Since getting my first android phone in May 2011, I have been extremely into rooting and flashing ROMs onto my phone. My first phone, the HTC Droid Incredible 2, was easy, due to it's unencrypted bootloader. This makes root (superuser) exploits easy, as well as the installation of custom recoveries and ROMs. The bootloader on my current phone (the Motorola Droid Razr) is encrypted. This makes gaining root, installing custom recoveries and ROMs significantly harder.
A bootloader, at it's most basic does nothing but load an OS. However, a bootloader can be used to verify software and things like that.
In terms of android, the bootloader checks the signatures of the files being loaded. If a signature fails the check, the phone doesn't boot. Often, people confuse the difference between "locked" and "encrypted" bootloaders. A locked bootloader is something every phone has out of the factory. An encrypted bootloader a locked bootloader with a layer of encryption that prevents you unlocking the bootloader.
***NOTE*** from here on out, a "locked" bootloader will refer to an encryped bootloader, unless explicitly stated.
Many phones have unencrypted or lightly encrypted bootloaders that are easy to crack. Yet other phones have factory-sanctioned unlocks, allowing the end-user to decrypt and unlock the bootloader.
As of late, there has been some major discussion in the developer community about the future of bootloaders. Most people argue that having a locked bootloader restricts what can be done with a phone. This is where my phone (and previous Motorola phones) comes in. Every android Motorola phone has had a locked bootloader. This has not stopped a select few brilliant devs working on porting ROMs and creating custom recoveries. Some of the things they have come up with just blow me away.
For example, the recovery solution that the developers have come up with is phenomenal. It is called safestrap, and in safestrap 2, one was able to dual-boot one custom ROM alongside the Stock ROM. Well, in safestrap 3 (which is all touch), you can now have 4 custom ROMs alongside the stock ROM.
Another exciting development is the use of a KEXEC (Kay- eksek) kernel. KEXEC is not particularly new to Linux, but to the android community, it is fairly new. This allows developers to make kernels for each ROM, without having to flash a new kernel (which has the potential to brick your phone).
The point is: is having a locked bootloader really all that bad? Yes, it does adversely impact the initial ability to develop for the phone, including rooting. However, having a locked bootloader requires innovation on the part of the non-OEM developers. In any industry, innovation is a driving force. The changes that get made to any android device do get noted by Google, and do eventually get integrated into the Android OS (See the settings toggles added to the notification menu as of Jellybean [4.1]). What's to say that the innovations made today won't be integrated into tomorrow's OS?
What do you think about locked/unlocked bootloaders on mobile devices? Please discuss in the comments section!