| ▲ | userbinator 2 days ago |
| making it nearly impossible for regular users to uninstall it without root access, which voids warranties and poses security risks Stop parroting the corporate propaganda that put us into this stupid situation in the first place. Having root access on devices you own should be a fundamental right, as otherwise it's not ownership. |
|
| ▲ | ulrikrasmussen a day ago | parent | next [-] |
| We need regulation which defines that any hardware device capable of running software developed by a third party different from the hardware manufacturer qualifies as a general purpose computing device, and that any such device is disallowed to put cryptographic or other restrictions on what software the user wants to execute. This pertains to all programmable components on the device, including low-level hardware controllers. These restrictions extend outside the particular device. It must also be illegal as a commercial entity to enforce security schemes which involve remote attestation of the software stack on the client device such that service providers can refuse to service clients based on failing attestation. Service providers have other means of protecting themselves, taking away users control of their own devices is a heavy handed and unnecessarily draconian approach which ultimately only benefits the ad company that happens to make the software stack since they also benefit from restricting what software users can run. Hypothetically, they might be interested in making it impossible to modify video players to skip ads. |
| |
| ▲ | miki123211 a day ago | parent | next [-] | | I agree, but I think three extra conditions would need to be added here. 1. Devices should be allowed to display a different logo at boot time depending on whether the software is manufacturer-approved or not. That way, if somebody sells you an used device with a flashed firmware that steals all your financial data, you have a way to know. 2. Going from approved to unapproved firmware should result in a full device wipe, Chromebook style. Possibly with a three-day cooldown. Those aren't too much of an obstacle for a true tinkerer who knows what they're doing, but they make it harder to social engineer people into installing a firmware of the attackers' choosing. 3. Users should have the ability to opt themselves into cryptographic protection, either on the original or modified firmware, for anti-theft reasons. Otherwise, devices become extremely attractive to steal. | | |
| ▲ | xg15 a day ago | parent | next [-] | | > Devices should be allowed to display a different logo at boot time depending on whether the software is manufacturer-approved or not. Not sure how to phase this legally, but please also add a provision against manufacturers making the "custom firmware" logo hideously ugly on purpose to discourage rooting - like e.g.Microsoft did for Surface tablets. > 3. Users should have the ability to opt themselves into cryptographic protection, either on the original or modified firmware, for anti-theft reasons. Full agreement here. I very much would like to keep the bootloader locked - just to my own keys, not the OEMs. | | |
| ▲ | harvey9 a day ago | parent [-] | | Someone with the motivation to install custom firmware would consider the bootsplash aesthetic a deal breaker? | | |
| ▲ | AshamedCaptain a day ago | parent | next [-] | | Yes -- bootsplash showing "DANGER! YOUR SECURITY AT RISK! HACKERS CAN NOW STEAL YOUR GIRLFRIEND AND SHUFFLE YOUR PAIRS OF SOCKS!" in big bold red letters only because you enabled root to remove manufacturer malware (which if anything likely _increases_ your security) is a deal breaker, because it will frighten most users from doing it . | |
| ▲ | xg15 a day ago | parent | prev [-] | | If you want to promote alternative bootloaders or OSes for wider, nontechnical audiences (like LineageOS etc), then absolutely. I think it's a difference in mindset whether you view custom firmware as a grudging exception for techies (with the understanding that "normal" people should have a device under full control of their respective vendor), or whether you want an open OS ecosystem for everyone. |
|
| |
| ▲ | xg15 a day ago | parent | prev | next [-] | | > Devices should be allowed to display a different logo at boot time depending on whether the software is manufacturer-approved or not. Another thought on that point: Why of all things is manufacturer approval so important? We know manufacturers often don't work for - or even work against - the interests of their end users. Manufacturer approval is not an indicator for security - as evidenced by the OP article. If anything, we need independent third parties that can vet manufacturer and third party software and can attach their own cryptographic signatures as approval. | |
| ▲ | gmueckl a day ago | parent | prev [-] | | 4. Apps with special security needs are allowed to detect whether a device is unlocked and can either disable themselves or go into a mode that shifts ALL related liability onto the user. It's not the bank's fault if the user disabled protections and some spyware logs the online banking password or something like that. | | |
| ▲ | Zak a day ago | parent | next [-] | | I'm pretty sure I'm against this. I could be convinced otherwise by documentation of significant fraud involving compromised devices (especially Android phones) that would have been stopped by a device attestation scheme. I should note Google has such an attestation scheme, and there are reliable defeats for it in most situations given root access. Apps have been able to insist on hardware-backed attestation which has not been defeated for some time, but that isn't available for old devices. Almost none do so. If this had a meaningful impact on fraud, more apps would insist on the hardware-backed option, but that's quite rare. Even Google doesn't; I used Google Pay contactless with LineageOS and root this week. I'm currently convinced it's primarily a corporate power grab; non-Google-approved Android won't be a consumer success if it doesn't run your banking app, and the copyright lobby loves anything that helps DRM. | | |
| ▲ | ulrikrasmussen a day ago | parent [-] | | Also, online banking has been a thing for so long on PCs which never had that kind of remote attestation. I also do not believe the security argument, but I believe that the banks believe it. | | |
| ▲ | Zak a day ago | parent | next [-] | | I suspect the banks want to do checkbox-based compliance with regulators and insurers without any deep understanding of the underlying issues. | |
| ▲ | gmueckl a day ago | parent | prev [-] | | Online banking doesn't need remote attestation. Some additional locked down hardware with its own minimal display is enough. My banks force me to use devices like those made by Kobil or ReinerSCT. |
|
| |
| ▲ | ulrikrasmussen a day ago | parent | prev | next [-] | | My bank app refuses to work on LineageOS, but I can use the web interface just fine which has the exact same UI and functionality as the app. In both the native app and the web app I have to authorize any transactions using my national ID, which for me is a hardware token (the app for my national ID also refuses to run). Why is it somehow insecure to initiate this flow from a native app on LineageOS while it is not insecure to do the exact same via a browser on LineageOS? If the app can be compromised, so can the browser - the bank cannot trust all its browser based clients anyway. The web app has been running with this security model for decades on PCs, and it has been fine. The whole narrative about remote attestation being necessary to protect users is an evil lie in my opinion, but it is an effective lie which has convinced even knowledgeable IT professionals that taking away device ownership from users is somehow justified. | | |
| ▲ | gmueckl a day ago | parent [-] | | A hardware device that doesn't confirm transaction details on its own locked down display enables man in the middle attacks. I have to use such devices with my bank card when banking online. |
| |
| ▲ | mmh0000 a day ago | parent | prev | next [-] | | It is the banks fault if they allow non-reversible, weird or large transactions without a secondary authorization capability. The bank’s bad processes are not an end device fault. | |
| ▲ | xg15 a day ago | parent | prev | next [-] | | Yeah, nope. All apps have "special security needs" according to their manufacturers. Every app that relies on spying for revenue will use that to disable itself. (Or worse, actively malfunction - e.g. that banking app could switch into a special mode where it does transactions on its own that are not in the interest of the user. If the user has accepted all liability, there isn't much they could do against that) I'm alright with limiting liability for an unlocked/customized phone (for things that happen from that phone) - but that's a legal/contractual thing. For that to work, it's enough for a judge to understand that the phone was customized at that time - it doesn't require the app to know. | |
| ▲ | Dylan16807 a day ago | parent | prev [-] | | Screw that. I want nearly the opposite. I don't really own my device if apps will look at my ownership flag and refuse to run. We can talk about the consequences of spyware but definitely not a total liability shift. Also preventing root doesn't prevent spyware. |
|
| |
| ▲ | Sophira a day ago | parent | prev | next [-] | | While I agree in theory, this is never going to happen. There's too much DRM in use for it to work out. | | |
| ▲ | jimjimwii a day ago | parent | next [-] | | Repeal and outlaw drm. It was a mistake that violates everyone's constitutional rights. | | |
| ▲ | mmh0000 a day ago | parent [-] | | “constitutional rights” Words written on toilet paper. Only thing that exists today are “billionaire rights”. | | |
| ▲ | reactordev a day ago | parent | next [-] | | Exactly. DRM isn’t going anywhere so long as copyrights exist. | | |
| ▲ | xg15 a day ago | parent [-] | | Not even that. Companies are already lobbying massively for selective enforcement of copyright as to not harm the AI boom (immediate jail terms for individuals torrenting a movie, "it's a complex issue" for AI companies scraping the entire internet) But even the DRM that is already there often only uses copyright laws as suggestions. E.g. YouTube's takedown guidelines are defined through their TOS, not through the DMCA. |
| |
| ▲ | mensetmanusman a day ago | parent | prev [-] | | Are there billionaires in the room with us right now? |
|
| |
| ▲ | const_cast 19 hours ago | parent | prev | next [-] | | DRM can still stick around and be popular. For example, consider an Apple TV. They make the hardware and software, so it can be locked down under the provided rules. Or a console. We might consider devices which are used for streaming or movies to not be general purpose computation devices. Which, historically, they haven't been. Watching copyrighted stuff on general purpose computers is a very new phenomena, and it's still quite atypical IMO. | |
| ▲ | AshamedCaptain a day ago | parent | prev | next [-] | | What there are is many people utterly convinced that this brings some security to end-users. See the other messages in this thread. DRM is only a fraction of the problem. | |
| ▲ | al_borland a day ago | parent | prev [-] | | DRM is a barrier to legally protected purchasing digital media for me. I will buy an album from iTunes (no DRM), but I will not buy digital movies the same way. |
| |
| ▲ | akoboldfrying a day ago | parent | prev [-] | | > any such device is disallowed to put cryptographic or other restrictions on what software the user wants to execute Won't this also forbid virus scanners that quarantine files? > This pertains to all programmable components on the device, including low-level hardware controllers. I don't think it's reasonable to expect any manufacturer to uphold a warranty if making unlimited changes to the system is permitted. | | |
| ▲ | fc417fc802 a day ago | parent | next [-] | | It wouldn't forbid shipping the device with a virus scanner. It would only forbid refusing the user control over what software does and does not run. There might be a couple messy edge cases if applied at the software level but I think it would work well. Applied at the hardware level it would be very clear cut. It would simply outlaw technical measures taken to prevent the user from installing an arbitrary OS on the device. Regarding warranties, what's so difficult about flashing a stock image to a device being serviced? At least in the US wasn't this already settled long ago by Magnuson-Moss? https://en.wikipedia.org/wiki/Magnuson%E2%80%93Moss_Warranty... | | |
| ▲ | akoboldfrying 16 hours ago | parent [-] | | > what's so difficult about flashing a stock image to a device being serviced? Yes, I think that would cover most cases if we take it to its logical conclusion of wiping all device state (hard disk). OTOH, a few points: 1. I would accept the need to wipe the hard disk if I had messed with firmware or the OS, but not if a couple of keys on the keyboard had stopped working. This implies that (for me at least) a meaningful distinction remains between these two "levels" of warranty service. Do you agree? 2. Activities like overclocking or overvolting a CPU have the potential to cause lasting damage that can't be reversed by re-flashing. Under the policy you're suggesting, it would be illegal for manufacturers to offer users the option "You can pull this pin low to overclock outside the supported range, but you will void the warranty by doing so", and too expensive for them to endlessly replace parts damaged by these activities for free under warranty, so that consumer option, rare as it already is, would go away completely. 3. I still think there may be some devices that are impractical to completely re-flash. According to this 2021 Porsche article [0], modern cars contain 70-100 ECUs (microcontrollers), each of which will have its own flash/EEPROM. [0]: https://medium.com/next-level-german-engineering/porsche-fut... |
| |
| ▲ | afeuerstein a day ago | parent | prev | next [-] | | > Won't this also forbid virus scanners that quarantine files? Yes. If I really _want_ to execute malware on my device, I should be allowed to do so by disabling the antivirus or disregarding a warning. > I don't think it's reasonable to expect any manufacturer to uphold a warranty if making unlimited changes to the system is permitted It is very reasonable and already the rule of law in "sane" jurisdictions, that manufacturer and mandated warranties are not touched by unrelated, reversable modifications to both hard- and software. | | |
| ▲ | akoboldfrying 16 hours ago | parent [-] | | > Yes. If I really _want_ to execute malware on my device, I should be allowed to do so by disabling the antivirus or disregarding a warning. I agree. > already the rule of law in "sane" jurisdictions, that manufacturer and mandated warranties are not touched by unrelated, reversable modifications to both hard- and software. Do you have any examples of such jurisdictions? I think whether this is reasonable turns on how "reversible" is interpreted. If it means "reversible to factory settings", including wiping all built-in storage media, then it seems reasonable to me that manufacturers should support this (possibly modulo some extreme cases like cars that have dozens of CPUs). But I would not be happy with having my hard disk wiped if I sent in my laptop for repairs because a couple of keys stopped working, which tells me that (to me) there remain at least two classes of "problem that should be fixed for free under warranty by the manufacturer". |
| |
| ▲ | encom a day ago | parent | prev [-] | | >virus scanners You can (and should, imho) remove anti-virus software. |
|
|
|
| ▲ | perching_aix 2 days ago | parent | prev | next [-] |
| Didn't we backslide hard enough at this point that it is now architecturally ensured that there is a security downside to rooting? Prevents verified boot for example, since the attestation is tied to said corporations, and not you. |
| |
| ▲ | fc417fc802 a day ago | parent | next [-] | | AFAIK that's true for many vendors but for example Pixels (and IIRC also OnePlus at least a few years ago) you can relock the bootloader with other keys. The crazy thing is that on all the devices I've had AVB is implemented on top of secureboot. Being able to set your own secureboot keys is bog standard on corporate laptops. The entire situation makes absolutely no sense. Also for the record I think it's a silly attack vector for the average person to worry about. A normal person does not have secret agents attempting to flash malicious images to his phone while he's in the shower. | | |
| ▲ | acdha a day ago | parent | next [-] | | > A normal person does not have secret agents attempting to flash malicious images to his phone while he's in the shower. No, but millions of women have controlling partners or friends who betray their trust and, for example, many people going through U.S. Customs are being asked to surrender control of their devices so they can be used without their knowledge. There’s a well-funded malware industry with a lot of customers now. | |
| ▲ | perching_aix a day ago | parent | prev [-] | | > AFAIK that's true for many vendors but for example [on] Pixels you can relock the bootloader with other keys Oh that's pretty cool, wasn't aware. > The crazy thing is that on all the devices I've had AVB is implemented on top of secureboot. Being able to set your own secureboot keys is bog standard on corporate laptops. The entire situation makes absolutely no sense. Hold on, could you elaborate a bit on this? I thought it was an either/or type deal cause they do the same thing. | | |
| ▲ | fc417fc802 a day ago | parent [-] | | Many devices if you load up fastboot mode (is that the right name?) it will give you chipset and other information and it will have secureboot info there. It's permanently locked to chain into the AVB image. AVB is a much more complicated beast that specifies the existence of multiple partitions including (IIRC) one for storing authorized keys, one for the recovery, and a bunch of other stuff. It's possible this has changed or was never widespread in the first place. I have a very limited (and historic) sample size. |
|
| |
| ▲ | franga2000 a day ago | parent | prev | next [-] | | Not having verified boot is not a security downside for most people. Unless your threat model includes the evil maid attack, which it doesn't for thr vaaaaaast majority of people, verified boot is just another DRM anti-feature. | | |
| ▲ | ignoramous a day ago | parent [-] | | Verified Boot isn't merely to thwart Evil Maids, but by and large provide what's known as "Trusted Computing Base". And yes, given the proliferation of smartphones and the nature of sensitive applications built on top, most people, even if they don't realise it, need it. | | |
| ▲ | userbinator a day ago | parent [-] | | but by and large provide what's known as "Trusted Computing Base". In other words, DRM. https://en.wikipedia.org/wiki/Trusted_Computing#Criticism (I knew from the beginning that this was known as the Palladium project, and until recently, a search for "Palladium TCG" would find plenty of information about that history, yet now references to that group and its origins in DRM have seemingly disappeared from Google. Make of that what you will...) | | |
| ▲ | cam_l a day ago | parent | next [-] | | Are you saying that someone is using yugiyoh trading cards to cover up incriminating historical details of Microsoft's long term plan to purge general purpose computing from the world? https://www.tcgplayer.com/product/593140/yugioh-quarter-cent... Bizarre, I did find it on bing though.. https://www.cl.cam.ac.uk/archive/rja14/tcpa-faq-1.0.html | |
| ▲ | perching_aix a day ago | parent | prev [-] | | This should not be a surprise. Mechanistically enforced trust (like in trusted computing), and even better, mechanistically assured trust (like in verifiable computing), will be relied upon by anyone seeking trust. This means both consumers and producers, and anyone else in-between. If I want my device to be secure, I want this trust. If I want to sell a copy of my virtual asset to only be used in ways I approve of, I want this trust. You can't have only one of these at the same time, either your device can provide this trust or it cannot. That's not the battle in my view. The battle is to implement this appropriately, such that e.g. if we're representing access control, identity, and ownership, then that representation should match reality. So if I'm said to own a device, the device can and will attest so, and behave accordingly. It's just that instead of that, I'm always somehow just being loaned these things, only have some specified amount of control over these things, and am just a temporary user somehow. That's the issue. And that these systems are not reimplementable, and as such entitlements do not carry around. |
|
|
| |
| ▲ | torginus a day ago | parent | prev [-] | | I don't follow the reasoning behind this - even in a verified boot scenario you can just choose to not load the offending kernel module without compromising security. |
|
|
| ▲ | Incipient a day ago | parent | prev | next [-] |
| I'm pretty sure the recent switch 2 "license to use the hardware" has entirely killed any notion that you actually own the hardware and are free to do anything with it. Especially in Africa, where privacy and consumer rights are probably less relevant than the US/EU. |
| |
| ▲ | hilbert42 a day ago | parent [-] | | ""license to use the hardware"…." Well, then it's high time the laws of ownership in just about evey country in the world were updated. As it stands, if I buy something then I own it. | | |
| ▲ | makeitdouble a day ago | parent [-] | | > if I buy something then I own it. That's the point: you can't buy it, only license. | | |
| ▲ | hilbert42 a day ago | parent [-] | | I've never had to license hardware I've bought, only software. There's no way I do so. | | |
| ▲ | makeitdouble a day ago | parent [-] | | I'm not saying it's a good thing. But we shouldn't hide from the fact that door has been opened and I see no practical reason we won't see more of it. The minute Apple sees a clear path to get away with it, iPhone will essentially become licensed devices. Then other phone makers will jump through the opening, at some point it becomes the standard, and we'll laugh at the "voting with your wallet" joke again. > software We're already full in licensing books, as truly the most pragmatic choice. Amazon opened the door, and many other ebook stores have jumped on the bandwagon. | | |
| ▲ | hilbert42 a day ago | parent [-] | | This can end in several ways, users and third-party repairers will reverse-engineer phones encryption notwithstanding—simply remove the 'offending' chips and replace tbem with open tech. To say it's unlawful is moot. Apple may have jurisdiction in the US but not across the globe, there are plenty of places I can think of to send an iPhone to have it fixed the way I want (and I'd do so the moment that market is established). There's no way Apple can police what people do with their hardware once it's in their hands, it's fanciful to think otherwise. Open hardware is on the move, eventually considerably cheaper open products will become popular just on price alone. Competition will then be fierce, Apple will have to change its policies if changes to laws don't beat them to it. Remember also the US isn't the whole world, so those changes are likely to be enacted first outside the US. If Apple wants to sell there then it'll have to comply with those laws just as it did with USB-C in Europe. Also keep in mind Apple, Google, Microsoft etc. have become the richest and fastest growing corporations in human history—they even beat out the previous contenders the Dutch and British East India Companies of the 17th and 18th Centuries. These corporations became so rich so quickly because of a confluence of circumstances—the new tech paradigm of the personal computer, the wow factor that took the world by storm and a compete lack of regulations worldwide. Without regulations to keep these corporations in check they simply ran amuck. That's now over. Yes, it will be some while before they're brought to heel but they'll never get such a straight run again. Apple is on top now but let's see where it'll be in 20 years. |
|
|
|
|
|
|
| ▲ | npteljes a day ago | parent | prev | next [-] |
| The current legal reality might be corporate propaganda, but not exclusively corporate propaganda, it's the current legal reality as well. "root access voids warranties" is a fact in many jurisdictions, regardless of how it came to be. Hence, it's not as much parroting propaganda, as in furthering a cause, but just stating it how it is. |
|
| ▲ | jrflowers 2 days ago | parent | prev | next [-] |
| This is a good point. While there is nothing factually incorrect in the statement “rooting your phone can void your warranty and pose a security risk”, if you imagine factual statements are the same thing as value judgments it becomes very problematic. Similarly it is pretty messed up when people say stuff like “fire can burn you if you aren’t careful” because so many people rely on fire for food and warmth. |
| |
| ▲ | fc417fc802 a day ago | parent | next [-] | | Having your vehicle serviced by someone other than the dealer could void your warranty and poses a safety risk. Cooking animal products at home poses a health risk. You should be sure to only ever consume animal products prepared by a duly licensed establishment. The chauffeur's union would like to take this opportunity to remind you that amateurs operating their own motor vehicles risk serious injury and even death. The FSD alliance would like to point out that hiring a licensed chauffeur also poses a non-negligible risk. Should you choose to make use of a personal vehicle it is strongly recommended that you select one certified by the FSD alliance. Failure to do so could potentially impact your health insurance premium. | | |
| ▲ | theluketaylor a day ago | parent | next [-] | | > Having your vehicle serviced by someone other than the dealer could void your warranty and poses a safety risk Good tongue in cheek post, but in the US Magnuson-Moss prohibits warranty claim denials merely on the basis of non-OEM parts and service. It also puts the burden on the manufacturer to demonstrate the defect or failure was the direct result of the non-OEM part. Other jurisdictions have similar laws on the books. Right to repair already exists in certain aspects and needs to be expanded (and enforced. Tons of those ‘will void warranty’ stickers are lies and you have legal rights to poke around) | |
| ▲ | jrflowers a day ago | parent | prev [-] | | You make an interesting point here. While “rooting your phone can void your warranty and pose a security risk“ may be a factually true statement, we must also consider some entirely unrelated and possibly untrue statements that could be theoretically uttered in another reality. We can get so bogged down with “things that are real” and “exist in this universe” that we completely fail to focus on the vital stuff like “Bigfoot is circumcised” and “Who did it?” and “Why?” | | |
| ▲ | fc417fc802 a day ago | parent [-] | | On the contrary. My statements bear equivalent accuracy to yours in our current reality. My statements are also very obviously FUD. So is yours. Or do you dispute that you could be hospitalized for salmonella if you botch cooking poultry at home? Or perhaps you feel that there is no straightforward way to inadvertently endanger your life by servicing your vehicle incorrectly? | | |
| ▲ | jrflowers a day ago | parent [-] | | Interesting. While there is no such thing as a chauffeurs union or an FSD alliance, if we say that they exist maybe they do. Similarly, if you say something is “FUD” then maybe it becomes that. I genuinely do not understand the last two sentences. Are you pro- or anti- “telling people that salmonella exists” ? Is saying “salmonella exists and can be a problem” FUD or what? Do you think salmonella isn’t real | | |
| ▲ | fc417fc802 a day ago | parent [-] | | Yes, the final two were tongue in cheek but follow the same pattern and thus serve to illustrate the point being made. You don't seem to be engaging in good faith. > Is saying “salmonella exists and can be a problem” FUD or what? Obviously that depends on context. If a bunch of restaurants form a PAC and start lobbying with that message to restrict the sale of animal products at the grocery store then it is. If the FDA mentions it on a page about basic food handling safety then it probably isn't (depending on the surrounding text ofc). Rooting your device is a security risk the same way that servicing your own car is a safety risk. When I hear "security risk" or "safety risk" I'm expecting something that's inherently dangerous like wingsuit jumping or cave diving. I'm not expecting something that should only ever fail if I don't exercise due diligence. This difference in perceived meaning is being exploited by those spreading the message similar to when Coca-Cola got sued for a label that implied pomegranate juice when the bottle contained only 0.3 percent. When device vendors lock end users out of their own devices and then aggressively spread such a message to justify doing so it qualifies as FUD or propaganda. A vested interest has disenfranchised people as part of a long term strategy to enrich themselves and is attempting to manipulate the public narrative regarding their actions. | | |
| ▲ | jrflowers 8 hours ago | parent [-] | | > You don't seem to be engaging in good faith. You posted actual nonsense and then declined to say if you are for or against telling people that salmonella is real. Anyway, in good faith > Obviously that depends on context. This makes sense. Context matters, and it is important to imagine some when it is missing. For example, in this exchange you saw a stranger on the internet post “rooting your phone can void your warranty and pose a security risk” and, in a vacuum of any relevant information, pictured a world where they work at Samsung in their Awful Spyware Division and started posting from that premise. Or just saying it at all FUDs up the vibe and ruins the context? The point you are making is either that it is important to invent context if you feel FUD, or that the wrong context for certain correct information is “the context wherein it is shared”. Can you clarify which is it? Either we agree that rooting your phone can void your warranty and pose a security risk and you just sort of imagine me working for a terrible company, or We both agree that rooting your phone can void your warranty and pose a security risk but you and I are the only people that should know that. Any context where this fact that we agree about could be shared is made inappropriate by its inclusion. Like are we dealing with hallucinations or are we dealing with Untouchable Facts |
|
|
|
|
| |
| ▲ | franga2000 a day ago | parent | prev [-] | | In fact there is a lot factually incorrect. For starters, in most places, warranty is a legal requirement and the manufacturer isn't allowed to void it for whatever reason they want. If my phone's battery starts getting really hot in normal use, or I start getting dead pixels on my screen or whatever else, the fact I have a custom OS on my phone isn't relevant to the warranty claim any more than having it in a case or putting some stickers on it. Yes, it'll make claiming it more difficult, but that doesn't mean it's void, just that you'll have to fight through a few more tiers of support agents to get it fixed. More importantly, rooting is only a security risk in the sense that it increases the attack surface for exploits. The same can be said for any other system-level software. Like if you buy an Nvidia graphics card in your computer and that loads its kernel driver, malware now has one more place to exploit. Are Nvidia graphics cards a security risk? We've come an incredibly long way from just dropping /xbin/su and calling it a day. Modern (as in the last 10 years) root solutions have caller checks based on a user-defined whitelist and really modern implementations use kernel-level checks to make sure the app wanting root access is allowed to get it. The only way this can be dangerous is if one of those apps or the root solution itself has a code execution exploit. But again, the same can be said for the plethora of system-level bloatware vendors install these days. | | |
| ▲ | jrflowers a day ago | parent [-] | | >For starters, in most places, warranty is a legal requirement and the manufacturer isn't allowed to void it for whatever reason they want. This only makes the statement untrue if you use “can” and “will” interchangeably. >More importantly, rooting is only a security risk in the sense that it increases the attack surface for exploits. This is a good point. What even is “attack surface” anyway? Does anybody actually consider it when “evaluating security posture”? If I simply choose not to care about attack surface because I don’t want to, then doesn’t it simply become a factual nonissue? There are no answers to these questions |
|
|
|
| ▲ | menzoic a day ago | parent | prev | next [-] |
| How is the security risk propaganda? |
| |
| ▲ | msgodel a day ago | parent | next [-] | | If your security model means me having access to my own hardware is a security risk you're malicious and your security model is bad. | |
| ▲ | flotzam a day ago | parent | prev | next [-] | | It's not (only) propaganda. Rooting disables or bypasses verified boot, allowing exploits to persist across a reboot. | | |
| ▲ | franga2000 a day ago | parent | next [-] | | Malware van persist across reboots regardless of verified boot. What it can't do is persist through a factory reset. But if you really want a thorough reset, simply re-lock the bootloader and flash stock firmware from there. Nothing can persist through that without an exploit in the verification chain and if you have that kind of exploit, you don't need the bootloader to be unlocked in the first place. Also, there are devices out there that let you enroll your own keys, like the Google Pixel series. | | |
| ▲ | flotzam a day ago | parent [-] | | > Malware [c]an persist across reboots regardless of verified boot. Some can, some can't. Even when it can persist, escalating to root after every reboot may be unreliable or noisy (e.g. 70% chance of success, 30% crash) compared to straight persistence as root without verified boot. > Also, there are devices out there that let you enroll your own keys, like the Google Pixel series. This still applies to those devices. It's the main reason GrapheneOS (which exclusively runs on Pixels, with the bootloader relocked to a GrapheneOS key) is opposed to building in root access: Verified boot would be "enabled", but effectively bypassed. https://xcancel.com/GrapheneOS/status/1730435135714050560 |
| |
| ▲ | a day ago | parent | prev [-] | | [deleted] |
| |
| ▲ | ahoka a day ago | parent | prev [-] | | It's the hardware vendor's "think of the children". |
|
|
| ▲ | bongodongobob 2 days ago | parent | prev | next [-] |
| [flagged] |
| |
| ▲ | potamic 2 days ago | parent [-] | | You can default to a hardened, secure setup but provide an option to override to those who want to. I don't think anyone is against secure defaults, but many people have a problem with designs that say you must not even have an option to override. | | |
| ▲ | burnt-resistor 2 days ago | parent | next [-] | | It creates a Hobson's choice of no tinkering and less malware, or tinkering and greater risks from malware. There should be a "maintenance mode", but the onus of responsibility for breakage should be on the user for system update compatibility without the user being held hostage. This is a false choice and ostensible customizability. If the manufacturer wants to add an "OS warranty void sticker" flag because things maybe broken from tweaking, that's cool, but leaving the user less secure as punishment is wrong. | | |
| ▲ | sprinkly-dust a day ago | parent | next [-] | | It is my experience that this is what Google does with their Pixel phones. It is really quite simple to unlock the bootloader and do whatever you want on a Google Pixel you own (i.e unlocked, no carrier). They even give you this really handy Android flash tool which uses WebUSB to fully restore your device when you mess up. Heck, custom ROMs like GrapheneOS and CalyxOS are even able to sign their own images and allow you to lock the bootloader with a non Google OS. However, all this comes with the caveat that SafetyNet will flay you alive. The cat and mouse game with Magisk and other methods to maintain root undetected is moot when I've used apps these days that make a fuss when you have developer settings enabled. To be honest, that seems acceptable to me, I can do what I want with my device, software vendors like banks and the like have a say in how I choose to access their more convenient services. I can play nice with them if I want, even using a second phone perhaps, but I have a choice. | | |
| ▲ | burnt-resistor a day ago | parent | next [-] | | Nice. I wish Pixels (and recent iPhones Pros) were more repairable. Pixels are the least repairable phone around, so don't drop it at least not without a rugged case. ;) | |
| ▲ | encom a day ago | parent | prev [-] | | >banks and the like have a say in how I choose to access their more convenient services I disagree. I don't understand how it's fine that I can access my banking services with my Gentoo machine, with everything compiled from source by myself, but it's somehow a problem when I'm not using either Apple or Google certified OS on my phone. I'm sure they want to prevent the first scenario, like various streaming cartels already do, but I hope something like EU throws a fit if they do. | | |
| ▲ | keyringlight a day ago | parent [-] | | What kind of actions can gentoo do with your financial accounts, and what levels of user authentication does it use to do it? My phone can effectively act as a bank card with contactless payment or I can transfer up to a daily allowance (that would be painful to me if it was misused) of thousands with biometric auth. Similar to the OS if you're doing that with any browser with a web login you could potentially compile it to behave how you like or lie about what it's doing Because it's a bank there's going to be insurance behind the scenes to cover them if something goes wrong, and I assume part of that is ticking off enough points to be confident a transaction is secure or different payment limits on confidence levels. |
|
| |
| ▲ | JumpCrisscross a day ago | parent | prev [-] | | > There should be a "maintenance mode", but the onus of responsibility for breakage should be on the user for system update compatibility without the user being held hostage Isn’t this just a second device? How can you hold a manufacturer liable if the user was given unsupervised time as root? | | |
| ▲ | hilbert42 a day ago | parent [-] | | "How can you hold a manufacturer liable if the user was given unsupervised time as root?" PCs had root access by default, so why wasn't it a significant problem for them? Banking is possible on a PC without a banking app. As Noam Chomsky has said, as in politics, manufacturers and OS vendors such as Google and Microsoft have been deliberately "manufacturing concent" — a widespread belief in the population of users that benefits them to the disadvantage of many of said users. | | |
| ▲ | burnt-resistor a day ago | parent | next [-] | | Manufactured consent requires media complicity to achieve acceptance of Hobson's choice Accept or Don't Use EULAs and corporate, technofeudal non-ownership and the "shame" of specialized knowledge, tinkering, and modifying things. Nerds were frowned upon until electronics and software people became billionaires in the 80's, and technical vocations are still frowned upon in socially most of America. PS: While he maybe in effectively hospice now, at least he outlived Kissinger. | | |
| ▲ | hilbert42 a day ago | parent [-] | | "Manufactured consent requires media complicity to achieve acceptance of Hobson's choice Accept or Don't" Right, I've never fully understood why the media was (and still is) so complicit. There's a long history of the media, especially the tech media, mags etc. ass-licking the likes of Microsoft, Google et al. It's been horrible sight to watch over the decades. Perhaps it's because of kickbacks, fear of exclusion from events, press releases, or handouts—free software etc., or that many had/have shares in such entities—or the belief that those who run such entities are only one step removed from the gods—hero worshiping. We users would now be in a damn side better prosition if the media had done its job professionally. "technical vocations are still frowned upon in socially most of America." Right again, and America is not the only place, such thought is endemic across the anglosphere. |
| |
| ▲ | JumpCrisscross a day ago | parent | prev [-] | | > PCs had root access by default, so why wasn't it a significant problem for them? They weren't networked. They were notoriously buggy. And most importantly, they weren't warrantied [1]. Root should always be an option. But once you root, it's fair for the warranty to be voided. > OS vendors such as Google and Microsoft have been deliberately "manufacturing concent" Nitpick, the propaganda model [2] attempts to describe traditional mass media. Two of its five pillars (ownership and sourcing) fall apart in a world with smartphones and social media. [1] https://www.studocu.com/ph/document/university-of-rizal-syst... [2] https://en.wikipedia.org/wiki/Propaganda_model#Criticism | | |
| ▲ | burnt-resistor a day ago | parent | next [-] | | My PCs were homebuilt and networked in 1994. All warranties void, except the hardware. Windows 3.1 and Netscape over 28.8 sucked, but it worked. | |
| ▲ | hilbert42 a day ago | parent | prev [-] | | Uh? My PCs and corporate PCs I've been responsible for are networked including the internet (they always have been). Moreover, they were warranted with no conditions about what software was run on them. Where on earth did you get that notion from? Just because some vendor [your links] has conned the unfortunate client into an unacceptable contract doesn't mean it's commonplace or ever was. | | |
| ▲ | JumpCrisscross a day ago | parent [-] | | > Were on earth did you get that notion from? Literally cited the source. > My PCs and corporate PCs I've been responsible for were networked including the internet These came later, in the mid 90s. If you have a source for any PC having been "warranted with no conditions about what software was run on them," I'd love to see it. Practically every warranty for PCs voided if you e.g. overclocked the CPU. And almost all PC warranties were limited warranties, not the no-questions-asked up-to accidental-damage common today. | | |
| ▲ | hilbert42 a day ago | parent [-] | | Deliberate abuse and misuse of a product is not covered under any normal warranty, and overclocking the CPU could fall into that category depending on the specific warranty (some CPUs could not be overclocked for that reason so it was irrelevant). User software is another matter altogether. Users could always install whatever they wanted. It seems you are not old enough to remember that the PC was originally designed to be modular and flexible and that applied to both the hardware and software. The whole raison d'être from the S-100 bus of the 1970s and the IBM PC† of the '80 was to provide users with a computer system that was flexible and that users could adjust and alter to suit their needs. This meant that users were actually required to alter the configurations of their PCs. No one would have questioned such action, it was considered completely normal. Moreover, warranties took this into account and it was a normal procedure to add RAM, disk drives and video cards etc. without voiding the warranty. What's more, one could even upgrade the CPU (and if necessary its clock speed) and the rest of the hardware would still remain in warranty—that's why CPUs until recently were 'socketed' and not soldered into place. Of course, the third-party CPU wouldn't be warranted—not on the PC's warranty anyway. What you are referring to is a sleight-of-hand by some sleazy ratbag manufacturers to change the PC from an open system and make it proprietary. Any system administrator or corporate buyer (at least until recently) would have objected to any clauses in the warranty that would have forbidden modifying equipment as mentioned. I know, I was head of a government IT department for years and contacts that included such punitive warranties would never have been awarded—they would never have passed my desk. Not that I ever saw any mind you. (BTW, there some were warranty claims, altering the equipment was a non issue.) What we are seeing now (and this whole discussion) is about reclaiming the open nature of the PC—and our computing equipment in general, our phones, etc. Fortunately, the Right to Repair movement and the Right of Ownership—people like Louis Rossmann and iFixit—are beginning to make inroads into keeping these sleazy carpetbaggers in check. As we've seen Right to Repair laws are getting enacted. † The original IBM PCs had full service manuals that included electronic circuit diagrams and even the BIOS source code! To suggest we weren't meant to alter things is sheer nonsense. (I still have my copies of these manuals.) | | |
| ▲ | JumpCrisscross a day ago | parent [-] | | > warranties took this into account and it was a normal procedure to add RAM, disk drives and video cards etc. without voiding the warranty Again, very limited warranties that only covered manufacturing defects. Not the warranties integrated products have today. In most cases, a manufacturing-defect warranty is not voided by rooting your device. (It may become more difficult to prove it’s a manufacturing defect, however. The law varies state to state.) What fundamentally changed is warranties expanded as products became more integrated and the market expanded beyond power users. You cannot provide accidental-damage insurance for a user adjusting their BIOS. | | |
| ▲ | hilbert42 3 hours ago | parent [-] | | "You cannot provide accidental-damage insurance for a user adjusting their BIOS." Rightly so because adjusting the BIOS won't cause harm! PS: if you are referring to damage caused by oveclocking (if perchance it's available in the BIOS), then this is a user-accessible feature. As such, it'd be covered under warranty. If a manufacturer played hardball and tried to dishonor the warranty then they wouldn't stand a chance against most consumer legislation in most parts of the world. They'd be toast where I am, not only would they have to honor the warranty but they'd be fined in the process. Perhaps you're in a part of the US where consumer legislation is essentially nonexistent then things might be different. (The US is known worldwide for having the worst consumer legislation in the Western world.) |
|
|
|
|
|
|
|
| |
| ▲ | bongodongobob 2 days ago | parent | prev [-] | | Yeah, that's rooting your phone. It should be a little difficult. You can do it. And it's good that most people don't. | | |
| ▲ | gyello 2 days ago | parent [-] | | The problem is not that rooting is difficult, it's that in most cases now it permanently renders parts of the phone inoperable or makes it impossible to use contactless payments or any banking apps or content streaming apps etc. These additional restrictions are not there for security despite what we are told. | | |
| ▲ | WarOnPrivacy 2 days ago | parent | next [-] | | > it's that in most cases now it permanently renders parts of the phone inoperable or makes it impossible to use contactless payments or any banking apps or content streaming apps etc. I've had to cloak the rooted state from an app or two or they'd choose to withhold functionality. That was a couple of phones ago. I've not had trouble with banking, payments, etc since. | |
| ▲ | miki123211 a day ago | parent | prev [-] | | They're for the bank's (and other customers') security, not yours. I think they're supposed to prevent people from reverse-engineering banking app APIs and writing bots that perform millions of requests per second, trying to brute force their way into peoples' accounts. As an extra protection, SafetyNet also makes it harder to distribute apps that repackage your genuine banking app, but with an extra trojan added. | | |
| ▲ | potamic a day ago | parent [-] | | Every bank of repute also has a web portal for internet banking. If it were about security, leaving this open while closing the mobile route doesn't make sense. The web is also vulnerable to scammers hosting trojan websites but somehow that doesn't seem to be a big problem. If a bank (or any entity for that matter) needs to control the client in order to make their systems secure, then it's bad security. The system must be secure despite the client. |
|
|
|
|
|
|
| ▲ | abtinf 2 days ago | parent | prev | next [-] |
| [flagged] |
| |
| ▲ | akdev1l 2 days ago | parent | next [-] | | > Seriously, you never had to provide tech support to a parent, relative, or friend whose computer got totally fucked because they had root? Literally 0 here, have you really? Like I literally do not know anyone who is even using Linux to begin with but also people do have “root” in their Windows and MacOS systems. I do not see anyone destroying their computers at random. Also to steal someone’s information you don’t need root access or any administrative access - if you already tricked the user into running your code then you can steal their passwords or whatever, all of that is user-level data. | | |
| ▲ | microtherion 18 hours ago | parent [-] | | I can only speak to the Mac situation, but most people there would not have "root" in the traditional sense: * Pedantically speaking, you can not even log in as root, any root level access would have to go through sudo (which is indeed enabled for most users). * But additionally, even as root, Macs by default have System Integrity Protection enabled, which makes most system files non-modifiable. Users still have full control in that they CAN disable System Integrity Protection, but that involves a reboot and some (documented) command line commands, so most users don't bother doing that. |
| |
| ▲ | WarOnPrivacy 2 days ago | parent | prev | next [-] | | > Seriously, you never had to provide tech support to a parent, relative, or friend whose computer got totally fraked because they had root? I accept this metric. It means non-rooted devices are unsafe. I'm career IT support. In the entire age of smartphones, 100% of the malware/crapware I've seen was on non-rooted devices - most of it pushed on users by manufacturers, carriers and OS devs. | | |
| ▲ | user_7832 a day ago | parent | next [-] | | > I'm career IT support. In the entire age of smartphones, 100% of the malware/crapware I've seen was on non-rooted devices - most of it pushed on users by manufacturers, carriers and OS devs. To add on, almost all the money people I know who have lost to scams have been through non-rooted devices. Sending an OTP or making a bank transfer because "you're under police investigation" is cheerfully easy even without the user knowing what "root" is. Also see: the recent phish on Krebs (on security). A malicious email and entering a password to a webpage does not need root access, for better or worse. In fact, a rooted device might block your bank app, actually making money transfer scams tougher, ironically. | |
| ▲ | hilbert42 a day ago | parent | prev [-] | | "I accept this metric. It means non-rooted devices are unsafe." Same here. It's manufacturers and software vendors such as Google and Microsoft that we need to most guard against. Fully agree wirh your second paragraph, I've only seen viruses on non-rooted devices and I've never had a virus on any of the many rooted phones I've owned over the years. Sure there are viruses and they can be troublesome but when you look below the surface much of the hype about locking down one's devices comes from manufacturers and software vendors, Google, MS et al, who benefit financially from not allowing users to control what runs on their phones. It's not only phones, what Microsoft has done with TPM and Windows 11 and the deliberate obsoleting of millions of perfectly good PCs/forcing users to buy new hardware when it's unwarranted is simply outrageous. Microsoft ought to be sued for committing environmental vandalism. …And that's just for starters. |
| |
| ▲ | ulrikrasmussen 2 days ago | parent | prev | next [-] | | I cannot fathom how you can hold this position. It is such an authoritarian view to willingly give up control to let some higher power protect you, at the expense of having absolutely no way out of that higher power suddenly starts acting against your interests. Sure, when people are in control of their own lives they sometimes fuck up and get hurt, but that is absolutely not an excuse to take away their freedoms. | |
| ▲ | phito 2 days ago | parent | prev | next [-] | | ... What? You make no sense. Just let users that know what they are doing root their device while normies stay in userland. | | |
| ▲ | acdha a day ago | parent [-] | | The neat thing here is that we don’t have to make uninformed speculation about this, we can just look at how it worked in the past. Anyone who did family tech support in the 2000s knew that every family visit involved removing all of the malware their relatives had installed – ESPECIALLY the ones who “knew” what they are doing! – and it was even odds that you’d see stuff like that on computers at businesses, libraries, banks, etc. All you had to do was say it’d improve system performance, give them free coupons or porn, and they’d trip over themselves to install it. This is why iPads and ChromeOS devices became so popular because everyone who actually knows how to use a computer safely knows people who say they do but absolutely do not. It’s also important to learn how the modern abuse industry works. Since the 2000s, malware has grown into a multi-billion dollar highly professional industry used by governments around the world and the scammers have professionalized as well. You should look at some of the YouTube videos of scammers social engineering people into giving them remote access, approving bank MFA challenges, or talking them into making cryptocurrency purchases - and while we might sneer and say they’re uneducated or careless, most of them are distracted or old, just like most of us will be some day. If there’s a prompt, millions of people will approve it and if it means their device can no longer be trusted that’s a lot of money and e-waste. I don’t like any of this. I want to have root on every device because I grew up with unfettered PCs (first installed Linux .9 using a disk editor, etc. etc.) but the landscape has changed since then. We can’t pretend otherwise, but we could call for regulation to balance the interests of owners and device manufacturers just as we allow people to customize their cars without giving up the concept of safety or emissions testing. |
| |
| ▲ | StanislavPetrov 2 days ago | parent | prev | next [-] | | >You people don’t know or have forgotten what a god damn wasteland computers were 20 years ago. Computers were utopia 20 years ago as compared to today - especially when it comes to privacy, security and user-control. | | |
| ▲ | burnt-resistor 2 days ago | parent | next [-] | | 20 years ago (2003-2006), Welchia, Blaster, Code Red... Windows boxes that weren't patched were infected within about 35 ± 5 seconds when connected to lightly-filtered Internet when it was still a capitalized proper noun. Ask me how I know and used JScript and psexec to mass remote into LAN machines to try to stop some of the madness and downtime. | | |
| ▲ | throwanem 10 hours ago | parent [-] | | Oh boy, tell me about it. The first real job I ever had, the first thing I did as a "network engineer" was say "Wow, I've never seen Windows XP machines on the public Internet before. Uh, is it just me or are these all really slow? Like a lot slower than they should be? And what's all this in Task Manager?" 2004 was a different time. |
| |
| ▲ | throwanem 2 days ago | parent | prev [-] | | Spoken like someone who knew no one other than fellow practitioners in the field. My God, the 2000s were the Wild West in every kind of way - were you even there to see it? I note you do not say that you were. | | |
| ▲ | burnt-resistor 2 days ago | parent | next [-] | | That's fine if they weren't. Probably not cool to attack them personally though. | | | |
| ▲ | StanislavPetrov a day ago | parent | prev [-] | | I got started with my first computer as a child over 40 years ago. I'll take the Wild West over the Matrix any day. | | |
| ▲ | throwanem a day ago | parent [-] | | That's an interesting contrast, in that the Wild West is a halfway house for Civil War burnouts and the Matrix is a deliberately and expensively constructed and maintained, largely successfully hyperreal (in the original sense, ie so convincing that whether it's 'real' ceases to be either distinguishable or meaningful) simulacrum of what the Wachowskis were astute enough in its own historical moment to recognize as the highwater mark of American hegemony. Oh, the Matrix is also parasitic, certainly; before it was smoothed over for mass appeal it was I think a story much more obviously inspired by They Live, the central conceit being that the system both runs on and exploits human neural cognitive capacity, ie the brains are the thing being farmed as components of the Machines' own computers, with the rest of the human (including consciousness and experience!) basically tolerated as the best available life support system for the 500 grams or so of brain tissue that's actually worth having. But a cow can live a long and happy life on a farm, be genuinely loved, and still end up as cutlets. Looking at it even from Daisy's end, how unjust can we honestly call that deal? For you and me, the gunslinger's life has a decided appeal, sure. If that and Buy-n-Large World are the only two options on the table - which so far they have been, though I agree the real answer is to add a better third - can we really say that, for everyone, the Matrix isn't the less worse of the two? |
|
|
| |
| ▲ | userbinator 2 days ago | parent | prev [-] | | There's something called "education", and by that I do not mean the propaganda that passes as such these days. Clearly you've drunk the Goog-Aid. |
|
|
| ▲ | throwaway290 2 days ago | parent | prev | next [-] |
| Stop parroting orthodox agenda without thinking of what it means. If everyone had root access it would be heaven for ransomware/spyware/malware operators. Having root access is not in the interest OR benefit of most regular users. Rooting your phone is a footgun for 99% of people who install random apps and will get hacked and have their life savings transferred or ransomed. For them the article does the right thing. For everyone else, like you or me, we will not care what this article says anyway. That's why what Samsung does is double bad. Noot rooting phone is good hygiene if your phone respects you. But if it comes with malware then thats a stab in the back. |
| |
| ▲ | callc 2 days ago | parent [-] | | > Having root access is not in the interest OR benefit of most regular users. What about desktop OSes for the last 40/50 years? Sure they aren’t the foam-padded locked down phone OSes, but isn’t this fear a case of leaving said padded room? | | |
| ▲ | throwaway290 2 days ago | parent [-] | | Computer usage and consequently threat landscape went through a crazy change from 40/50 years ago. Desktops are a minority of devices. If you take personal devices even more so. Most people in the world with a computer have just a pocket one. Especially in WANA countries discussed If you talk to regular non IT savvy people many of them don't bother and correctly assume that at some point it will "get a virus" or something. And it is fine for them because almost no one uses desktop for critical stuff like payment or finance. But majority do use phones for that. They jumped from cash straight to phones and now it's a lucrative attack vector. Edit to reply because throttled by downvotes: yea I'm in your boat, we live in a bubble. It's hard to believe. But now I'm using a payment system that literally has "get app" on its site and no other way to manage money or even sign up. And apps like that can be the only way for many people to get some sort of plastic card to pay cashless And I see how it happened. Many people have no personal desktop computers. Many payment vendors don't trust desktop computers because an ordinary person's windows machine is a malware breeder. So many people in the world depend on mobile security (especially underprivileged people). Anyone who wants them all to get fucked for own libertarian ideal of "hardware ownership" is basically a psychopath to me. Especially considering that he is literally free to root his device and not make it a problem for others. | | |
| ▲ | mumbisChungo a day ago | parent | next [-] | | >almost no one uses desktop for critical stuff like payment or finance. I'm not saying this is wrong (in fact I assume it is accurate), but relative to my life experience this is crazy to me. | | |
| ▲ | tokioyoyo a day ago | parent [-] | | Worked on some financial stuff before, and dashboards showed the opposite of your experience, if I’ll be honest. An average user is very different from us. | | |
| ▲ | devilbunny a day ago | parent [-] | | Financially savvy people are much more likely to have a desktop, I would think. Mu mother-in-law does not have a laptop or desktop. She barely uses her iPad. If it’s not on the phone, it might as well not exist. My father-in-law has a PC at work and a Mac laptop, but he uses them only for work - his casual internet use is entirely on the phone. My wife uses multiple iPads and her phone, but only uses a desktop at work or when working at home. Most people I know don’t actually own personal computers other than their phone or tablet. |
|
| |
| ▲ | jjav a day ago | parent | prev [-] | | > almost no one uses desktop for critical stuff like payment or finance What? This makes no sense. For something where security matters, using the desktop is the only rational choice. I never, ever, allow any sensitive information through the phone since it is not a trusted device. | | |
| ▲ | devilbunny a day ago | parent | next [-] | | And yet it is the truth. | |
| ▲ | throwaway290 a day ago | parent | prev [-] | | You are just another example why most people ranting on HN about the topic of rooting phones are out of touch. No offense. |
|
|
|
|
|
| ▲ | charcircuit 2 days ago | parent | prev | next [-] |
| Root access is an outdated security concept from the previous century. Trying to mandate such a concept is parroting UNIX propaganda. Users can be given control of devices without them having a "root" account. |
| |
| ▲ | WarOnPrivacy 2 days ago | parent | next [-] | | > Users can be given control of devices without them having a "root" account. Can be given control [by handset manufacturers] is an unfulfilled potential. And it will always be unfulfilled - because otherwise, users could protect themselves from manufacturers/providers foistware. Given their reality, users root. | |
| ▲ | Zak a day ago | parent | prev | next [-] | | I agree. I would love to have an "advanced permissions manager" that lets me specify that AccA can write to the /sys devices for the charge controller and AdAway can write to /etc/hosts, but not the reverse. That doesn't give me any less power than root, but does give those apps less power and limits the potential impact if one gets compromised. I think when most people say the device owner should be able to get root, they mean that the owner, rather than the manufacturer or OS vendor should have the final say in all cases, not that it has to literally work just like root on Unix. | |
| ▲ | mrusme 2 days ago | parent | prev | next [-] | | How? | | |
| ▲ | charcircuit a day ago | parent | next [-] | | By following the principle of least privilege. Like with apps the user should only have privileges for what they are allowed to control and nothing more. So if the user should have privilege to disable apps, then the settings app could expose a way for the user to do so. Yes, this is kind of approach of coming up with a design to security instead of going with the easy route of everything being allowed is harder to do and takes more time, but it leads to better security. | | |
| ▲ | tsegers a day ago | parent | next [-] | | I believe that the top-level comment you replied to is making the point that there should not be any authority that either allows or disallows what a user can do with the device they own. Purchasing a device should make one that authority, free to decide how much security to trade for how much privilege. | | |
| ▲ | charcircuit a day ago | parent [-] | | But really it's all about framing. For example on desktop computers it's not possible for people to create new instructions for their CPU to handle. At some layer there will be an API that user needs to use to interact with the device. As times goes on I think it's natural for that layer that users are expected to interact with their device with to become higher level. I believe the top level comment is framing this issue such that current phones don't have an API that matched how it worked for UNIX computers and that is a bad thing. The commenter is too focused on how things worked in the past and doesn't want to allow for things to change. |
| |
| ▲ | arendtio a day ago | parent | prev [-] | | Okay, and how am I going to give the user the right to wipe all software from the device and use a completely custom software? I mean, we all agree that such permissions are not required during everyday operations, but there should be a way for the consumer to have control over the software being used. And I mean all aspects of the software: firmware should be updatable, the OS should be replaceable, and the security concepts within the OS should be customizable by the user as well. I have no problem with hiding such functionality and requiring users to read the documentation to find out how it can be done, but it should still be possible. | | |
| ▲ | charcircuit a day ago | parent [-] | | Sure, but such a product requirement can be made to be legally required without legally requiring root access. |
|
| |
| ▲ | burnt-resistor 2 days ago | parent | prev [-] | | By having a "maintenance mode" that can be entered and left. | | |
| ▲ | peterbraden 2 days ago | parent [-] | | Maintenance mode == root | | |
| ▲ | burnt-resistor 2 days ago | parent [-] | | You're projecting your meaning of it, not mine. Not if it can't be undone in a way other than reinstalling everything. A mode that allows changing things with a temporary reduction of security system-wide and restoring them later, but putting all of the upgrade and support liability on the user without sacrificing functionality. Think VMware ESXi. If tech support wants to not support it, that's fine, but payments and such should still work. |
|
|
| |
| ▲ | realusername 2 days ago | parent | prev [-] | | Well maybe in theory but in practice they don't. How do I restrict or inspect what the Play Store is doing on my device at the moment without root? |
|
|
| ▲ | ozim a day ago | parent | prev | next [-] |
| My grandma should not have root on her phone and a lot of younger people as well. Making it easy to root phone makes it easy for scammers to ask people to unlock it. It should not void warranty if you unlock the phone. But security concerns are real. Mobile banking apps refuse to run on rooted phones. |
| |
| ▲ | poisonborz a day ago | parent | next [-] | | The same people can be scammed to give passwords, click links, perform any human action, so what's the difference besides giving up yet another freedom? | |
| ▲ | const_cast 18 hours ago | parent | prev [-] | | > My grandma should not have root on her phone and a lot of younger people as well. I would agree. > Making it easy to root phone makes it easy for scammers to ask people to unlock it. I would also agree, so then: don't make it easy. > Mobile banking apps refuse to run on rooted phones. ... but they do run on my web browser. On a computer using open-source software without even secure boot enabled. So, it seems to me this is a cop-out by said banks. They shouldn't require client-side absolute trust to run, and evidently they actually, practically, today, do not require that. It's simply a choice they made, presumably out of laziness or greed. |
|
|
| ▲ | smokel a day ago | parent | prev [-] |
| Even though you seem to have a lot of support on Hacker News, I don't think making root access a fundamental right is preferable. Historically, computers have not granted you access to everything. Most home computers used to have ROM cartridges, which could not be modified, at least not by an average user. Also, when using unrestricted operating systems, such as as MS-DOS, a simple virus could wipe all your hard work. In our current time, devices are connected to other machines, and the problem of security and privacy has increased dramatically. Unfortunately, we still don't have operating systems that are secure enough to be used by untrained persons. It makes perfect sense to lock down these devices. I basically see only two ways out: 1. Allow developers exclusive access to development systems, similar to how console development works. 2. Implement a secure operating system. It will take an extreme amount of effort to do the latter, and it might even be impossible to gradually absorb the mess of interfaces that people and companies expect to work. So that probably leaves us with the first option. Personally, I would love devices to be locked down more, so that the crazy threats from hackers will be less severe. But I would also love to keep developing software. Having to jump through some hoops is probably unavoidable. The situation could be compared to requiring a driver's license in order to safely drive on the shared infrastructure. As much as I agree with your sentiment to have freedom, it still seems somewhat overly optimistic to expect this to work in our complex society. |
| |
| ▲ | poisonborz a day ago | parent [-] | | Why? What is the reason root would be dangerous, if it's not the default? People can be scammed to activate it, but those same people can be scammed to click links and give passwords and personal data. Any action requiring root would need a warning and raise suspicion, or put behind an activation mechanism that's complex enough. Anything else and you lose freedom, and the whole ethos that enabled the advanced IT landscape of today. | | |
| ▲ | smokel a day ago | parent [-] | | Having root access implies that you can do all sorts of things: change files, install new software, new kernel modules, etc. Locking this down makes the attack surface for malicious parties much smaller. Many exploits start in user-space and then obtain root access to install rootkits. Of course you lose freedom, but that is exactly what is needed, because some people just cannot help themselves from exploiting that freedom. Unless someone figures out a way where we can safely share computing power and connections to real-life services (e.g. banking, having an identity, communication in general), I think there is no real alternative. Perhaps having separate internets for various purposes would be an option. Ond where we can socialize anonymously, but not trust each other, and one where it's pretty boring, but where you can safely buy goods using your paycheck. | | |
| ▲ | beeflet a day ago | parent [-] | | https://imgs.xkcd.com/comics/authorization.png >Unless someone figures out a way where we can safely share computing power and connections to real-life services (e.g. banking, having an identity, communication in general), I think there is no real alternative. I think the opposite is true. We don't have adequate sandboxing of userspace on most desktop OSes. If your malware has access to the victim's home directory and can phone home, they've been pwned for all intents and purposes. Root access would matter if userspace programs were well sandboxed. On OSes where this is true like android, you have terrible interoperability of userspace programs and it's impossible to get "real work" done. Not to mention that without root access, you are just relying on the corporation to manage your system for you, which isn't tenable for a democracy. You don't need all of this trusted computing stuff to have secure, private payments. Chaumian ecash and cryptocurrencies have known this for a while. Just use a digital signature scheme instead of relying on open-source information. | | |
| ▲ | smokel 21 hours ago | parent [-] | | I don't think these problems are opposing; both are real. I totally agree that user space is not as much of a useful concept on a single-user device. Originally, it helped to shield users of the same system from each other. Most of this was based on file system authorization. This hasn't been extended to internet access in a very useful way. However, even on single-user devices, having root access makes it easier to hide malicious processes. Granted that in modern operating systems it is already totally unclear what most processes are doing, so one can simply hide in plain sight. I'm still not convinced we can get by without a lot of trusted computing stuff to have secure payments. |
|
|
|
|