Comment by Katlah@lemmy.dbzer0.com on Why don't banks like root on Android?

Rooted mobile devices are a reasonable signal they been have hacked and security features might be disabled or work as expected.

Rooted mobile devices are a reasonable signal that someone wants to actually own what they buy, and corporations want to make sure as few people think that as possible.

Windows/Macos/Linux are designed around the fact that the person managing the device has root access, Android and iOS are designed around noone having root access.

Sure it’s fine to mess around with rooted phone and look what’s inside, but essentially for your daily operations having rooted phone is unnecessary security risk.

Android and iOS are designed around noone having root access.

Yes and I consider that to mean I don’t own the device. And there are plenty of Android forks specifically designed around you having root access.

The issue is that you don’t want to give some random untrusted process root access. You, the user, have root access as long as you’re capable of running processes as root, but that doesn’t mean you should.

There could be tons of apps on the iOS App Store or Google Play Store that are completely benign under the existing security model but do nefarious things when run as root. No one knows that for sure because they aren’t tested under root by Apple or Google.

The problem with root is that it’s giving the process the keys to the Ferrari. That’s long since been decided to be a bad security model. Far better to have the process request permission to access particular resources and you grant them on a case by case basis.

I just want to point out, that what you are saying sounds good in an ideal world. But the realitiy looks different. (I actually typed out some points, but then I remembered that I don’t want to engage in yet another lengthy internet-debate, that ultimately comes down to personal preferences and philosophy)

Ah but I love reading these specific philosophical discussions on tech, I don’t blame you though

The issue is that you don’t want to give some random untrusted process root access.

It’s been awhile since I’ve used anything but Magisk but usually you have to set root permissions per app, or you can get Magisk notification to request access.

You’re free to install another operating system or variation on Android on your phone still. And if you decided to go with another Android such as Graphene, you’d still not want to root it because it’s a security risk.

The important question is why smartphones are designed around not having root access and computers are?

What are the incentives at play?

The answer is obvious, tech companies wouldn’t have given users access to root control on their computers either if they knew what they were doing and thought they could have gotten away with it.

It is just circular logic claiming smartphones have to be this way, circular logic that provides a rhetorical smokescreen for the process of corporations taking our agency away from us over our lives and the tools that sustain us.

There’s also the fact that on Win/Mac/Linux, you’re interacting with the bank via a browser and not a bespoke app.

I use Arch btw

Sister communities:

LemmyMemes: Memes
LemmyShitpost: Anything and everything goes.
RISA: Star Trek memes and shitposts

Community rules

Follow the site-wide rules and code of conduct
Be civil
Post Linux-related content
No recent reposts

Please report posts and comments that break these rules!

Why don't banks like root on Android?(lemmy.world)

linuxmemes

!linuxmemes@lemmy.world

Community stats

Community moderators