this post was submitted on 20 Aug 2023
132 points (100.0% liked)

Technology

37742 readers
482 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
top 32 comments
sorted by: hot top controversial new old
[–] dotslashme@infosec.pub 54 points 1 year ago

When you buy something you should have the right to repair it and modify it.

Currently, everything is basically a renters agreement, where you pay for something you have zero rights to modify or opt out of.

[–] Deemo@bookwormstory.social 33 points 1 year ago (4 children)

Few problems:

  1. Safteynet (play integrity) and root detection

There are magisk tweaks to help combat this but its a annoying game of cat and mouse. Some apps like chase have particularly annoying root detection to deal with. Also regaring safteynet once google fully enforces hardware attestation passing safteynet with tweaks will be borderline impossible (most tweaks try to spoof older phones that don't support safteynet hardware attestation).

  1. Widevine

Many streaming services (Netflix, Hulu, Disney, etc) will downgrade your video quality to 480p-540p due to L3 from unlocking the bootloader (a step thats usually required before you can root).

  1. Physical security (potential risk)

Unlocking the bootloader is the first step to allowing for rooting and custom roms. One pro/con is when you unlock the bootloader you are partially at risk to a evil maid attack (some one with physical acess to your phone can compromise it). While difficult to do automatically (and probably very very rare) some one could hypothetically place a malicious bootloader that could steel data. The risk of this is mostly low but does exist.

[–] lemmyvore@feddit.nl 14 points 1 year ago

once google fully enforces hardware attestation passing safteynet with tweaks will be borderline impossible

Never gonna happen. Full hardware attestation would give Google all the cards and too much power over manufacturers. Samsung is the largest Android manufacturer and they're making people jump though hoops to unlock bootloader precisely because they don't want to end up with full attestation.

Samsung and Google have been locked into a power struggle for many years now and they're both careful about keeping the armistice. Samsung maintains a set of apps that mimic Google's, ready to go in case Google ever pulls a Huawei and kicks them off Play.

[–] bandario@lemmy.dbzer0.com 11 points 1 year ago (1 children)

These are not really genuine concerns imo, and to the extent that they are - they should be recognised as shortcomings of an increasingly inflexible ecosystem.

  1. It's very easy to avoid root detection these days, and if you are rooting your phone, chances are you have also disabled the playstore app altogether so play protect is no longer a concern. I just use F-Droid and Aurora these days to reduce what can be associated with me or any of my accounts.

  2. Who the hell is watching shows on their phone so much that a reduction to SD is going to bother them on a 6 inch screen?

  3. If I can get my hands on your phone physically, there's very little you can do to keep me out regardless of if the bootloader is unlocked or not.

[–] Da_Boom@iusearchlinux.fyi 5 points 1 year ago* (last edited 1 year ago)

Pixel phones are arguably the worst for rooting. (I own one) In order to get the phone to pass properly you pretty much have to go custom on the ROM.

I'm running a stock firmware, and I get all sorts of problems as a result of rooting the device, and not installing a CFW.

I have 2 apps, that won't work (google pay and a credit score check/lock appand Microsoft intune - which my work partially uses)

Edit and did I mention? The LSPosed zygisk module causes so much instability I can't use it.

[–] smileyhead@discuss.tchncs.de 9 points 1 year ago
  1. This could be fixed if phones could let us relock the bootloader, but with our own keys.

Then only possible way to unlock it again or change anything would be to at least factory reset and we'll see something is wrong.

[–] kratoz29@lemm.ee 5 points 1 year ago
  1. I have yet to see a problematic app that deny list can't handle

  2. Stremio /s to be fair I have never bothered about this in my phone, as I have a Nvidia Shield TV, and honestly any current setup box (official) would do the job, there are perks of using a movie of course... But I can use Netflix here only that I have never bothered to check out the quality, I wouldn't be surprised if a module for this existed to be honest.

  3. I bet most people are interested in scamming those dudes that compulsively tap in game ads to fetch their crypto BS apps or whatever, it is a similar scenario of why hackers target Windows and not Linux users... Granted every device is at risk once it connects to the Internet.

[–] bug@lemmy.one 14 points 1 year ago (3 children)

Strange that the focus point of this article is rooting, you can modify your device to install custom firmware etc without needing root exploits anymore!

[–] NightAuthor@beehaw.org 12 points 1 year ago (1 children)

Depends on the phone, many come with locked bootloaders

[–] gvasco@discuss.tchncs.de 3 points 1 year ago (1 children)

Many can be easily unlocked

[–] AES@lemmy.ronsmans.eu 4 points 1 year ago (1 children)
[–] bandario@lemmy.dbzer0.com 4 points 1 year ago (1 children)

?? If you unlock BL by fastboot method, it's trivial to re-lock it.

The only non-reversible method is usually via manufacturer unlock portal.

[–] gvasco@discuss.tchncs.de 1 points 1 year ago (1 children)

Even when using another OS? Been trying to find info on relocking my /e/ OS install on my 1+7P and haven't had any love luck.

[–] bandario@lemmy.dbzer0.com 1 points 1 year ago (1 children)

Cursory glance at XDA tells me that OnePlus devices need an unlock token for that device to re-lock the bootloader but you would have to roll back to the original factory firmware to do so.

https://forum.xda-developers.com/t/relock-bootloader.4412627/

[–] gvasco@discuss.tchncs.de 1 points 1 year ago (1 children)

Sucks that vendors can keep such a tight control on what you can do with your device. Would be nice to have the possibility to safeguard your device with any OS of your choice.

[–] bandario@lemmy.dbzer0.com 2 points 1 year ago

It's infuriating how few of them seem interested in holding the door open for us.

[–] kratoz29@lemm.ee 4 points 1 year ago (1 children)

IMHO Android is not very free without root... I roll my eyes every time I see the need of adb commands when it is just way easier to slap in Magisk and have full control.

I come from iOS and I used to jailbreak the heck out of my devices, rooting is very similar to JB (but better).

[–] bug@lemmy.one 3 points 1 year ago

Depends what you want to do, really. I've got a proper PC for serious tinkering, my phone has all my private data on so I'd rather have the security that comes with blocking root access.

[–] people_are_cute@lemmy.sdf.org 3 points 1 year ago (1 children)

I mean, literally replacing your device's firmware sounds like a step above rooting, even if it's arguably easier to do.

[–] bug@lemmy.one 1 points 1 year ago

Exactly, so why is rooting even mentioned?

[–] peter@feddit.uk 11 points 1 year ago (4 children)

I've owned an android phone for over 10 years and have rooted most of them. To be honest, in that time I've rarely come across something that I've wanted to do but been unable to do without rooting. Generally anything I want to do also isn't possible through rooting either. Same with custom ROMs, recently it seems you end up losing features rather than gaining them.

I would trade every half-assed Google feature update for a hosts based adblock capability.

That's the sole reason that I root every device that I own.

And NO. A PiHole is not, repeat NOT a silver bullet. Nor is a local VPN with custom DNS.

[–] lemmyvore@feddit.nl 5 points 1 year ago

On a rooted phone you can fully control app permissions and feed them fake data for the denied permissions.

You can't do that without root. On a locked iphone you control only a tiny fraction of permissions and it will let the app know so it can refuse working.

[–] jsqribe@feedly.j-cloud.uk 3 points 1 year ago

Agreed and sometimes the amount of work trying to find some random radio file to flash because 5G stops working.. it's not worth the headache anynore

[–] keeb420@kbin.social 1 points 1 year ago (1 children)

I used to root all my phones a decade ago. Now I just don't see a point to it.

[–] MaggiWuerze@feddit.de 2 points 1 year ago* (last edited 1 year ago)

Same. I still do custom roms when my device runs out of support, but no longer because it's cool to have a custom Rom. There's hardly one that I find exciting nowadays.

[–] music938@discuss.tchncs.de 8 points 1 year ago (3 children)
[–] bug@lemmy.one 13 points 1 year ago

...doesn't have anything to do with warranty violation

[–] NightAuthor@beehaw.org 9 points 1 year ago (1 children)

You can do things to improve security with root access. Better yet, with boot loader access you can make your phone much much more secure with graphene os

[–] peter@feddit.uk 5 points 1 year ago (1 children)

I don't know if flashing a random ROM from xda because there's no official builds available for my phone is considered a security improvement

[–] NightAuthor@beehaw.org 1 points 1 year ago

lol, that’s true.

[–] kratoz29@lemm.ee 1 points 1 year ago

Stock support for my device is A12 🤡

And A14 is on its way!