okouser, I reread, apparently misunderstood the written among the night, I meant that there is no need to unlock the bootloader and the person wrote just about unlocking (screen?).
Now about the two quotes, the first, initially, the patch can be installed during the installation of such a recovery as it is implied to obtain full access to the file system (root), it is important that the resulting (for an attacker is also good too).
The second to flash a new recovery - it will be necessary to get into the current or again unlock the device and get the root (Debugging on the adba for quite a long time, it is possible to confirm that from this PC is possible), and this is already hiding. Data - encryption. An add-in over CWM - Philztouch Recovery had a variant of a peculiar password. The same SuperSu knew how to put the password, use as initially vulnerability?
Here it would be possible to complicate the scheme, we obtain such a recovery on the vulnerable version of the firmware, we flash the version with a extreme security patch in the recovery, we flash the root / recovery installers. Only here from the vendors sometimes you will wait for firmwares and the customs will be limited to the upk.
It will not save from the possibility of unlocking the bootloader if the manufacturer did not tighten it to another factor, plus even not everywhere guaranteed when unlocking formatted / DATA, and even more so will not save from programors.
Post has been editedyhnyhn11 - 18.01.18, 14:27