this post was submitted on 19 Sep 2025
104 points (100.0% liked)

Privacy

42010 readers
912 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I'm frustrated. I'm a long time fan of Motorola. Their phones have been pretty simple and easy to remove junk apps. Recently I got an update that forced perplexity on my phone.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] surjomukhi@lemmygrad.ml 4 points 4 days ago (1 children)

Desktop operating systems provide root access without forcing you to bypass manufacturer restrictions. Why should phones be any different?

[โ€“] AmbiguousProps@lemmy.today 1 points 4 days ago* (last edited 4 days ago)

Android is not designed the same way as a desktop operating system. For example, Android is designed to sandbox all applications and never require kernel level access. This means that if one app is malicious, as long as you haven't granted it extra permissions, it's much more difficult for it to affect any other apps. If you root, you're breaking that level of defense. Android simply wasn't designed for users to need or regularly use root, whereas Linux was built from the ground up with that expectation.

Root also makes applying security patches a challenge. Android doesn't have a standard package manager like desktop Linux. This means that users with rooted phones are less inclined to go through the pain of updating. I haven't rooted in a long while, but I can confirm that when I did root, I tended to avoid it for far too long. Anyway, the way Android's incremental OTA updates work is by comparing partition hashes. When rooted, this hash gets changed and you can no longer install OTA updates.

Further, root on Android can (and as far as I recall, does) affect verified boot, meaning if you want verified boot, every time you reboot you lose root. Android verified boot detects changes to system partition and either doesn't boot or reverts the changes. If you turn off verified boot, you cannot know if your system has been modified in a malicious way.

Put a slightly different way, Android's security model is entirely different than the security model of something like Linux. Linux expects you to need sudo/root for certain tasks, and other protections are built around that. Android does not expect you to ever need root, so it's not a consideration in its security design.

By rooting, you're not just bypassing manufacturer restrictions, you're bypassing Android's security design entirely. It's much more secure to just install a debloated, degoogled OS that can do verified boot.

Now, if mobile Linux ever takes off, then I'm sure it would be more like a desktop distro and less like Android.