Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
Installing another recovery is to be considered a security breach? #239
Comments
thestinger
added
the
Type: question
label
Apr 18, 2016
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
thestinger
Apr 18, 2016
Contributor
I was wondering if installing another recovery (like, let's say TWRP) on a Nexus 5x running Copperhead is to be considered as a possible security breach.
Yes, since an alternative recovery will not perform signature verification. It also means you can't have the bootloader locked, which means verified boot will be disabled. Also means that anyone with physical access has immediate root access via TWRP. They can't access data but they can modify the OS since verified boot is disabled.
If this is the case, how is it possible to wipe the cache partition with the official recovery? This option does not seem to be present between those available.
The option to wipe the data partition was removed because wiping the data partition allows a bypass of the anti-theft mechanism provided by the OEM unlocking toggle. I removed the option to wipe the cache partition because I didn't see a good reason to allow it. Is there a use case for it? There's almost nothing in /cache.
Yes, since an alternative recovery will not perform signature verification. It also means you can't have the bootloader locked, which means verified boot will be disabled. Also means that anyone with physical access has immediate root access via TWRP. They can't access data but they can modify the OS since verified boot is disabled.
The option to wipe the data partition was removed because wiping the data partition allows a bypass of the anti-theft mechanism provided by the OEM unlocking toggle. I removed the option to wipe the cache partition because I didn't see a good reason to allow it. Is there a use case for it? There's almost nothing in /cache. |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
n1m1
Apr 18, 2016
Yes, since an alternative recovery will not perform signature verification. It also means you can't have the bootloader locked, which means verified boot will be disabled. Also means that anyone with physical access has immediate root access via TWRP. They can't access data but they can modify the OS since verified boot is disabled.
This is awesome, particularly for what concerns the problem of the physical access: I'd emphasize it in the Technical overview. Thank you for the clear explanation.
Is there a use case for it? There's almost nothing in /cache.
Well, I do have a use case, but it is not security related. Since I am still experiencing #235 , before resetting my phone, I'd like to wipe the cache partition and see if this fix the problem. Obviously, I do not expect that you modify the official recovery for this reason :-)
n1m1
commented
Apr 18, 2016
•
edited
Edited 1 time
-
n1m1
edited Apr 18, 2016
edited
-
Apr 18, 2016
This is awesome, particularly for what concerns the problem of the physical access: I'd emphasize it in the Technical overview. Thank you for the clear explanation.
Well, I do have a use case, but it is not security related. Since I am still experiencing #235 , before resetting my phone, I'd like to wipe the cache partition and see if this fix the problem. Obviously, I do not expect that you modify the official recovery for this reason :-) |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
thestinger
Apr 18, 2016
Contributor
There's really very little in the cache partition. It's used to pass a file path and block map to the recovery for over-the-air updates (/cache/recovery) and seems to be involved in adb backup/restore, but there's little else there in AOSP at least. So wiping it is unlikely to fix anything.
|
There's really very little in the cache partition. It's used to pass a file path and block map to the recovery for over-the-air updates ( |
n1m1 commentedApr 17, 2016
Hello,
I know this is not a forum but I sent a mail a couple of days ago and I have received no answer.
I was wondering if installing another recovery (like, let's say TWRP) on a Nexus 5x running Copperhead is to be considered as a possible security breach.
If this is the case, how is it possible to wipe the cache partition with the official recovery? This option does not seem to be present between those available.
Cheers.