u/Efficient-Rhubarb-99

I found a cool use for my old Samsung S5 (rooted). I have already been using Dropbox and Google Drive to backup my most important files (from my main linux Desktop) but call me paranoid, I was still concerned about possibility of a remote hack that could in theory wipe out both my main files as well as the linked cloud backups. So.. I had an idea.

Setup termux and a few scripts on an unused S5 to do a daily backup to the phone. S5 has ssh key for the desktop but not the other way around and S5 has no outward facing services running. Each day, it would first rsync ~20 randomly scattered static PDF, DOC, image and source files, compare their hashes to make sure they have not been changed (ransomware encryption detection) and only then rsync the whole backup from the desktop. It then adds it to a local borgbackup repo. I have a separate script that prunes the oldest backups if I ever run out of storage but considering that my daily changes are very small, I can easily have over a year of daily backups even in the phone's built-in storage and I also keep another borgbackup on the microSD card. I am far from being a security expert but to me this seems like a pretty secure setup, not to mention - completely free thanks to termux. Otherwise I would have had to use something like RaspberryPi which is nowadays very much not free.

I am one of the lucky ones to have bought my X4 before the recent changes but now I am a bit hesitant to recommend it to my friends or buy another one as a backup. Am I right in understanding that some new X4/X3 devices have USB firmware flash disabled at a hardware level (not possible without disassembly which could be very risky considering how fragile the screen is)? I also understand that there is a group of users downplaying the significance as it is (currently) possible/easy to hijack the official OTA update to install a custom firmware. My worry (as someone who has been programming ESP8266/ESP32 uC for personal projects for years) is that it is all fine and good right up to the point where you make a big enough mistake while messing and testing your custom firmware that you no longer have a functional OTA update path. Am I right that if that happens, the new devices are basically bricked? For my ESP32 projects, as a convenience, I always have OTA flash enabled and usually use it for firmware upload but I can't even count how many times have I introduced a bug that rendered my ESP unresponsive and I had to flash the corrected version through USB.

So... am I right that the current version of 'locked' devices are still mostly usable for normal users only wanting to occasionally flash an already tested community firmware but that those same locked devices are next to useless for the actual developers / tinkerers?