Read the post from dmitrygr again or mine. The bootloader does not get loaded, because the verification fails. That means there is no way to wope or reset the device. Without a signed firehorse binary you can't do anything, because EDL just won't talk to you.

More details: https://blog.quarkslab.com/analysis-of-qualcomm-secure-boot-...

> The bootloader does not get loaded

I get that, but there should be something in the ROM that can reflash the device.

It already has signature verification code, which is the hard part to fit into a tiny ROM.

> Without a signed firehorse binary you can't do anything, because EDL just won't talk to you.

So... either they should release a firehorse binary that can wipe devices, or they should add a small bit of code that can wipe and flash without needing a firehorse binary.

As I read it, dmitrygr was saying that the ostensible reason you can't do anything is fear of evil maid attacks, but that ostensible reason doesn't explain why there isn't a wipe+access mode. And "the bootloader is corrupt" isn't the reason, because this is about the pre-bootloader code.

> So... either they should release a firehorse binary that can wipe devices, or they should add a small bit of code that can wipe and flash without needing a firehorse binary.

And how should they add code to a ROM of yet bricked devices?

> As I read it, dmitrygr was saying that the ostensible reason you can't do anything is fear of evil maid attacks, but that ostensible reason doesn't explain why there isn't a wipe+access mode. And "the bootloader is corrupt" isn't the reason, because this is about the pre-bootloader code.

Well, ask Google? :-)

> And how should they add code to a ROM of yet bricked devices?

I'm criticising the original design. Read that "should" as talking about the past.

> Well, ask Google? :-)

Why? I don't care what they have to say (unless they have something surprisingly interesting to contribute), I'm just accusing them of doing this wrong.