• wazzupdog (they/them)@lemmy.blahaj.zone
          link
          fedilink
          arrow-up
          3
          ·
          edit-2
          18 days ago

          And why’s that? I feel im fairly careful with my phone in terms of security. I see no more danger in rooting it than being logged in as admin/root on any of my home computers.

          • dzervas@lemmy.world
            link
            fedilink
            arrow-up
            2
            arrow-down
            3
            ·
            17 days ago

            your computers are much less secure in general but they also have different security assumptions

            phones are the pinnacle of security in this point in time. rooting them not only breaks but also breaks the security assumptions that apps rely on

            for example I can be sure that no other app has access in my data as an app dev. based on that assumption i might store secrets. which on android/iOS is totally fine (there are better ways but ok)

            you’d never make such an assumption on a pc app. you’d find another way. there’s no such thing as “my data” on desktop. hence you develop around it

          • dzervas@lemmy.world
            link
            fedilink
            arrow-up
            1
            arrow-down
            2
            ·
            17 days ago

            and that’s a reason not to use banking or other critical apps from a pc. a mobile is much more secure

            rooting also bears the issue of being “not intended”. that means that what you use to get root (for example to manage the root permission) is not as much tested as the rest of the operating system and opens up holes which we don’t know about yet

            security is a game of money. as a security researcher, bypassing the sandbox and accessing another apps data, can gain you literally millions

            bypassing the root permission on an already rooted phone will gain a pat in the back and a conference talk at best