Forum Discussion

Josh's avatar
Josh
Level 1.6: Donut
2 years ago

Master ownership of Android devices

Factory Reset Protection / persistence is a powerful tool but it does not yet feel complete, and it is quite frustrating and potentially dangerous in its current state. It is not always apparent whet...
Josh's avatar
Josh
Level 1.6: Donut
2 years ago

My point is that the device user is not always the device owner, and that general consumers shouldn't have such powerful tools available. While ZT is SUPPOSED to be only devices purchased through the reseller, but they can actually onboard any device as we've experienced, but I'm not going in to that now. I can understand a business locking a device, but not some random user, potentially even by accident, and without any sort of special tools. This is about device users not being device owners, something that has never been a problem until FRP.

jasonbayton's avatar
jasonbayton
Level 4.0: Ice Cream Sandwich
2 years ago

Sure, technically a reseller can onboard any device, and in some markets they do so with proof of purchase. There's no gotcha there, it's not prohibited in the agreement, it's just not common.

From the other side of this, it used to be possible for me to grab an Android device, recovery reset it and set it back up as my own regardless of device security in place or who owned it. Granted there were vulnerabilities to get around FRP way back when but these are far fewer today.

So I argue that FRP, like the Apple, Samsung, and other equivalents, are a net positive on device security and recovery, not a detractor for consumers. It protects the consumer from losing their device to someone else, and your premise of it being overly simplistic to brick it through physical access to a device with no means of resolving that is exaggerated.

I've managed devices before FRP control was a thing, and I've been through the process of sending devices off to an OEM facility quarterly to wipe the FRP bit on corporate owned devices. From Android 6.0 it stopped being a problem for managed devices since admins gained control either over FRP being enabled, or the account used to recover it. 

It's now only a problem for organisations today who choose not to manage (enforce their ownership over) their estate, and since there's many options available to do this for all budgets, there's no reason not to manage devices.

If devices are being handed out for the user to set up and look after, they are the owner on a system level. If those devices are put into management, they're owned by the company pushing the policies. That's the distinction for ownership.