I'm currently using LineageOS and I'm not going to use it in the future. The issue I have is that unlocking my phone creates a security trade off that doesn't seem better than the privacy gains. I'm more afraid of losing my phone and someone replaces the bootloader than I am of telemetry.
I really have enjoyed the LineageOS and it's been great to have a phone that isn't as dumb as a flip phone but doesn't have all the bloatware and spying of other devices. The security around the bootloader is my biggest concern.
Is this a real issue for you? I would think that you would not normally leave your phone somewhere that it could be covertly accessed by an attacker. My device is almost always by my side.
If you're in a position that your chain of custody is broken, just wipe, revert the device to stock signed binaries, confirm by locking the boot loader again, then unlock and re-flash your custom binaries.
Android has two ways of encryption.
FBE = File Based Encryption, newer.
FDE = Full Disk Encryption, older.
FBE is only secure when the system partitions have dm-verity enforced and verity is only enforced when the bootloader is locked.
FDE is a bit more resilient with an unlocked bootloader since there is less data left unencrypted.
However in either scenario without a locked bootloader and verity it is trivial for an attacker to insert malicious code that can then run once your device is unlocked and send off your files.
If left unattended, an attacker could install bootable code that impersonates your normal startup sequence, prompting for your encryption key and booting as normal, but secretly storing or forwarding the key to the attacker.
(I believe this is an example of an evil maid attack, although that name for it is somewhat new to me.)
A locked bootloader would prevent such code from being installed, or at least refuse to run it.
I think the missing part is generating your own key inside the secure boot mechanism, and the disk encryption being tied to that. Evil maid re-unlocks it -> encrypted data is lost.
This reddit thread makes it sound like FBE isn't particularly secure once the bootloader is unlocked. I'm not an expert on this but the more I looked into security around LineageOS the more I realized losing my phone would/could be a serious issue.
Depends on the device. This could be done (with some hackery) on Sony Xperia phones from several years ago, but more recent ones will brick if you try it. I think Google's Pixel phones will let you re-lock, but my impression is that most devices are in the latter category.
Been a few years since I was playing with this stuff, but can you not still just unlock the phone with fastboot? Has something changed that it’s actually bricked or is this the modern sense of the word bricked (mildly inconvenient and maybe some data loss)?
I really have enjoyed the LineageOS and it's been great to have a phone that isn't as dumb as a flip phone but doesn't have all the bloatware and spying of other devices. The security around the bootloader is my biggest concern.