Billions of working smartphones reach the end of their service lives each year and move into drawers, recycling streams, and waste piles. The WEEE Forum estimated that 5.3 billion mobile phones became electronic waste in 2022. Many of these devices still function. The average smartphone stays in use for about three years, and owners often replace handsets that retain enough computing power for other jobs.
A team at the Université Libre de Bruxelles examined a barrier to giving those devices a second life. The barrier comes from the security hardware that protects phones during their first life. Secure boot, Trusted Execution Environments, and fused cryptographic keys guard user data and system integrity. These same mechanisms tie a device to its original maker and resist the changes that reuse requires.
How phone security binds a device to its maker
Arm processors carry a feature called TrustZone, which splits a phone into two parts. One part runs the everyday operating system, such as Android. The other runs a separate, locked-down system that handles sensitive work like key storage and authentication. The Android Keystore relies on this protected zone through software supplied by the vendor.
Secure boot adds a second layer. It anchors trust in read-only code burned into the chip and in cryptographic keys set during manufacturing. Each stage of startup verifies the next before handing off control, which blocks unauthorized software from running. Authority over these keys and boot policies stays with the manufacturer and the operating system vendor. Owners who unlock a bootloader to load their own software often switch off verified boot and key attestation in the process.
A test on open hardware
The researchers ran their experiments on a PinePhone, an open hardware device built around the Allwinner A64 chip with a quad-core Arm Cortex-A53 processor. They chose it for a reason. The PinePhone publishes its hardware documentation, ships without fused manufacturer keys, and allows bootloader replacement. These traits make it the easiest realistic case for restoring security after a software overhaul.
The team replaced the phone’s software in stages. They first flashed a minimal U-Boot bootloader compiled from source, using the audio jack as a serial port to read startup logs. They added a secure monitor and a Linux kernel, which produced a working Linux system suitable for tasks such as an IoT gateway or a low-cost server. They then rebuilt the same system through Buildroot, a tool that automates the creation of embedded Linux images.
Where the work stopped
The final step aimed to restore the protected execution zone using OP-TEE, an open-source Trusted Execution Environment. This step failed. Mapping the secure memory regions and defining safe zones demanded precise low-level configuration. Incorrect mappings let the kernel reach into the secure world and triggered repeated crashes. After extended debugging, a working OP-TEE setup stayed out of reach.
The hardware itself supported the feature. The source of the failure was the difficulty of the configuration work, present even with access to chip documentation and the device tree that describes the hardware. The team drew a wider lesson from this. A locked commercial phone, with proprietary bootloader code and undisclosed chip details, would demand reverse engineering before the same attempt could begin.
Three paths for reuse
The paper sets out three options for people who want to reuse phones. The first accepts the loss of hardware security and suits low-risk work such as hobbyist projects and sensor nodes. The second attempts to rebuild secure boot and the protected zone, an approach that fits research labs, demands deep expertise, and carries uncertain results. The third relies on long manufacturer support windows.
Recent Google Pixel phones carry seven years of security updates. That window keeps hardware-backed protection running across most of a device’s working life and gives refurbishers a span in which they can redeploy a phone with its security intact. Once that support ends, rebuilding secure boot or the protected zone returns to the realm of specialist work.
Implications for industry and policy
The findings point to a connection between two goals that the technology industry treats separately. Stronger phone security and longer device life work against each other under current designs. Security architectures assume one owner and one supported lifecycle. That assumption raises the cost of every reuse effort and adds to the volume of discarded electronics.
Co-author Jan Tobias Mühlberg has argued in earlier work that sustainable systems should be designed to extend their safe and secure lifespan and their potential for reuse. The Bruxelles team connects this idea to right-to-repair policy. The paper points to extending minimum software support periods as the most effective option for preserving both security and sustainability. Standard interfaces for secure boot, protected zones, and ownership transfer could lower the barrier to secure reuse across many device models.
For now, a repurposed phone can serve plenty of jobs that carry low stakes. A phone meant to hold cryptographic keys or personal data demands a working secure boot chain and a protected zone, and that combination remains a high-difficulty target on most hardware.
Guide: What automated pentesting alone cannot see
