Merill Fernando 
Microsoft Authenticator is about to wipe work accounts from jailbroken/rooted phones automatically 👏.
No IT config needed. 🔥
3-phase rollout starting Feb 2026:
⚠️ Warn → 🚫 Block → 🗑️ Wipe
Let your help desk and security teams know.
Fluffy Kitty Cat@merill in other words, devices that the users control, instead of controlled by someone in the Epstein files
Björn@fluffykittycat @merill It's kind of a grey area. They are right that open bootloaders are a security issue but then also you can relock it on some devices.
In any case I don't think I would use the Microsoft Authentication app anyway unless I have to.
In any case I don't think I would use the Microsoft Authentication app anyway unless I have to.
derptron@thaodan @fluffykittycat @merill Why?
The keys and such associated with the authenticator app should be in a TPM. Something the bootloader can't touch. It can't get the private key to then send it to whoever.
The bootloader could attack in other ways and get the info you're accessing once logged in, but I don't think it can mess about or bypass the actual security mechanism.
I think they're trying to sell bullshit here so the ignorant support them as they lock us all down.
@crazyeddie @thaodan @merill unlocked bootloaders are a moral imperitive. Not to mention all the ewaste created by locked devices not being repurporsable
@fluffykittycat @merill @crazyeddie Context? Nobody in the thread said that devices where users can't unlock bootloaders are a good thing.
Users should just be able to relock it. Locking bootloaders doesn't block flashing it just ensures that only code signing with the owner of the keys in the bootloader can be used, the owner of these keys can be the user.
Users should just be able to relock it. Locking bootloaders doesn't block flashing it just ensures that only code signing with the owner of the keys in the bootloader can be used, the owner of these keys can be the user.
@thaodan @fluffykittycat @merill Yeah, I can't re-lock my phone or I believe even put the bootloader into write-only. Sucks.
@crazyeddie @thaodan @merill yeah, locked bootloaders imply the person who purchased it doesn't get full ownership rights over it
@fluffykittycat @crazyeddie @merill You have to separate the technical from the ideological part. As long as the user has the control for en- and disable the bootloader signature verification they are perfectly fine. There are parts of the device users shouldn't reflash thou such as the radio configuration.