pipe2null
pipe2null Another important big picture issue. Is it reasonable to equate "verified boot" with x86/64 efi secure boot, or is that a gross mischaracterization? Certs exist in mobo firmware, firmware checks efi executable's signatures prior to executing, signed executables are required to check signatures for any chainloaded execs/kernels, etc?
It is nothing like the UEFI Secure Boot you see on x86_64. The boot chain on a properly configured Android device verifies the bootloader, firmware, and all OS partitions (this includes the kernel, userspace etc). It is a massively important security feature.
pipe2null Which brings us to my OP. If a fork of GOS was able to reasonably support one or more cheap aliexpress devices, then a small company or even just a single dev could import for cheap, install psuedo-GOS, mark up the price to cover the work plus basic tech support, and still sell it at a pricepoint that is competitive enough for people to take a chance on a no-name company/person selling devices running a virtually unknown-to-normal-folk niche OS.
This would be massively harmful. You can't paint over the architectural security issues of a broken, insecure device by just changing the OS on it. It would mislead users and cause substantial harm to them.