What? Samsung is the most hostile of manufacturers in this regard. Unlocking the bootloader, installing another bootloader, or running a different kernel burns fuses permanently in the device and renders it unable to use their version of hardware-secured storage, aka "Knox."

Kiss some multimedia apps, payment apps, and enterprise security features goodbye...along with a bunch of random features like private mode in their browser.

Flashing an unsigned (or potentially differently signed) bootloader burns fuses. Sure. However, other manufacturers don't just burn fuses, you specifically need to apply for permission to flash your bootloader e.g. https://www.oneplus.com/support/answer/detail/op588

Samsung at least don't require personal details for you to take control of your device. Sure, you lose access to some multimedia, but don't blame Samsung for that, blame Widevine DRM certification. Knox goes out the window, but the entire point of Knox is to (try) guarantee a device isn't tampered with. At least you can remove it!

well, Miami and one plus requires you to provide phone number etc., so that seller and other people don't sell you malicious second hand phone or tampered phone. However, there are no fuses, so your phone will still be on warranty if you unroot it.

I'll stick to Sony where I don't have to tell them anything. OnePlus can fuck off.

What does “tampered with” mean? Particularly in the context of a device you own?

I would consider a device tampered with if someone besides me (the owner) did something with it, without my authorization. But anything short of that is surely just me using the device. I mean, I have physical possession after all.

Signing images and requiring that the bootloader can't flash anything else is just vendor lock in / ceding your power as an end user. It doesn't make you more secure in any way since a bad actor will figure out a way to bypass making writes to the system partition.

Umm I remember ordering Chinese phones way back when (think android 4) with unlocked boot loaders - both had some random junk installed via custom ROM and you couldn't uninstall it.

It's a good thing they had unlocked boot loaders then, or you would not have had any option to remove the malware.

Why would Samsung allow its proprietary 'Knox' to work with other bootloaded OS? They have every right to not support any other OS other than their own.

They aren't "not supporting any other OS", they're causing the hardware to damage itself to prevent that software from working.

It's like your laptop's motherboard detected you installed another OS in place of the OEM-provided Windows installation, and overvoltaged your NVidia GPU to burn it out. "We have every right to not support high-performance graphics on any other OS other than our own - if you want to install your own OS, you can still use the integrated Intel GPU".

Damaging the hardware is a bit of an overstatement. What people are calling fuses isn't really a fuse in the traditional sense. An eFuse usually is just write once memory. All the limiting features are implemented in software which reads out the state of this memory.

Correct me if I'm wrong, but once the eFuse is triggered (which, if it's write-only memory, still involves a physical change that could be interpreted as damage), it's effectively unfixable without replacing the whole motherboard, reflashing it with your original serial number, IMEI, etc. At least that's what I recall from reading about it - Samsung service can "reset" the Knox lock-out, but they do it by replacing the whole board.

In other words: there's no way for me to just take the phone to my workshop / local hackerspace, and fix it with a soldering iron. Even if I could source the right parts, it's going to be a PITA to make them work. I didn't investigate it further, but I assume that these days, cryptography is used for critical parts to attest each other as genuine (similar to what new iPhones do, which is why you can't just replace the "home" button if it breaks).

Additionally, since I haven't heard of people doing software workarounds, whatever in Knox is reading the state of the eFuse, cannot be trivially patched. I recall reading somewhere that triggering the eFuse somehow overwrites Knox itself - if that's correct, then they may not even be anything left to enable afterwards.

----

I'm going to concede here that my example was somewhat hyperbolic - burning a single eFuse isn't the same as overvolting the whole GPU. But only somewhat - the reasoning/intent behind the two cases is the same. Additionally, cryptography blurs the line between what's hardware damage and what's a software limitation. Take, for example, secure erasure of data: you can smash a hard drive with a sledgehammer and then microwave the remains to slag, but you can get the same result by keeping the data encrypted, and then... losing the keys.

This entire comment is irrelevant. The Knox fuse only matters if you're flashing the stock rom back. Only the stock rom actually cares about Knox. The custom roms all ignore the value from Knox or simply spoof it. In other words it's just punishing you for daring to flash a custom ROM.

If someone goes to the trouble of implementing an efuse, they will also implement the check in the hardware so it can't be bypassed. An easy example is optical drives with fixed numbers of region switches that refuse at the hardware level to read discs from the wrong region and also refuse at the hardware level to switch regions once all the fuses have been blown.

Knox is actually irrelevant as most custom roms just fake whatever value is needed to get certain apps going and it's really just Samsung pay I believe.

Well my experiences with the galaxy S10+ was horrible trying to get an unsigned rom to stick. I personally prefer Sony devices now.