Developers can access a limited rollback that is suitable for app testing.
With the deployment of Android 13 to the Pixel 6 and 6a, Google posted an interesting warning on the system image website: Once you flash Android 13, you can never go back to the old version. Although that’s still the case for anyone wanting a fully functional phone, Google has now posted an Android 12 ‘developer support image‘ that will let developers roll back their phones after upgrading, according to Ars Technica.
The ‘developer’ branding on the image means it’s not fully functional, but it will be good enough for app testing, they say.
The one-way update shields a vulnerability
The reason for Google’s one-way Android 13 update is a bootloader vulnerability. The bug is present in the Pixel 6, 6 Pro, and 6a, so only those Pixel models got a one-way update. Android 13 has a fix for the bootloader vulnerability, and to stop attackers from rolling back a device to get around the patch, the company triggered anti-rollback protection on the Pixel 6 and 6a.
Anti-rollback protection blows a physical fuse inside the phone SoC. There are several of these fuses, and each OS version has a count of how many blown fuses it expects. If the number is too high, that means Google has flagged the OS as insecure and out of date, and it will no longer boot.
This ‘developer support image’ is new territory for Google, Ars Technica notes in its article. The company says this special image of Android 12 fixes the bootloader bug and has the fuse counter incremented so it will still boot. It won’t get any automatic updates, though, and it’s not Compatibility Test Suite (CTS)‑approved.
The CTS is a check that guarantees an OS is unmodified, not rooted, and secure. Some banking apps and online games require passing this check to work. Users will also have to do a full wipe of a device if they ever want to go back to normal public builds and updates.
11 hours ago
