southernwolf ,
@southernwolf@pawb.social avatar

I can also confirm it doesn't work on a de-Googled device, even with something like MicroG (though it may work on GrapheneOS's sandbox thing).

bradboimler ,
@bradboimler@startrek.website avatar

Nope I had to go back to Google Android on my pixel won't even activate anymore.

Kusimulkku ,

Good standard you have there. Good features are proprietary to Google and you can't use it while rooted.

Lmao

skullgiver , (edited )
@skullgiver@popplesburger.hilciferous.nl avatar

[Thread, post or comment was deleted by the author]

  • Loading...
  • RobotToaster OP ,
    @RobotToaster@mander.xyz avatar

    We really need to move away from the idea that a user having control over his/her device is insecure.

    I can use online banking and paypal with windows logged in as administrator or GNU/Linux logged in as root[0], why shouldn't I be able to use google wallet pay wallet with root?

    [0] yes I know you shouldn't log in as root, but that doesn't change that you can do it.

    yurgenst ,

    "why shouldn't I be able to use google wallet pay wallet with root?" Because little innocent Google won't be able to build their advertising profile of you. Can't have that!

    programmer_belch ,

    Does rooting your device make you the root user or just gives you access to superuser utilities?

    In linux systems the root user shouldn't be used for daily use, you just make an user account with permission to use sudo, doas or su.

    user224 ,
    @user224@lemmy.sdf.org avatar

    If you root your phone, at least with most tools, you don't become the root user. Apps that use root access have to request it, and you'll have to allow it in the root tool you flashed.

    Example pop-up from SuperSU:
    https://i.imgur.com/uAReki1.jpeg

    evo ,

    Lol. So if you use an exploit to gain SU what makes you think a malicious app can't do the same? Or better yet, find a new exploit in the SU management software you installed. As soon as you root, you can no longer guarantee root activities are not taking place unbeknownst to you...

    notfromhere ,

    That goes for unrooted phones as well. The danger with rooting a phone comes from the automated software that is doing the initial rooting. It could install anything in there and the user would be none the wiser. Once it’s rooted and permissions are requested via the superuser app, it’s not any more dangerous than a non-rooted phone, assuming nothing malicious was installed during the rooting process, that is.

    evo ,

    Once it’s rooted and permissions are requested via the superuser app

    And you expect this piece of community software (that is often closed source to avoid detection by safetynet) is perfect? Never had any bugs or exploits?

    it’s not any more dangerous than a non-rooted phone

    The SU software itself is an attack vector. One with the ultimate payoff (root access). When you root the device you install a window in what was otherwise a solid wall. It is inherently less secure and I can't understand how a knowledgeable person would argue otherwise.

    notfromhere ,

    I agree with what you’re saying, but all software is insecure and it should be up to the user what their risk tolerance is. Instead, users’ control of their equipment is whittled down and before long the only choice will be deal with it or don’t play. Pinephone comes to mind as a phone with root access that is somewhat secure, but it also has latent vulnerabilities that could be exploited as its version of sudo is also an attack vector. Everything is a trade off especially in software/tech.

    evo ,

    but all software is insecure and it should be up to the user what their risk tolerance is

    Yes. And app developers/companies should in turn do the same. A banking app and a lemmy app probably don't have the same security requirements. Each needs to apply the appropriate security constraints, and if that means not allowing rooted decices that's fair imo.

    michaelmrose ,

    SU software has been a thing for about as long as android about 20 years or about. Has otherwise legitimate su been a source of unattended exploiting?

    The obvious risk factors are that users shall be tricked into granting inappropriate permissions to otherwise malicious or compromised software that they have deliberately installed. Outside of mobile platforms this is considered an acceptable risk that competent users can consistently successfully manage on their own hardware.

    In fact if you look at actual users even those with very limited technical know how the primary thing that

    The secondary risk is that users with no legit source of tools to root

    michaelmrose ,

    if you use an exploit to gain SU what makes you think a malicious app can’t do the same

    They can. 99% of computer security is still not installing malware or being tricked into taking actions that enable your own harm. That said often rooting methods involve physically pressing keys while booting to access the boot loader, ADB, running things with with expansive permissions. Malicious apps install via play store with reasonable permissions will generally have a much harder time breaking out of the sandbox.

    Or better yet, find a new exploit in the SU management software you installed

    Historically "sudo" tools haven't been the source of many issues whereas a multitude of problems flowed from complex memory unsafe code.

    As soon as you root, you can no longer guarantee root activities are not taking place unbeknownst to you

    You can never guarantee this however if you are careful what you install you will remain safe same as it was before.

    programmer_belch ,

    So google is lying about rooted devices, they seem as secure as an OEM letting an user sideload apps or google themselves letting malware apps inside their store

    skullgiver , (edited )
    @skullgiver@popplesburger.hilciferous.nl avatar

    [Thread, post or comment was deleted by the author]

  • Loading...
  • x6a61686e ,

    Tried installing the most recent WhatsApp update but it's failing. I think a virus is blocking the update, better try again with secure browsing off...

    dejected_warp_core ,

    I must be missing something. How would Google be at all liable for restoring funds stolen by software that they themselves didn't furnish, on a device that's out of their control?

    ForgotAboutDre ,

    A judge may not see it that way. They may perceive it as Google failing to provide adequate protections to their users.

    If user installed the app created by Google and did not share any login credentials. It's easy to claim Google is liable.

    The equivalent would be a bank leaving the back door to their vault open. An intruder going in and removing your funds. Despite following all the banks instructions, the bank has not replaced the funds.

    The banks is responsible for people gaining unauthorised access to your account. Especially when you don't share your login credentials with anyone (even unknowingly). If they can't protect against root access attacks then, they shouldn't permit use of their app on those devices.

    Apps have convenience features, especially related to easy sign in. Their website logins don't have these features. They require the user to enter passwords, challenge codes, card reader etc. If someone gets access to a password manager, the user is at fault. The bank likely stated you shouldn't write down or record your password.

    skullgiver , (edited )
    @skullgiver@popplesburger.hilciferous.nl avatar

    [Thread, post or comment was deleted by the author]

  • Loading...
  • JamesFire ,

    is now forced to work until they die

    As if that's not already the case

    evo ,

    Yeah, I'm going to get downvoted into oblivion for this...

    I'm sick and tired of reading this same uneducated argument. Your desktop browser and an app on your phone are entirely different paradigms security/development wise.

    Your desktop browser is expected to be insecure. Nobody stores data there besides cookies. Most processing happens somewhere else on a server.

    Apple and Google have changed this stance entirely because they knew apps could be a lot more powerful if they did. The API's that exist to build apps on your phone are designed around the concept of having a secure, sandboxed environment per app. Apps can run offline and manipulate data quickly because data can be synced down and stored locally. I know it sucks for rooted users, but I don't blame developers for refusing to support those devices one bit.

    Norodix ,

    We all get that the design paradigm is "a secure, sandboxed environment per app". We just know its a retarded design.

    knobbysideup ,
    @knobbysideup@sh.itjust.works avatar

    I'm not even rooted and gpay keeps breaking on crdroid for me, despite passing safetynet. I've given up and just got another credit card that I can use with my garmin watch that works every time without the hassle.

    Wes_Dev ,

    No my friend, our overloads have decided that you shouldn't have control over your desktop either.

    umbrella , (edited )
    @umbrella@lemmy.ml avatar

    how would an unrooted but old, deprecated version of android be any better than an updated custom rom?

    those things baffle me, they just want to take away control dont they?

    EpicVision ,

    The standard seems to be complete and utter garbage. It was garbage from the very beginning, which is why I never understood why people were getting so incredibly hyped up about RCS support.

    K1nsey6 ,
    @K1nsey6@lemmy.world avatar

    My husband and I were having an issue yesterday sending an RCS message, they were never getting delivered. They ended up being sent via SMS. It cleared up after an hour or so

    icerunner_origin ,

    I don't get the RCS hype. I already have apps for rich messaging and RCS offers nothing for me over those apps. What I do appreciate is SMS, which is posed to be killed-off by RCS. I can rely on SMS even when there is no data signal, can't say that for RCS. I wish I had a way to permanently disable RCS on my Pixel 6a, instead I have to keep rejecting the 'upgrade to RCS' dialog.

    soulfirethewolf ,

    The hype is because America won't switch to Internet messaging by default and only wants one app to message with. So SMS is the only primary option for that. Meaning lower resolution media, and a lack of modern features like read receipts and typing indicators.

    lascapi ,
    @lascapi@jlai.lu avatar

    I don't know why, but that a sad news :/

    BearOfaTime ,

    Good news.

    The more people they keep from using this garbage "standard", the better.

    It still requires a phone number. It still falls back to SMS, it still fails, a LOT - just see the comments in this thread.

    It's 20 years too late.

    XMPP was better, in 2010, than RCS is today. I was using XMPP on my phone in 2010, messaging people on computers, seamlessly. Without a phone number. On multiple services using Pidgin.

    No thanks, I don't want this garbage called RCS.

    skymtf ,

    I always disliked RCS, I kept telling people it's a walled garden, mainly controlled by Google

    lemmyvore ,

    Even so you'd think they'd want to get as many people as possible on board with RCS to increase adoption, not fewer.

    BearOfaTime ,

    Then what they're doing tells us all we need to know.

    Google wants to control what data they can glean from RCS users.

    ForgotAboutDre ,

    This is Google's end game messaging app. They want to replace text messaging and Google hangouts/allo/chat... were never going to cut it.

    Its a chat app that doesn't look like one. It looks like the default sms app, you don't need anyone to download or make an account for it. There biggest hurdle was getting iOS users. They've now pressed apple into supporting it as well. They even have Apple state Google will help with their installation. We know Google pay apple billions every year to keep Google search the default on iOS, it even binds Apple to publicly and in court support the arrangements. I wouldn't be surprised if Google has paid billions just for RCS on iPhone. It will keep their marketing monopoly in place for a long time.

    skullgiver , (edited )
    @skullgiver@popplesburger.hilciferous.nl avatar

    [Thread, post or comment was deleted by the author]

  • Loading...
  • ForgotAboutDre ,

    Jibe is RCS. They are so dominant all other implementations will have to follow. So far only Google, Samsung and soon Apple can actually implement RCS practically.

    Chewy7324 ,

    Where I live there's a single ISP which doesn't use Jibe. RCS is largely Google, and this likely won't change with iPhones supporting RCS.

    Dehydrated , (edited )

    I agree. You're much better off just using Signal. It's not federated/decentralized, but all client apps, the protocol and the server code are completely open source and anyone can fork the project. It also works on every platform, its encryption protocol is the most secure one out there and it's been around for over 10 years. They also recently added some cool new privacy features.

    soulfirethewolf ,

    Ok good. But then there's the problem of actually convincing people to use Signal. A messaging app is pointless if nobody else wants to use it.

    Dehydrated ,

    Sure, but in my experience it's not that hard to convince people to get on Signal. (Maybe because here in Europe everyone already has like 15 messengers on their phone, so it doesn't bother anyone to download another one)

    If you use SMS, you can argue that Signal has much better photo and video quality, it can be used from a tablet or a computer and it's basically just like iMessage but for all platforms.

    Kbin_space_program ,

    The weird thing is that so many people are buying into the Google and Apple marketing on SMS being insecure.

    If you're on an unroooted smartphone running stock OS, nothing you do is secure

    Bipta ,

    Basically everything is more secure than SMS though. Security is a gradient, and never absolutel.

    Kbin_space_program ,

    Yes, but I was never under the impression that SMS was secure, and have never heard anyone say it was secure.

    What it was, was cheap, designed to be free, effective and difficult to monetize.

    Google RCS is proprietary and designed to sell your data as well as deliver targeted ads to you that you cannot block.

    skymtf ,

    GraphineOS is more secure than the stock OS

    catsup ,
    @catsup@lemmy.one avatar

    it's a walled garden

    it's a golden prison*

    soulfirethewolf ,

    The thing is is that if MNO's truly cared about running their own RCS network (instead of leaving everything to Apple and Google). It might actually be a more open system. Sure, you can't self host an MNO, but it's still a much larger step forward.

    epyon22 ,

    I was wondering why RCS just stopped working the other day

    user224 ,
    @user224@lemmy.sdf.org avatar

    Every day I am attracted more and more by PinePhone. At least as a secondary device, at first.

    Perhaps it's not even close to polished yet with existing distributions, but at least it isn't made to be shitty.

    skullgiver , (edited )
    @skullgiver@popplesburger.hilciferous.nl avatar

    [Thread, post or comment was deleted by the author]

  • Loading...
  • Qkall ,
    @Qkall@lemmy.ml avatar

    No. I genuinely doubt it ever will... Huge pinephone stan here but I don't see it happening. And before you make the purchase.... Please be sure you know what you're getting into... I'm so sick and tired of folks popping in the chat rooms asking how to install android. We're actually dealing with a lot of spam lately due to a clearly butt hurt person...

    epyon22 ,

    Seems like a decently attractive option. I wish more apps were/had PWA alternatives and I'd be good

    Qkall ,
    @Qkall@lemmy.ml avatar

    Not really a huge comment or critique... More just wanna spread the good word

    https://linuxphoneapps.org/

    peter , (edited )
    @peter@feddit.uk avatar

    This is shitty, but genuinely I have no idea why people root or run custom ROMs these days. I haven't found an actual use for it since about 2015

    Edit: plenty have people have given me fair enough reasons now, thanks

    scorpionix ,

    Speak for yourself.

    LemmyIsFantastic ,

    Meh, they were speaking to the other population. They speak for most.

    peter ,
    @peter@feddit.uk avatar

    I was speaking for myself, I have no idea why people do it. Didn't say there aren't legitimate reasons, I just don't know any of them

    user224 ,
    @user224@lemmy.sdf.org avatar

    I have installed custom ROM (PixelExperience) on my Moto G5s Plus. This way I extended its life by 2 years. The stock ROM only went up to Android 8.1 and was very slow and buggy, unlike with Android 7. This way I got Android 11 which was newest at the time. It was also much faster than the flawed 8.1 update.
    Additionally, PixelExperience allowed some nice things. It looks like Google Pixel phone, even to Google, so I got free unlimited photo/video backups. This may be against ToS, but it's not like I said I have a Pixel 5, they decided that I do ¯⁠\⁠(⁠ツ⁠)⁠/⁠¯.
    Another really great thing is routing Wi-Fi hotspot over VPN. I definitely don't want someone using my internet connection raw.

    Next, root. I have only done that with Samsung Galaxy Ace from 2011. No locked bootloader BS, just flash, Tada! Rooted.
    This allowed me to do full backups, including apps on that device.

    But there's countless other uses, most of which I forgot. Some that I can think of that would be useful to me are:

    • Proper firewall
    • Access to Android folder (without using desktop) (removed since Android 11)
    • Full app backups
    • Routing hotspot over VPN
    • Band locking on Qualcomm SoC (possible without root on Exynos and MediaTek)
    • WPS push and WPS pin Wi-Fi connection (insecure) (removed since Android 9)
    • Opening ports <1024
    • Changing screen resolution and aspect ratio (useful for screen mirroring)
    • Removing bloatware
    • Changing Wi-Fi MAC address manually
    • Battery charge limiting (e.g. to 80%)
    • Precise management of app permissions
    LaggyKar ,

    Proper firewall

    What services does it have that are listening on external interfaces?

    user224 ,
    @user224@lemmy.sdf.org avatar

    That's the point. I don't know.

    BearOfaTime ,

    It's not necessarily about listening.

    Many/most apps try to connect to Facebook, for example. Part of the ghost profile issue.

    Or a handful of other data gathering services.

    Blocking those are useful for both privacy reasons and battery life.

    Those apps like to run in the background at al times, registering for every single receiver the phone has (apps like Solitaire, for example). If I didn't block receivers many apps would run all the time, even apps I use once a month.

    It's MY phone... End

    MigratingtoLemmy ,

    Privacy? I am astonished that you're seriously asking this.

    Is this the point about unlocking the bootloader being risky, or did you just pour the Google/Samsung advertisement ethos down your throat?

    peter ,
    @peter@feddit.uk avatar

    I guess that's a fair reason. I hadn't really considered that because I don't personally care too much

    MigratingtoLemmy ,

    I'm interested; are you saying you don't care about privacy from your android device?

    peter ,
    @peter@feddit.uk avatar

    I don't care to enhance it any further from the default experience, especially with the downsides

    MigratingtoLemmy ,

    Downsides?

    peter ,
    @peter@feddit.uk avatar

    Can be quite a bit buggier than stock, can be difficult or impossible to use some apps. You can lose some stock features sometimes. You can spend a lot of time debugging issues.

    BearOfaTime ,

    You're talking about other people, not yourself.

    The internet is chock full of people rooting. If you don't know why other people rot it's from willful ignorance.

    kayaven ,
    @kayaven@lemmy.world avatar

    You want an example? GrapheneOS, to take back my privacy.

    AnEilifintChorcra ,
    • Less bloat ware/spy ware - custom ROMs don't come prepackaged with random shady games from shady companies or random shady social media apps from shady social media companies.

    • Better privacy and security implementations along with DeGoogling - a lot of ROMs offer Gappless ROMs which is really important since Google is way to big and has too much influence on android OEMs and its easily the biggest ad company in the world and constantly refused to respect peoples privacy. e.g GrapheneOS https://grapheneos.org/features and DivestOS https://divestos.org/

    • Long term software support to help against e-waste e.g LineageOS supports so many phones who's manufacturers have stopped supplying software updates. https://wiki.lineageos.org/devices/

    • Customization e.g Crdroid includes loads of custom settings from a variety of other custom ROMs and OEM ROMs that rarely get implemented by any stock ROMs. https://crdroid.net/

    • Rooting android phones gives users the ability to access system files that they may not have been able to backup if the apps don't support it. It also allows for a full system backup and restore

    • It also allows users to block ads and unwated connections without using a local VPN e.g adaway

    Enabling Google to dictate what a user can do with their own device by limiting features is a slippery slope and the last thing we want to happen is for Android to end up like iOS with its walled garden approach.

    Samsy ,

    The walled garden is something that grows fast everywhere. Users should have the rights over their devices. Maybe its time to get the EU on this train, their last approaches like the GDPR or the DSA are from near the same spirit.

    AnEilifintChorcra ,

    Its unlikely that they'd get involved, RCS might be default on Googles messenger app but people still mainly use alternatives like WhatsApp so there's not a big enough user base that would be affected and since Google is pushing RCS as interoperal, DSA won't apply.

    JackGreenEarth ,
    @JackGreenEarth@lemm.ee avatar

    Yes, OS supported root should be mandatory, it shouldn't have to be some sort of hack.

    redcalcium , (edited )

    You can still install custom roms without root enabled. Enabling root access is an optional step on most custom roms installation as long as your bootlooader has been unlocked. The question is, does google disable rcs on such devices too, or is it just on rooted devices?

    AnEilifintChorcra ,

    As of 2024, Google is now quietly blocking RCS messages on unlocked/rooted android devices. Even if your device only has an unlocked bootloader, it is now at risk of being quietly shadowbanned from sending RCS text messages.

    According to the OP that opened the issue with Google, it doesn't work with devices with unlocked bootloaders so it would affect the majority of custom ROM users since very few custom ROMs and devices support relocking the bootloader, and I think it probably would still affect these devices too since the last time I relocked a bootloader with DivestOS I still had the error message about system integrity on boot

    Rooted users can probably bypass this issue with some Magisk modules the same way they do with GPay and banking apps.

    If Google really does want to push RCS then disabling access to the more technically inclined users now seems a bit silly.

    I thought they'd at least wait for wider adoption before locking it down like they're doing with YouTube and ad blockers, especially with imessage and WhatsApp being such big competitors. At least in Europe, I don't see anyone dropping WhatsApp for RCS anytime soon.

    redcalcium ,

    Yeah this will cause issues because many device that allows relocking bootloader can only do it once, which lock out future rom upgrades.

    What prompt google to do this? Do they have bots problem abusing the service?

    AnEilifintChorcra ,

    I've been degoogled since 2019 so I have never actually used RCS so I'm not 100% sure.

    If I were to guess I would assume it has something to do with Apples support for RCS. The last time I checked, Apple won't support end-to-end encryption in RCS and the messages are only encrypted in transit so maybe Android users that will use RCS with Apple users will have all of the chats saved unencrypted within the system folders and that would be no bueno for Google

    But I'm honestly not sure, I have no interest in learning about RCS unless GSMA helps open source apps integrate it so I'm not stuck with either Samsungs or Googles messaging apps

    BearOfaTime ,

    I have no interest in learning about RCS

    I never will. It's too little, too late.

    20 years ago it would've been a god replacement for SMS. Today? I only use SMS with people who refuse to switch to any modern messenger. I was using XMPP on my phone 20 years ago...

    BearOfaTime ,

    You can only relock once? Since when?

    Or do you mean relock once with current OS? Yea, unlocking requires a reset, as a security mechanism.

    redcalcium ,

    iirc many chinese phones can only be unlocked using the stock rom, so if you lock it while using a custom rom, you better not planning to unlock it again.

    michaelmrose ,

    For practical purposes its capturing revenue from OEMs and users. Android being open source if they didn't completely sabotage an actual open source market they could well find OEMs or third parties capturing those dollars or indeed those unearned dollars evaporating in a competitive market. Think the IBM PC and Microsoft.

    LaggyKar ,

    Rooted users can probably bypass this issue with some Magisk modules the same way they do with GPay and banking apps.

    That doesn't work anymore due to hardware attestation

    Batbro ,

    Works fine for me, banking and gpay

    ElectroLisa , (edited )
    @ElectroLisa@lemmy.blahaj.zone avatar

    Delete bloatware or just straight up remove all of the Google services

    ivn ,

    How do you keep a phone more than 5 years while still having security updates without a custom ROM?

    peter ,
    @peter@feddit.uk avatar

    I had my note 8 for longer than security updates existed so I installed lineageOS on it, it got security updates but lost a ton of other features and became buggy and slow. Maybe with other phones the experience is better.

    BearOfaTime ,

    I'm running a 2018 flagship using DivestOS (a fork of Lineage). It's faster than most new phones, battery gets charged midday (because I hammer it), and I'd argue more secure than most (because I have a proper firewall and some other security tools.

    If I were to not hammer on it, the battery would last for 10 hours+ (using just messaging apps, instead of ftp, file sync, games, etc).

    squid_slime ,
    @squid_slime@lemmy.world avatar

    Custom roms: I don't want google service on my device.

    As to rooting, I have rooted in the passed, its my device and I'm a tinkerer so why not?

    Might as well ask why people run linux after buying a laptop with pre installed windows.

    peter ,
    @peter@feddit.uk avatar

    Well Linux is an entire different OS which comes with its own benefits. Rooting makes it a lot more difficult to use apps that use safetynet so doing it because "why not" rather than for a specific benefit doesn't make sense to me

    AceSLS ,

    I need root for some things like IsoDrive and Frida. Frida would be usable without root but it's really cumbersome. Also AdBlocking and some LsPosed modules like CorePatch. WireGuard works better with root aswell because you can use the kernel module directly

    I also hate being restricted by arbitrary locks, it's my device so I wanna be able to do whatever I want with it

    MigratingtoLemmy ,

    Android is Linux with a patched kernel and a different userland. Are you saying you never use root on Linux?

    peter ,
    @peter@feddit.uk avatar

    My usage of my phone is different from the usage of devices I specifically install Linux on.

    MigratingtoLemmy ,

    Being root gives you access to the firewall and better access to controls over apps. Although maybe you don't care

    peter ,
    @peter@feddit.uk avatar

    That's fair, but yeah I don't really care for that. I can understand why someone would though

    user224 ,
    @user224@lemmy.sdf.org avatar

    OK, if you want a whole different experience there's some mobile GNU+Linux distros like Ubuntu touch, Postmarket OS or Mobian.

    peter ,
    @peter@feddit.uk avatar

    I don't want a different experience, I know you can install different Linux OSes on your phone but that's not what I use my phone for. Last I checked Ubuntu touch barely worked too.

    Dehydrated , (edited )

    You need to differentiate between root and custom ROMs. Root is counterproductive in regards to security, because it significantly increases attack surface, but Custom ROMs like GrapheneOS can make your device much more private and secure. It also doesn't ship any proprietary apps by default and Google Play services are sandboxed and isolated, just like any other app. It's pretty amazing.

    LaggyKar ,

    It's not necessarily counterproductive, it depends on what you're trying to accomplish

    Dehydrated ,

    *counterproductive in regards to security, I updated my original comment

    BearOfaTime ,

    Even then it's not.

    Is your PC less secure because it has root access/Admin accounts?

    It's all about how it's managed. And I'd argue my phone is more secure, because of how I use root to improve security.

    Good luck installing any app on my phone, without knowing how to unlock that functionality.

    Dehydrated ,

    I recommend the following section of this article:

    Rooting your device allows an attacker to easily gain extremely high privileges. Android's architecture is built upon the principle of least privilege. By default, only around 6 processes run as the root user on a typical Android device, and even those are still heavily constrained via the full system SELinux policy. Completely unrestricted root is found nowhere in the operating system; even the init system does not have unrestricted root access. Exposing privileges far greater than any other part of the OS to the application layer is not a good idea.

    It does not matter if you have to whitelist apps that have root — an attacker can fake user input by, for example, clickjacking, or they can exploit vulnerabilities in apps that you have granted root to. Rooting turns huge portions of the operating system into root attack surface; vulnerabilities in the UI layer — such as in the display server, among other things — can now be abused to gain complete root access. In addition, root fundamentally breaks verified boot and other security features by placing excessive trust in persistent state. By rooting your device, you are breaking Android's security model and adding further layers of trust where it is inappropriate.

    A common argument for rooting is that Linux allows root, but this does not account for the fact that the average desktop Linux system does not have a security model like Android does. On the usual Linux system, gaining root is extremely easy, hence Linux hardening procedures often involve restricting access to the root account.

    strawberry ,
    @strawberry@kbin.run avatar

    for me , privacy. no google services run in my phone, and none od my data gets shared with anyone

    shininghero ,

    Personal firewall.
    If an app doesn't need internet access to do its job, it doesn't get it. Simple as that.

    BearOfaTime , (edited )

    Because it's my device, not Googles.

    Do you let Dell lock down your laptop and prevent you creating an Admin account?

    peter ,
    @peter@feddit.uk avatar

    What I do on my PC and what I do on my phone are different. Above all the most important feature of my phone is that it works reliably, not that I can tinker or install mods

    kratoz29 ,

    tinker or install mods

    lol, tinker and modding is one of the two things I do most on my phone.

    Telegram community is way more active than XDA for my phone.

    peter ,
    @peter@feddit.uk avatar

    Different uses for a phone then I guess. To me my phone is an appliance like my washing machine. I want it to work when I need it to and be reliable.

    southsamurai ,
    @southsamurai@sh.itjust.works avatar

    Because it's my fucking phone.

    Custom "rom"s extend the life of the device via both security updates and app compatibility. They're usually able to be used without propriety Google shit at all, if the person wants.

    Just rooting allows more control over what is and isn't on the device, which goes back to the "my fucking phone" factor as well as the rest.

    Yeah, you can partially debloat via adb, but that's a partial solution to a systematic problem.

    And that's ignoring apps that can do more with root, if you want them to have those abilities.

    Edit: hell, just access to hosts file is enough justification.

    Batbro ,

    I'm running a laptop replacement chroot

  • All
  • Subscribed
  • Moderated
  • Favorites
  • android@lemmy.world
  • kamenrider
  • pixo
  • jeremy
  • Lexington
  • cragsand
  • mead
  • RetroGamingNetwork
  • MidnightClan
  • neondivide
  • xyz
  • PowerRangers
  • AnarchoCapitalism
  • WatchParties
  • WarhammerFantasy
  • supersentai
  • Rutgers
  • Teensy
  • itdept
  • space_engine
  • steinbach
  • learnviet
  • bjj
  • loren
  • AgeRegression
  • khanate
  • mauerstrassenwetten
  • electropalaeography
  • Mordhau
  • All magazines