Comment by Arnavion
Note that the initramfs is stored without encryption or signing. So while your data won't be leaked when your phone gets stolen, it should be considered compromised if you get it back.
Note that the initramfs is stored without encryption or signing. So while your data won't be leaked when your phone gets stolen, it should be considered compromised if you get it back.
Sure, lack of secure boot is a tradeoff. Of course, by the same token you can just reflash the boot partition and fix that.