Relock HTC One Bootloader for security


Oct 13, 2014
Visit site

I have unlocked my HTC One, rooted it and installed CyanogenMod. However, now I think that my smartphone is more vulnerable to malicious people. I have encrypted my device (that's very good that in CyanogenMod I can use two different passwords, one for encryption, the other for screen lock). However, when I have installed Gapps (and after using Google Play Store, disabling it with AFWall+ and Privacy Protection), I had to copy files to SD card, launch smart phone in bootloader and install GApps from bootloader. I did not have to provide any password (encryption, screen lock, SIM card PIN or anything else) to correctly execute it. And when I have launched my phone again to Android, Gapps was installed. It means that it is possible for person who has physical access to my phone, to replace SD card with the other and install any malicioius app without my consent.

I don't quite understand why bootloader mode (without decrypting internal storage) was able to install application (that was correctly read after decrypting internal storage in Android). My guess is that encryption does not encrypt everything in internal storage. But I couldn't see any other partition when I connected my phone to my Ubuntu laptop, than only one. Could you clarify it to me, please?

And now my main question. Can I safely relock bootlader, without unrooting my device, loosing any personal data or removing CyanogenMod? I mean, are there any unwanted secondary effects of relocking with "fastboot oem lock"? Let's say that I will want to do something with bootloader later on and I will need to unlock it again. Will it erase all my personal data, as it happened when I unlocked it for the very first time? What exactly is unlocked when I use fastboot to unlock?

Are there any other security catches I should be aware of? I have found somewhere that smartphone has not only one operating system (like Android, Windows Phone or iOS) but also the other operating system (firmware) and there is no way to know if there are any security holes in firmware. Was there any security audit performed for firmware of HTC One?

Thanks a lot for your replies in advance :)

Forum statistics

Latest member