Privacy

42065 readers

1003 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

107

Is there a phone I can buy that out the box is rooted, private, and does not install bloat apps? (lemmybefree.net)

submitted 1 week ago by LAN_Mower@lemmybefree.net to c/privacy@lemmy.ml

62 comments fedilink hide all child comments

I'm frustrated. I'm a long time fan of Motorola. Their phones have been pretty simple and easy to remove junk apps. Recently I got an update that forced perplexity on my phone.

you are viewing a single comment's thread
view the rest of the comments

[–] AmbiguousProps@lemmy.today 2 points 6 days ago (1 children)

OTA, as of right now, needs to hash the device to prevent system corruption. I don't think it's a very simple problem to solve, or surely there would be a ROM out there that does fix it with root. A better fix would be a package manager, but that's not going to happen with AOSP.

Regarding #1, it's fundamental to AOSP, and not any particular ROM. Similar to the OTA issue above. It's not just graphene (which, technically, you can root fyi, but I really would not do so, as again it defeats the purpose of running a verified boot secured phone).

#2 is debatable, because it's also highly dependent on the distro and configuration. As an example, immutable distros (which are actually closer to Android than non-immutable distros) make it so sudo/root isn't needed very often, if at all. Fedora CoreOS, for example, can run package updates on a schedule without user intervention, use rootless containers, and do verified boot. It can be deployed from a single file and validate itself after the fact, meaning a user would never be prompted for a password at any point. Obviously that's not a 1:1 because it isn't made for PC usage, but other distros based on Fedora Silverblue and the like can be more secure than standard Linux for similar reasons. Everything is generally sandboxed (flatpaks and containers) and root is rarely, if ever, required.

That being said, if you're not concerned, there isn't anything stopping you aside from your phone's manufacturer, which I'm sure you're aware of. I'm fine just knowing that I could do it, and much prefer the security benefits of verified boot and proper sandboxing above all else. I don't trust Google to properly patch zero days related to rooted phones, let alone patch the ones that affected non rooted devices.

[–] jeff_hykin@lemmy.world 2 points 6 days ago

Immutable OS's like nix and fedora silverblue still have sudo, they can still rm -rf /. If they can do it and maintain security, then Android can too.

I agree both the OTA and safe way of doing superuser requests could be heavy technical work. My bigger point is people who manage ROM's shouldn't demonize having full control of devices we own. Root can be done safely. Its not an inherent security risk, its just a technical problem waiting for a technical solution. "Just accept you dont need it" is not an acceptable response IMO.