receive the option to install 2.8 imminently, at which point maybe you can try again if you are brave enough.
Sounds great and I got the update 2.8 too but unfortunately ‘fastbot flashing lock’ still leads to the same problem on my phone. Just double checked it.
