• markstos@lemmy.world
    link
    fedilink
    arrow-up
    24
    arrow-down
    10
    ·
    7 months ago

    Rooted mobile devices are a reasonable signal they been have hacked and security features might be disabled or work as expected.

    It just banks, a lot of corporate security polices don’t allow rooted devices, as they could bypass mobile device management policies for devices owned by the company.

    With laptops it’s a different story. Whether users have Mac, Linux or Windows, there’s a reasonable chance they have admin access too, so checking for root access is not such a useful signal there.

    • Katlah@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      25
      arrow-down
      4
      ·
      7 months ago

      Rooted mobile devices are a reasonable signal they been have hacked and security features might be disabled or work as expected.

      Rooted mobile devices are a reasonable signal that someone wants to actually own what they buy, and corporations want to make sure as few people think that as possible.

      • hemko@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        12
        arrow-down
        7
        ·
        7 months ago

        Windows/Macos/Linux are designed around the fact that the person managing the device has root access, Android and iOS are designed around noone having root access.

        Sure it’s fine to mess around with rooted phone and look what’s inside, but essentially for your daily operations having rooted phone is unnecessary security risk.

        • Katlah@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          10
          arrow-down
          3
          ·
          7 months ago

          Android and iOS are designed around noone having root access.

          Yes and I consider that to mean I don’t own the device. And there are plenty of Android forks specifically designed around you having root access.

          • dumpsterlid@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            ·
            edit-2
            7 months ago

            The important question is why smartphones are designed around not having root access and computers are?

            What are the incentives at play?

            The answer is obvious, tech companies wouldn’t have given users access to root control on their computers either if they knew what they were doing and thought they could have gotten away with it.

            It is just circular logic claiming smartphones have to be this way, circular logic that provides a rhetorical smokescreen for the process of corporations taking our agency away from us over our lives and the tools that sustain us.

          • hemko@lemmy.dbzer0.com
            link
            fedilink
            English
            arrow-up
            1
            ·
            7 months ago

            You’re free to install another operating system or variation on Android on your phone still. And if you decided to go with another Android such as Graphene, you’d still not want to root it because it’s a security risk.

          • chonglibloodsport@lemmy.world
            link
            fedilink
            arrow-up
            4
            arrow-down
            5
            ·
            edit-2
            7 months ago

            The issue is that you don’t want to give some random untrusted process root access. You, the user, have root access as long as you’re capable of running processes as root, but that doesn’t mean you should.

            There could be tons of apps on the iOS App Store or Google Play Store that are completely benign under the existing security model but do nefarious things when run as root. No one knows that for sure because they aren’t tested under root by Apple or Google.

            The problem with root is that it’s giving the process the keys to the Ferrari. That’s long since been decided to be a bad security model. Far better to have the process request permission to access particular resources and you grant them on a case by case basis.

            • bort@sopuli.xyz
              link
              fedilink
              arrow-up
              5
              ·
              7 months ago

              I just want to point out, that what you are saying sounds good in an ideal world. But the realitiy looks different. (I actually typed out some points, but then I remembered that I don’t want to engage in yet another lengthy internet-debate, that ultimately comes down to personal preferences and philosophy)