Do you root or do you go straight to ROMs?

  • Chemical Wonka@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    0
    ·
    8 months ago

    I stopped to root my phone when I switched to GrapheneOS and learned that root compromised the security model of android. Life is good now

    • Zak@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      8 months ago

      Well, yes, breaking the security model is the whole point. The security model prevents things you might want to do, like using the hosts file as a denylist (adblocking). On the other hand, a malicious app writing the hosts file would allow an attacker to impersonate websites and services. HTTPS wouldn’t save you either since they could add malicious certificates.

      Ideally, we’d have ways to open much smaller holes in the security model; an ACL could allow an app to write just the one special file or directory it actually needs rather than giving it completely unrestricted access.