• wazzupdog (they/them)@lemmy.blahaj.zone
      link
      fedilink
      arrow-up
      3
      ·
      edit-2
      24 days ago

      And why’s that? I feel im fairly careful with my phone in terms of security. I see no more danger in rooting it than being logged in as admin/root on any of my home computers.

      • dzervas@lemmy.world
        link
        fedilink
        arrow-up
        2
        arrow-down
        3
        ·
        23 days ago

        your computers are much less secure in general but they also have different security assumptions

        phones are the pinnacle of security in this point in time. rooting them not only breaks but also breaks the security assumptions that apps rely on

        for example I can be sure that no other app has access in my data as an app dev. based on that assumption i might store secrets. which on android/iOS is totally fine (there are better ways but ok)

        you’d never make such an assumption on a pc app. you’d find another way. there’s no such thing as “my data” on desktop. hence you develop around it

      • dzervas@lemmy.world
        link
        fedilink
        arrow-up
        1
        arrow-down
        2
        ·
        23 days ago

        and that’s a reason not to use banking or other critical apps from a pc. a mobile is much more secure

        rooting also bears the issue of being “not intended”. that means that what you use to get root (for example to manage the root permission) is not as much tested as the rest of the operating system and opens up holes which we don’t know about yet

        security is a game of money. as a security researcher, bypassing the sandbox and accessing another apps data, can gain you literally millions

        bypassing the root permission on an already rooted phone will gain a pat in the back and a conference talk at best