this post was submitted on 01 Mar 2024
306 points (98.4% liked)

Android

28031 readers
112 users here now

DROID DOES

Welcome to the droidymcdroidface-iest, Lemmyest (Lemmiest), test, bestest, phoniest, pluckiest, snarkiest, and spiciest Android community on Lemmy (Do not respond)! Here you can participate in amazing discussions and events relating to all things Android.

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules


1. All posts must be relevant to Android devices/operating system.


2. Posts cannot be illegal or NSFW material.


3. No spam, self promotion, or upvote farming. Sources engaging in these behavior will be added to the Blacklist.


4. Non-whitelisted bots will be banned.


5. Engage respectfully: Harassment, flamebaiting, bad faith engagement, or agenda posting will result in your posts being removed. Excessive violations will result in temporary or permanent ban, depending on severity.


6. Memes are not allowed to be posts, but are allowed in the comments.


7. Posts from clickbait sources are heavily discouraged. Please de-clickbait titles if it needs to be submitted.


8. Submission statements of any length composed of your own thoughts inside the post text field are mandatory for any microblog posts, and are optional but recommended for article/image/video posts.


Community Resources:


We are Android girls*,

In our Lemmy.world.

The back is plastic,

It's fantastic.

*Well, not just girls: people of all gender identities are welcomed here.


Our Partner Communities:

!android@lemmy.ml


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] Dehydrated@lemmy.world 0 points 9 months ago* (last edited 9 months ago) (1 children)

You need to differentiate between root and custom ROMs. Root is counterproductive in regards to security, because it significantly increases attack surface, but Custom ROMs like GrapheneOS can make your device much more private and secure. It also doesn't ship any proprietary apps by default and Google Play services are sandboxed and isolated, just like any other app. It's pretty amazing.

[–] LaggyKar@programming.dev 2 points 9 months ago (1 children)

It's not necessarily counterproductive, it depends on what you're trying to accomplish

[–] Dehydrated@lemmy.world 1 points 9 months ago (1 children)

*counterproductive in regards to security, I updated my original comment

[–] BearOfaTime@lemm.ee -2 points 9 months ago (1 children)

Even then it's not.

Is your PC less secure because it has root access/Admin accounts?

It's all about how it's managed. And I'd argue my phone is more secure, because of how I use root to improve security.

Good luck installing any app on my phone, without knowing how to unlock that functionality.

[–] Dehydrated@lemmy.world 3 points 9 months ago

I recommend the following section of this article:

Rooting your device allows an attacker to easily gain extremely high privileges. Android's architecture is built upon the principle of least privilege. By default, only around 6 processes run as the root user on a typical Android device, and even those are still heavily constrained via the full system SELinux policy. Completely unrestricted root is found nowhere in the operating system; even the init system does not have unrestricted root access. Exposing privileges far greater than any other part of the OS to the application layer is not a good idea.

It does not matter if you have to whitelist apps that have root — an attacker can fake user input by, for example, clickjacking, or they can exploit vulnerabilities in apps that you have granted root to. Rooting turns huge portions of the operating system into root attack surface; vulnerabilities in the UI layer — such as in the display server, among other things — can now be abused to gain complete root access. In addition, root fundamentally breaks verified boot and other security features by placing excessive trust in persistent state. By rooting your device, you are breaking Android's security model and adding further layers of trust where it is inappropriate.

A common argument for rooting is that Linux allows root, but this does not account for the fact that the average desktop Linux system does not have a security model like Android does. On the usual Linux system, gaining root is extremely easy, hence Linux hardening procedures often involve restricting access to the root account.