Flashing ROMs that either not signed or their signature is not listed neither by the owner or the manufacturer is an evil maid attack danger that hesitate public users from using open source phone (They want open source devices for transparency but they have security concerns)
You should add ability for the user to password-protect flashing ROMs if their signature is not listed in whitelist
What happens when the legitimate owner forgets the password?
There is some way to reset? In that case doesn’t that undermine what you are trying to achieve?
There is no way to reset? In that case - yes, OK, that’s solid security - but you may have just made an expensive brick, depending on exactly how it works.
Your issue is definitely a genuine issue but is there an easy solution?
A different approach is that the code must be signed by the user but if it is not signed by the user then it is a warning from which the user can continue. So you will never unknowingly run the evil maid’s code. Tampering will be detected but your device will not be bricked.
It wasn’t clear to me precisely which code you are concerned about the evil maid supplying. To answer that, you would need to be able to document in some detail how the boot process on the Librem 5 works.
I don’t speak for Purism but I believe that they don’t want to put themselves in that position. For example, as a US company they would find it difficult to resist a secret FISA court order. It is for that reason that in my previous reply I wrote “signed by the user” - because the user cannot be forced to compromise his or her own phone secretly.
You are right password is unnecessary as UEFI secureboot is better method but also user signing ROM should not be needed (unless for a custom ROM). For your concern methods that stops split-view-attack (for over-the-air updates) can be used. Personally I think POW blockchain is only effective solution There is a method that a light client can detect that is connected to fake POW blockchain which can be used for updates integrity verification (binary transparency). There is another method too which I think not effective for binary transparency but I mention them: