I bought a Pixel 6 Pro for under 300. It is claimed as renewed by an amazon seller. It is in quite nice condition for being this inexpensive. Before i switch over to it I would like to somehow verify it doesn’t have malware on the rom. I have questions, such as if it ever had an unlocked bootloader is there a way to see. Can it be relocked after it has been locked? I might be overly paranoid about malware on my network/lab. But I dont normally buy a renewed or used device, such as a phone. What should I do to verify it is safe?
You can check the current bootloader status:
Boot the device in bootloader mode by turning off the device, then press volume down and power at the same time, until the device boots in this special mode.
Somewhere in the menu, there should be a “Device state: locked” if the bootloader is locked.
AFAIK even “unlocking” the bootloader means that you can’t flash the bootloader with an unsigned bootloader(only other signed bootloaders, verified by the “bootrom”-bootloader), so you can always revert to a “safe” configuration.
Simply flash the stock firmware.