| ▲ | netc a day ago | ||||||||||||||||
A phone given for repair by a non-technical person can be rooted without their knowledge. The repair person potentially can install malware. We cannot assume the owners of the rooted phone themselves have rooted the phone. | |||||||||||||||||
| ▲ | aiiotnoodle a day ago | parent | next [-] | ||||||||||||||||
Practically, verified boot is hard to not have a "this phone has been tampered with" message on boot, the backups generated often have encrypted user data that is usually wiped on boot-loader unlock, you'd also need to unlock the phone or have the user give the pin over and most of the apps that implement root checking SDKs would prevent them from working. I'm not saying its impossible but it is hard to do at present in a way where if I came and picked up my phone again, I'd not know something happened to it. | |||||||||||||||||
| ▲ | plst 2 hours ago | parent | prev | next [-] | ||||||||||||||||
Assuming the owner gave the shop the pin. If so, the shop can already steal a lot of data from the phone. Why bother with persistent malware at this point? You already have to trust the repair shop with your data. Installing persistent malware on phones is already illegal. What's the point of this extra software protection in this case? To prevent a 0.00001% chance hack? The type of hack that would put the repair men in jail? Not to even mention that modern phones are basically unfixable. | |||||||||||||||||
| ▲ | h4x0rr a day ago | parent | prev [-] | ||||||||||||||||
How would you root without resetting it? | |||||||||||||||||
| |||||||||||||||||