xda used to be the best place for good how tos. but, over the last 3-4 years the how tos have been buried. i'm looking to root my s10e, but there are no stickyed how tos to root. where are they?
How to ...
Samsung added a new ‘VaultKeeper’ service which adds another lock on top of the ‘OEM Lock’ on the bootloader. Since fastboot mode is no longer available and possible block flash is verified/granted with bootloader feedback.
The new security feature will relock the bootloader once the OEM Lock is enabled and data is wiped. The bootloader state is then verified after the initial device setup.
Quoting topjohnwu “If you are running custom firmware with stock system, DO NOT try to wipe data or else you might end up bricking your device due to vaultkeeper locking your bootloader up, which will eventually lead to bootloader refusing to boot because unofficial partitions are detected.”
There are some good visual technicques added to fool current state while recovery manager coexist (TWRP) with magisk.
In every OTA update things are getting complicated, flashing now (Odin as examle) has more feedback with the bootloader and other checks.
There is a lot of how to's but only for initial builds ... Things are getting complicated ... Why to root this is a question now ?
Often if there is no "how-to" thread it is because the phone does not have root or the root is complicated or still being developed.
How-to threads are for end-user simplicity not for ongoing development.
More info is in the S10 forum: https://forum.xda-developers.com/galaxy-s10/development/magisk-root-galaxy-s10-series-t3918699
Related
I'm not sure if these questions have been answered before, but I can't find any information on them, so here I am.
1. How exactly is the bootloader "locked"? Is the kernel the only thing that can't be changed?
2. Is kexec possible on NE1?
I know that bootloaders were bypassed on some Motorola Droid devices via kexec. There was even an in-the-works kexec project for our device on an older firmware (that was abandoned only because someone figured out how to unlock the bootloader, or something along those lines). I also realize this is a biggish project, and most people still using the d2vzw didn't ever take the NE1 OTA and are able to flash custom kernels/ROMs. Knowing this, it could be possible that no one really wants to try, either because of time, apathy, etc. But I digress.
Sent from my SCH-I535 using Tapatalk
AluminumTank said:
I'm not sure if these questions have been answered before, but I can't find any information on them, so here I am.
1. How exactly is the bootloader "locked"? Is the kernel the only thing that can't be changed?
2. Is kexec possible on NE1?
I know that bootloaders were bypassed on some Motorola Droid devices via kexec. There was even an in-the-works kexec project for our device on an older firmware (that was abandoned only because someone figured out how to unlock the bootloader, or something along those lines). I also realize this is a biggish project, and most people still using the d2vzw didn't ever take the NE1 OTA and are able to flash custom kernels/ROMs. Knowing this, it could be possible that no one really wants to try, either because of time, apathy, etc. But I digress.
Sent from my SCH-I535 using Tapatalk
Click to expand...
Click to collapse
These questions have been beat into the ground, but I'll be happy to answer them again because they are interesting questions. Good ideas and discussion points anyway.
1) So the bootloader is locked by a series of signed boot sequences. These things can be easily researched on the internet in detail, but a general understanding of how the phone boots is helpful to understanding how this process works. Also every phone is unique, and every carrier has different implementations.
Samsung is especially a hugsePITA when it comes to these things. They allow no easy way to gain root access on your phone in any way. In comparison to HTC for instance, they allow nothing in terms of granting administrator access to anyone. HTC at least as an option for S-off, which allows full administrative usage for the device and turns off all boot checking features. This can't be patched in an easy way, and for an update to change this feature it would have to change the devices system information on an unreasonable level. All Samsung has to do is simply patch whatever vulnerability we find, because there is no way to turn S-off on a samsung phone, so all we do is look for bootchain exploits. If that makes any sense? Basically, samsung sucks, and that's the main reason I will never buy their phones ever again.
2) Any part of the boot sequence can be changed, but the signature affecting these things aren't really easy to trick. Kexec was a very easy exploit to use when it first came out, but the modules for it has thus been changed to disallow the command for kexec to load an insecure kernel. It simply can't work the same anymore since samsung released changes to their boot chain. This method won't be used on any future devices. Most recently we had the original root method and loki for the S4, which both affect the aboot sequence, and safestrap which is basically a modified recovery that uses the stock kernel to run a custom rom. Here's an example:
boot => sbl1 => sbl2 => sbl3 => whatever is here ==> maybe something else here ==> aboot => recovery mode or download mode or kernel => system rom
aboot = African canadian sock monkey exploit (basically an unlocked aboot file) and Loki exploits
recovery mode = safestrap exploit (tricks the kernel to boot a modified rom, but it has to work with the kernel)
As you can see in the chain, break any one of those sequences and it doesn't matter what follows, the phone is unlocked, problem is we've broken the chain about 2-3 times. Every time we find a vulnerability, the it gets patched and it makes it that much harder to find another exploit. Samsung does so much work patching the unlocking mechanism that it simply isn't even worth the effort to unlock it in the first place. We actually didn't even unlock the S3 in the first place. The aboot file was given to us by a Samsung employee and distributed quickly. This aboot file allowed us to change the kernel and recovery at will, without worrying about signature verifcation since the aboot file never asked for it. It was a full unlock for the phone. Once an update happened, it erased the modified boot image and disabled the unlocked bootloader.
This problem is unique to samsung btw, other phones aren't nearly as difficult to figure out and test.
BadUsername said:
These questions have been beat into the ground, but I'll be happy to answer them again because they are interesting questions. Good ideas and discussion points anyway.
1) So the bootloader is locked by a series of signed boot sequences. These things can be easily researched on the internet in detail, but a general understanding of how the phone boots is helpful to understanding how this process works. Also every phone is unique, and every carrier has different implementations.
Samsung is especially a hugsePITA when it comes to these things. They allow no easy way to gain root access on your phone in any way. In comparison to HTC for instance, they allow nothing in terms of granting administrator access to anyone. HTC at least as an option for S-off, which allows full administrative usage for the device and turns off all boot checking features. This can't be patched in an easy way, and for an update to change this feature it would have to change the devices system information on an unreasonable level. All Samsung has to do is simply patch whatever vulnerability we find, because there is no way to turn S-off on a samsung phone, so all we do is look for bootchain exploits. If that makes any sense? Basically, samsung sucks, and that's the main reason I will never buy their phones ever again.
2) Any part of the boot sequence can be changed, but the signature affecting these things aren't really easy to trick. Kexec was a very easy exploit to use when it first came out, but the modules for it has thus been changed to disallow the command for kexec to load an insecure kernel. It simply can't work the same anymore since samsung released changes to their boot chain. This method won't be used on any future devices. Most recently we had the original root method and loki for the S4, which both affect the aboot sequence, and safestrap which is basically a modified recovery that uses the stock kernel to run a custom rom. Here's an example:
boot => sbl1 => sbl2 => sbl3 => whatever is here ==> maybe something else here ==> aboot => recovery mode or download mode or kernel => system rom
aboot = African canadian sock monkey exploit (basically an unlocked aboot file) and Loki exploits
recovery mode = safestrap exploit (tricks the kernel to boot a modified rom, but it has to work with the kernel)
As you can see in the chain, break any one of those sequences and it doesn't matter what follows, the phone is unlocked, problem is we've broken the chain about 2-3 times. Every time we find a vulnerability, the it gets patched and it makes it that much harder to find another exploit. Samsung does so much work patching the unlocking mechanism that it simply isn't even worth the effort to unlock it in the first place. We actually didn't even unlock the S3 in the first place. The aboot file was given to us by a Samsung employee and distributed quickly. This aboot file allowed us to change the kernel and recovery at will, without worrying about signature verifcation since the aboot file never asked for it. It was a full unlock for the phone. Once an update happened, it erased the modified boot image and disabled the unlocked bootloader.
This problem is unique to samsung btw, other phones aren't nearly as difficult to figure out and test.
Click to expand...
Click to collapse
Thanks for the info. This is very informative. I had already in my own mind decided that Samsung sucked, but hearing someone else say it is refreshing!
Sent from my SCH-I535 using Tapatalk
XDA today published an article about a vulnerability in the OnePlus 6 bootloader that allows the booting of a custom boot.img image without unlocking the bootloader. This is of course a huge security risk but I'm sure OnePlus will patch it in an upcoming update. In the mean time, let's have some fun!
Back in the good old days of the Nexus 4, it was possible to install an app that would write boot config data to the device from userland, with root, to toggle the bootloader between the locked and unlocked states. The object of this post? Do this as a community for the OnePlus 6!
Why do this?
There are two major gains to being able to do this:
Security: once a device is rooted we'd be able to re-lock the bootloader to prevent tampering or unauthorised images from being booted whilst keeping the perks of being rooted
Netflix HD: Widevine L1 keys aren't accessible when the Bootloader is unlocked. This way, we may be able to get our Widevine keys accessible again to get HD Netflix with root
I attempted to reverse some of the bootloader on my own a few weeks back but didn't have much luck. With this vulnerability, my thoughts are that we could dump the data partitions with a locked device (that is exploited using this trick) and compare them with an unlocked device. This might give us the magic data that the bootloader uses to determine whether a device is locked or unlocked. Then, in theory, we should be able to toggle this data from userland. The only caveat to this is that I don't know whether the unlock state is stored somewhere in the TrustZone or if it is written to the flash like they did back in the Nexus days.
I honestly have no idea whether this will work, but surely it's worth a shot? Just for reference, I recommend we look at diffing following partitions before and after locking:
param
sec
sti
ssd
frp
config
misc
We should also, to ensure there is no confusion, stick to OOS 5.1.5 stock + Magisk for root. Images of the above partitions can be obtained using dd.
If anybody has any further tips on bootloaders that either proves that this won't work, or perhaps can suggest other places this lock data could be stored, please do let me know!
NB: getting this data will involve at least one full data wipe of the phone so it might take time to dump the data, switch lock state then dump it again.
I also strongly suspect that we might hit the issue of Android Verified Boot noticing that the device is locked (but has a modified boot image when rooted). This would depend on whether the Android security checks are implemented as per the Android Verified Boot specification.
Who's in?
Couldn't you just hide Netflix HD from root detection in Magisk?
dgunn said:
Couldn't you just hide Netflix HD from root detection in Magisk?
Click to expand...
Click to collapse
No. With an unlocked bootloader the device is switched to Widevine level 3 instead of level 1. This means no HD playback in Netflix (and I believe Amazon) regardless of Magisk hide status. This may be the new normal for all unlocked devices with the Qualcomm SD 845 or newer.
blackthund3r;76765953[* said:
Security: once a device is rooted we'd be able to re-lock the bootloader to prevent tampering or unauthorised images from being booted whilst keeping the perks of being rooted
Click to expand...
Click to collapse
Are you sure about this? On Nexus 4 days Android didn't check at boot that all partitions were correct in order to boot, since some version ago it does (DM-verity). Are you sure you can re-lock the phone with root (system or boot modified) and still boot normally to userspace?
RusherDude said:
Are you sure about this? On Nexus 4 days Android didn't check at boot that all partitions were correct in order to boot, since some version ago it does (DM-verity). Are you sure you can re-lock the phone with root (system or boot modified) and still boot normally to userspace?
Click to expand...
Click to collapse
Well, I can confirm that with SafetyNet test passing, and Magisk hide enabled for Netflix, I can not get HD streaming.
This is highly interesting. I will be following that threat constantly. Thanks for opening that discussion.
So does this vulnerability allow flashing or booting of TWRP through fastboot without unlocking the bootloader. I am interested in keeping Netflix HD and gaining root access, but don't want to brick the device. I know that under normal circumstances you always unlock the bootloader before flashing any mods, but was curious of some devs thoughts on it.
Interesting read. You can root the device without unlocked bootloader
https://www.androidcentral.com/oneplus-6-bootloader-vulnerability-lets-anyone-access-your-phone?amp
the question is can we keep opened this feature and force to be opened.
Unfortunately oneplus bootloader doesn‘t support EIO mode,so it can't be boot if anything modified.
akaHardison said:
Unfortunately oneplus bootloader doesn‘t support EIO mode,so it can't be boot if anything modified.
Click to expand...
Click to collapse
Not true booted a magisk patched boot image and installed some modules
Is there Maby another methode to root hold safety net for widevine lv3
---------- Post added at 06:28 PM ---------- Previous post was at 06:23 PM ----------
joemossjr said:
Not true booted a magisk patched boot image and installed some modules
Click to expand...
Click to collapse
And did you also installed magisk to the boot img?!
Widevine L1 + V4A would make me very happy. Perhaps we should add a financial incentive like a bug bounty? I would certainly contribute some loot for this noble cause!
Since some people with OP5s and OP5Ts sent there phone to OP for L1 with the bootloader unlocked, I wonder if OP would consider offering a similar service. Even if it wasn't completely free I would probably do it unless it required re-locking the bootloader...
Hello,
I resort to the kindness and experience of the forum to be able to advise me on the basic questions about the experience of rooting the Sony XZ Premium (G8142), since I spent several hours reading and searching the forum for information, but everything that is there is scattered, then I would like to know from those who directly did it, if it is worth it. Also, in order to help other users who are looking for concise information, they can have this link as a reference to remove all the most common doubts that arise in one place.
My doubts are the following:
is it advisable to root?
I have been researching about the camera problems that for Android 9 no longer have them, but in another article it describes that we lose the video enhancement X-Reality, DSEE HX, ClearAudio +, Widevine L1. All this arises because a certain system partition (TA) is erased when we unlock the bootloader. Does anyone have info how he remedied all these leaks? Custom ROMs fix this?
DRM issues: This is also something that was not clear to me. First do Backup DRM; In order to be able to backup to the partition with the locked bootloader I still need to run the temporary root. For that I need to downgrade the system to version 8 (G8142_47.1.A.16.20). Then run command lines to create the backup with the help of the tool that a forum user created. Please if I'm wrong correct me.
* The question is first to downgrade (Android 8),
* temporary root,
* then create the backup.
* Unlock bootloader from sony page
* then to restore the backup again, or not? Does restoring the backup lock and leave the device to a previous state? (undoing the changes), or does it just fix the DRM problem?
* In short, is it advisable to unlock the bootloader with Android 9 or earlier?
* Is it advisable to create the DRM backup?
* In which case would I have to restore this backup?
I have also seen that they mention a paid software that does all the work by yourself I do not know if it is for Android 9, it is just a matter of connecting the device in fastboot mode, then it automatically executes twrp, root, repairs DRM, but the cost of the software in my country it is something difficult to pay, that is why I am gathering as much information as possible before executing any procedure.
Custom ROMs: Regarding the user experience, does anyone have information about the rom that is more stable and recommended for this device? Does it cover all the holes or bugs that it leaves when erasing DRM after unlocking the bootloader?
I hope the reference text of what I write can be understood since my native language is Latin American Spanish, and I am using the Google translator.
I would appreciate any kind of suggestion or experience in this regard. Thank you.
First of all, have you seen these threads:
[XZ1c/XZ1/XZp] temp root exploit to backup drm keys implemented
Tools to backup TA partition (drm keys) of Xperia XZ1 Compact by j4nn https://j4nn.github.io/ As everyone knows, bootloader unlock via code from sony removes drm keys. That disables certain functions, the most critical one being the camera...
forum.xda-developers.com
[XZp] rooted kernel hiding bootloader unlock with working fota
rooted kernel hiding bootloader unlock with working sony stock fw fota updates for Sony Xperia XZ Premium Firmware Over the Air system updates have been disabled/not working with sony xperia phones with unlocked bootloader. Also many sony...
forum.xda-developers.com
It's all there really, explained step by step. Thanks to @j4nn you can run stock firmware with superuser access concealed from the system so that it doesn't know the phone is unlocked, with all the DRM-restricted functionality still available.
The relative benefits of unlocking depend on your specific needs. But considering there are no more official updates, being able to use aftermarket firmware like this: https://forum.xda-developers.com/t/rom-lineageos-18-1-unofficial-updated-2021-3-31.4221427/ already makes it worthwhile in my opinion.
The only drawback of an unlock is that there is a scary message displayed on every boot, which also adds 1 or 2 seconds to the startup sequence.
Regardless of whether you decide to unlock or not, there is no downside to having a TA backup. It might come useful one day.
All you need is Android Platform Tools (adb, fastboot), and: https://forum.xda-developers.com/t/tool-newflasher-xperia-command-line-flasher.3619426/ There is no need to pay for any of these, although you can donate to @j4nn and @munjeni: they both put a lot of effort into making this possible.
Aqq123 said:
First of all, have you seen these threads:
[XZ1c/XZ1/XZp] temp root exploit to backup drm keys implemented
Tools to backup TA partition (drm keys) of Xperia XZ1 Compact by j4nn https://j4nn.github.io/ As everyone knows, bootloader unlock via code from sony removes drm keys. That disables certain functions, the most critical one being the camera...
forum.xda-developers.com
[XZp] rooted kernel hiding bootloader unlock with working fota
rooted kernel hiding bootloader unlock with working sony stock fw fota updates for Sony Xperia XZ Premium Firmware Over the Air system updates have been disabled/not working with sony xperia phones with unlocked bootloader. Also many sony...
forum.xda-developers.com
It's all there really, explained step by step. Thanks to @j4nn you can run stock firmware with superuser access concealed from the system so that it doesn't know the phone is unlocked, with all the DRM-restricted functionality still available.
The relative benefits of unlocking depend on your specific needs. But considering there are no more official updates, being able to use aftermarket firmware like this: https://forum.xda-developers.com/t/rom-lineageos-18-1-unofficial-updated-2021-3-31.4221427/ already makes it worthwhile in my opinion.
The only drawback of an unlock is that there is a scary message displayed on every boot, which also adds 1 or 2 seconds to the startup sequence.
Regardless of whether you decide to unlock or not, there is no downside to having a TA backup. It might come useful one day.
All you need is Android Platform Tools (adb, fastboot), and: https://forum.xda-developers.com/t/tool-newflasher-xperia-command-line-flasher.3619426/ There is no need to pay for any of these, although you can donate to @j4nn and @munjeni: they both put a lot of effort into making this possible.
Click to expand...
Click to collapse
Thank you very much for answering my question, you have clarified several points that I had scattered about.
I still have some doubts reading more comments on the links that you have suggested. Perhaps you have an answer to such doubts:
I have read that a user has lost video enhancements, perhaps because he did something wrong here:
temp root for drm keys backup - anybody still interested?
--- edit 2018-11-03 --- Tools to backup TA partition before bootloader unlock have been released. Just check the [XZ1c/XZ1/XZp] temp root exploit to backup drm keys implemented thread. --- Just wondering if there is already drm keys backup...
forum.xda-developers.com
post #72 sulistyoarif:
Only Video Image Enhancement didnt work for me.
I have seen some videos of the YouTube profile of the user j4nn where he has all the libraries without problems, working perfectly, including the improvements of the video image.
About the installation processes for firmware I did a clean installation of firmware version 9 latest compilation with Xperia flashtool without problems. Do you think that I will be able to downgrade with Xperia flashtool without problems with the libraries or some other? I think that the experience serves me more than the tutorials .
For what remains in my information I found this steps:
*downgrade
* no flash - persist.sin
1) Use temp root and backup TA image
2) Unlock bootloader
3) Flash Newest firmware (or choice of yours)
4) Setup phone temporary and copy magisk files to
phone
5) flash twrp and temporary boot with twrp
(fastboot boot twrp.img)
6) flash magisk and reboot
7) Check Root privilege
8) Restore TA image and check DRM
8.1) (optional) factory reset if any fc issue
"Now You have unlocked and rooted phone with full DRM Support including OTA Support.
Everything is tested and working for XZP and XZP Dual"
Thanks again for the help and taking the time to read my post.
@sergioemmr
It should work like you describe it, except with newflasher: https://forum.xda-developers.com/t/tool-newflasher-xperia-command-line-flasher.3619426/ FlashTool is for older devices.
That guy did something wrong, so don't be like him. Just follow @j4nn's instructions.
You can downgrade to an earlier firmware on this device, no problem here. Do not flash persist.sin like you said, and you're good to go. If you run into any problems, just post in that thread, and you'll get more people's attention.
Aqq123 said:
@sergioemmr
It should work like you describe it, except with newflasher: https://forum.xda-developers.com/t/tool-newflasher-xperia-command-line-flasher.3619426/ FlashTool is for older devices.
That guy did something wrong, so don't be like him. Just follow @j4nn's instructions.
You can downgrade to an earlier firmware on this device, no problem here. Do not flash persist.sin like you said, and you're good to go. If you run into any problems, just post in that thread, and you'll get more people's attention.
Click to expand...
Click to collapse
What's the deal with persist.sin? I used flash tool to downgrade and managed to extract the unlocked-ta file. Did I somehow void the TA key?
I've been planning to unlock my bootloader to install TWRP and GSI's on this device but I've seen the warning message you get every time you restart the device. I have plans to sell this device in the future, so I would like to know if there is a way to relock the bootloader or remove the warning message on startup. Thanks.
Yes you can relock the bootloader, the process is done the exact same way that you use to unlock it. The warning message will be removed and you will only be able to flash stock binaries.
But for Samsung phones specifically there is something to note, there is something called an "E-Fuse" that will be "tripped" when the bootloader is unlocked for the first time. There is no way to revert the phone back to a pure factory state after this happens. The feature is called Samsung Knox and it prevents a few (Samsung based) features from working.
You can read a bit here - https://en.wikipedia.org/wiki/Samsung_Knox
I know about tripping Knox. I don't really care about not being able to use Secure Folder or S Health so it's not an issue for me. My main concern is to remove the obnoxious warning when booting the device as it can be intimidating to a non savvy potential buyer. Anyways thanks for the reply.
Hello guys, This is my first thread on XDA forum.
I just bought Xiaomi device (Poco X3 Pro Global) a few days ago.
So this is my first time to try custom rom, I searched what I'm trying to do, I'd like to make sure whether what I understand is correct or not since I'm totally new on custom rom.
the sources I mainly referred to:
source1
source2
Basic assumption:
1. Only flash custom rom without rooting
2. All unlocking bootloader and flashing custom rom process done perfectly, and all resouces (recovery, rom, ADB tool etc...) used during process are 100% clean and genuine.
3. No cold boot attack (source2) happens on me.
Q1. source1 is really helpful, but it's from 2012, is this still valid today?
Q2. source1 is posted on Galaxy Nexus forum, but is this applied to all android based devices, right?
Q3. This threat model assumes attacker has physical access to device, then I guess unlocking bootloader itself is 100% totally irrelevant to software level security risks like malware or OS vulnerability, is this right? (assuming no rooting and 100% genuine rom and resources)
Q4. From source1 you can choose between [device encryption] and [relocking bootloader] to protect security, which methods do you recommend using?
I feel I'm much more inclined to try device encryption method since I don't know if it's possible to relock bootloader safely after migrating from Global stock rom to xiaomi.eu rom. (Can anyone confirm this?) I fear it become bricked during relocking process.
Q5. So if I set device encryption with strong password and turn off USB debugging mode, I need not too worrysome?
Are there any other points in terms of security to bear in mind if you use device with unlocked bootloader?
Thank you for reading my thread
[INFO] Understanding the risks of having an unlocked bootloader
While unlocking the bootloader on a Galaxy Nexus unleashes the full potential of the bootloader, it also poses a security risk. Even with your lockscreen protected with a pattern/PIN/password, not having flashed a custom recovery, having an...
forum.xda-developers.com
jwoegerbauer said:
[INFO] Understanding the risks of having an unlocked bootloader
While unlocking the bootloader on a Galaxy Nexus unleashes the full potential of the bootloader, it also poses a security risk. Even with your lockscreen protected with a pattern/PIN/password, not having flashed a custom recovery, having an...
forum.xda-developers.com
Click to expand...
Click to collapse
that's what I linked in thread (source1)
Only a side-remark:
An Android Smartphone bootloader is processor-specific and every OEM has its own version of bootloader specific for the hardware present in its environment.
It's the primary task of every bootloader to verify the Android OS to be loaded is genuine means signed by OEM to ensure the Android OS ( it's by nature a Custom ROM ) works flawlessly as it can be expected by user. People who use a phone as a tool and not as a toy probably never come up with the idea to unlock the bootloader because they know about the strengths and weaknesses of the phone when they bought it, they can expect that OEM did their best with regards to a phone's performance - OEMs are certainly not dumber than generally claimed by the modder / hacker scene.
My POV: Unlocking a phone's bootloader is an unnecessary action at all. If people do so they indirectly admit that they have purchased a phone that does not meet their expectations - they have made a wrong purchase.
Thanks for comment.
I understand your POV.
I realized later Global rom can't do call recording, that's the main reason why I try to flash xiaomi.eu rom and other optimazations are second reason.
And this phone will be my main phone so I wanted to make sure about security risk before I will change rom.
cromcromc said:
Thanks for comment.
I understand your POV.
I realized later Global rom can't do call recording, that's the main reason why I try to flash xiaomi.eu rom and other optimazations are second reason.
And this phone will be my main phone so I wanted to make sure about security risk before I will change rom.
Click to expand...
Click to collapse
Having an unlocked bootloader doesn't need to be a risk whatsover as long as you're not flashing untrusted ROMS and other components to the device and critically control anything being flashed to the device. If you're flashing a signed ROM from the manufacturer as it sounds like is your plan, there is nothing to worry about. You can even lock the BL again after flashing & optimizing if you absolutely wish to although usually not recommended.