Ah, yes, the classic old “go import some old phone in dubious condition” trope. A preferable alternative to the tried and true “i just want to go linux distro hopping on my very own linux phone, which by all means should be a eetsy bitsy tiny wee lil’ computer for my pocket”
I am honestly kind of surprised how the general sentiment here is not: “this is a linux phone, it should do linux things and be a platform but also a flagship developmental target for SFOS” but “how dare anyone consider this phone to actually be open and do open source things like frankenstaining it or installing what i wish on it at the end of the day”
I can’t say about most others but i honestly just want a phone that’s more or less open-source, with in-tree kernel drivers and that i can fiddle around as i please. And to that effect having an unlocked bootloader is quite a must. So going the “just fish for a random used device” is kind of a weird tangent. If i wanted to try SFOSX i’d wait for sony to eventually finish dragging their fit, releasing the device trees for the Xperia 1 VI and hope somone does a port. But that ain’t happening anytime soon, and the J2026 sure will be happening later this year… So… You know… It’s kind of an obvious path here.
Are the US a market for SF nowadays? Otherwise I would give the same pile of stuff on US law as always. Maybe you could start a thread on US legislation as long as there is some.
Honestly, that sounds like buying a TI-84 Plus calculator with the explicit intent of playing Doom on it, or a PlayStation 3 to install Linux. Jolla’s sole reason to sell a new ‘Jolla Phone’ is to have a device that runs Sailfish very well, that anyone can buy without having to find a suitable (and often, but not necessarily, second hand) phone, mess with bootloaders or manually flash Sailfish.
Regardless, as others already wrote, this entire discussion is based on unreasonable conjecture that the bootloader will be locked. Jolla has no reason to do so nor does it have a history of doing so.
Apologies for the quote sniping here:
I thought nemo was a nicer name, but tab completion exists for a reason. /home/d → tab → /home/defaultuser
You’re talking about the company that called their first phone ‘Phone’, their first tablet ‘Tablet’ and their second phone ‘Phone’ (again).
Phones for tinkering exist though, Pinephones as an example.
I would be happy flashing anything I want on any phone I have but j2 is a sfos device and hopefully an actual reference device, not like C2.
The rest is just extra fluff for me.
I obviously mean advocate for open bootloader when i say fight here, and not to start drama for the sake of starting drama. Other forums would be better ground? If advocating for an open bootloader isn’t welcome here then i might have understood something wrong about the whole sailfish community. The moment my original question is answered, all bootloader speculation stops. But it was instead moved away into its own thread from the “Jolla Phone update - lights on, technical bits and the schedule“ by a mod and named confusingly ”SFOS and bootloader lock” even though question is clearly specifically about the J2. And i don’t believe this was done in order to hide the question, i’m just pointing this out. I still can’t find information on this so still hope we get an answer, bootloader locked or unlocked? Even if a company has a good track record in something it’s still better to ask than presume, right?
If you want Jolla to answer your question, it’s best to ask them at a community meeting. Most members of this forum don’t have any more information about J2 than you do.
Our current target is that the device will be user flashable. That both lowers the burden on our side in case of any issues, and also gives more freedom to all of you who wish to tinker with the device in unexpected and innovative ways
We are also investigating the bootloader locking and unlocking, and verified boot options. But at this point it is still too early to say how that will turn out.
Thanks for the update on current situation. So currently target is user flashable, bootloader lock unknown, but no final answers at this point of product development. I hope for an open bootloader, since negative implications of a locked one are great, let’s see how it will turn out.
I can see the case for an open boot loader. But isn’t a locked one adding quite a bit of security, especially when others might have access to the device? I really would like to see an option for users to lock the bootloader, if they prefer to have it that way.
Yes, the purpose of bootloader locking is to prevent someone (could be you, but could also be an attacker) to boot an untrusted operating system (replacing SFOS, possibly without you noticing). Untrusted means not signed by a trusted vendor (i.e. Jolla). A locked bootloader is only a problem for user freedom if it prevents the owner from installing what they want, however, this is not necessarily the case.¹ There are two options that are secure and give you the freedom to install whatever OS you want:
A locked bootloader, that is unlockable AND relockable (this allows temporarily trusting an untrusted os when the user wants only)
A locked bootloader, that allows users to add their own signing keys or generate/retrieve device-specific signing keys (basically allowing you to become a trusted vendor yourself)
I’d prefer the latter.
It should be the other way around. Preferences should default to what the majority would want or – in a security context – the safest option. The majority of users doesn’t need what an open bootloader provides and every user who needs it should be tech-savvy enough to enable it¹
I’m not sure about the legality of leaving the bootloader unlocked, but it would be irresponsible to leave a security feature disabled (especially if said feature being disabled allows circumventing every security feature SFOS implements because it allows circumventing SFOS)
¹ assuming that Jolla implements one of the above solutions (I’d recommend the 2nd) instead of making it as hard as possible or not possible at all like most other brands do, of course
Thanks for your explanations. For me personally it is not so important what the default is, because I can change it but of course, from a general view one has to look at it differently. In any case, I’d be happy with either of those two options you describe, as long as they mean, that installing any untrusted system can only be done with me expressively allowing it (by entering a passcode or other security features, that an attacker, or me unknowingly, could do).
)
