Security implication of leaving OEM unlocking enabled?

u84468575

Hi,

I'm interested in knowing the security implication of leaving "OEM unlocking" enabled.
My understanding is that it (only?) allows the fastboot command "fastboot flashing unlock", to replace the OS / flash from fastboot, but since this command results in the device being wiped after being entered, this would not compromise data?
In the other hand, leaving "OEM unlocking" enabled would prevent from bricking the device in case an upgrade of the installed OS prevent it from booting?
But I also understand that having "OEM unlocking" enabled is removing a layer of security, as if fastboot fails to wipe the device then data could be compromised (like on some Xiaomi devices, where you had to boot in fastboot twice keeping the volume button pressed to prevent the wipe).
I'm sure there's other considerations?

Alex

treequell

u84468575 "OEM unlocking" enabled would prevent from bricking the device in case an upgrade of the installed OS prevent it from booting?

That will not brick the device. If the OS fails to boot after an upgrade, it will rollback to the previous version. And failing that, you can sideload the latest release from recovery mode.