Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
ssl-3 2 hours ago

It wasn't always so locked-down as it is today.

The OG Motorola Droid, for example: While it clearly wasn't a design intent, there was really nothing of any gravity to stop people from using it in any way they wished.

Rooting was a simple matter of running a hacked su command, and voila: One becomes root. The bootloader wasn't locked at all. Custom kernels and userlands were normal. It was a great little pocket computer to goof around with for anyone who cared enough to give it a swing.

Just install the "missing" su binary and...done.

At the time, I felt that this was a perfectly acceptable way to keep it working reliably for regular folk.

palata 2 hours ago | parent [-]

In a way I don't know what I think about them preventing me from modifying "their" certified OS. Many products do that (if I buy a Marshall smartspeaker, it's not like if I can modify the software, is it?).

What I want is to be able to properly install an alternative OS (just like I don't care about what Windows or macOS do, as long as I can install Linux), and that goes with the bootloader unlocking/locking.

bluGill 2 hours ago | parent [-]

The problem is for every person who wants to do this, there are hundreds (thousands?) who wouldn't want to - and these people are vulnerable various security exploits that would allow someone evil to take over their device.

This isn't just a made up situation: There are nations that have large teams of people who's job is to figure out how to get software installed on your device of their choice/make/design, allowing them to do whatever they want.

palata 2 hours ago | parent [-]

This isn't quite true. The Google Pixels allow me to unlock the bootloader, install my own system, and relock the bootloader. As a result, I run an alternative OS called GrapheneOS which is more secure than Android.

The fact that I can unlock and relock the bootloader is not a security issue or a risk. People who don't know what that means cannot possibly do it by mistake.

Now allowing root access to users on Android, that's a security risk because a user can be tricked into giving root access to some evil app. I don't have root access on my GrapheneOS, even though I chose to install it myself. Because it is more secure like this.

So it sounds like a fair compromise to me: they make Android the way they want, and if I don't like it I can install an alternative OS. Just like I can install Linux if I don't like Windows. What I don't like is that most Android manufacturers actively try to prevent me from doing that, and I don't like it.

makeramen 32 minutes ago | parent | next [-]

> The fact that I can unlock and relock the bootloader is not a security issue or a risk. People who don't know what that means cannot possibly do it by mistake.

The second sentence is false. Lots of people blindly follow things and don't understand consequences until they brick their devices. Those who don’t break something won’t notice if they’ve silently backdoored themselves.

People asking for support after getting themselves into some weird hole they never should have been in because some friend or online article said so is super common.

bluGill an hour ago | parent | prev [-]

There are options. However security has consistently found subtle things about most answers and so I hesitate to suggest any.