Hi, I’m wondering myself is root useful or not ? In which case it can be useful ? And Root with magisk is unsecure ?

  • PlatinumSf@pawb.social
    link
    fedilink
    English
    arrow-up
    18
    ·
    1 year ago

    Root is extremely useful for customizing the OS and running certain types of apps. It won’t really do much for your average user and does degrade security depending on how root access was gained/obtained. It’s going to be a balance. Also keep in mind a handful of apps (like banking apps) will do a root check before loading the application and refuse to let you access it if it determines your device is rooted.

    Tdlr: Rooting is great if you need it for something, just be sure to understand the downsides and don’t bother if you don’t have a specific use case for root access.

      • evo@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        That’s really only true if you are smarter and more knowledgeable than the security team of the phone OEM… and you unroot after you have made changes.

        • afunkysongaday@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          1
          ·
          1 year ago

          One example would be being able to use hosts based blocking of malicious domains while using a VPN at the same time. Does not work without root. Has nothing to do with being smarter than the security team or anything either.

  • Anti Weeb Penguin@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    6
    arrow-down
    1
    ·
    1 year ago

    I use it to backup apps with Swift Backup, it’s not insecure as long as you don’t do silly things like modifying system files in a dangerous way, keep in mind that some banking apps and even games won’t work if they detect root.

  • pacjo@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    There are already several opinions about rooting, so I’m not entering that discussion, but I can share my view of ACC and AccA.

    I’m the kind of person, who charges the phone over the night. My device theoretically supports 33W charging (can’t test this as I don’t have the stock charger), but when charging over the course of several hours I don’t need this speed.

    I have the current limit set to 750mA and max charge in range of 90-95%. This works fine for me and in case I need a quick top-up there’s always Charge once to #%, without restrictions option.

  • Jiří Král@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    It is potentially unsecure both as a process and with its consequences, but if you know what you are doing (carefully read tutorials and guides step by step especially if you have no beforehand experience) you have a very low chance to brick your device or corrupt it in any other way.

    It’s important to note that rooting is different from device model to device model and especially from manufacturer to manufacturer. Some manufacturers totally prevent rooting. Officially you lose the warranty of your device if you root it.

    Some of the other commenters have mentioned that some apps check for root and refuse to work if the device is rooted (or only because the bootloader is unlocked) which is true, however if you are rooted there is variety of tools to prevent these apps from recognizing a rooted device (or just unlocked bootloader) so I wouldn’t count this as that much of a problem. I am using banking apps and google pay on my rooted phone just fine.

  • 9tr6gyp3@lemmy.world
    link
    fedilink
    English
    arrow-up
    11
    arrow-down
    32
    ·
    1 year ago

    Rooting Android is one of the most insecure things you can do to your Android phone.

    • db2@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      19
      arrow-down
      8
      ·
      1 year ago

      That’s like saying being able to turn left is one of the most dangerous things you can do to your car.

      • PlatinumSf@pawb.social
        link
        fedilink
        English
        arrow-up
        28
        arrow-down
        5
        ·
        edit-2
        1 year ago

        No, it’s like saying swapping out the fuel delivery system and ecu fuel mapping with a custom tunable system and Map is one of the most dangerous things you can do to your car; which it is if not done by a professional or someone with significant experience/understanding.

        • pimento64@sopuli.xyz
          link
          fedilink
          English
          arrow-up
          18
          arrow-down
          2
          ·
          1 year ago

          No, it’s like saying having admin permissions is one of the most dangerous things you can do on your home computer. Only an idiot would think that.

          • Milady@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            I mean, it is, if you don’t have admin you can’t install root-level malware directly (still can if the malware uses some bug to gain privilege). But I still fully agree with your point, I just wanted to say that technically, having root is dangerous in the sense that you can do anything. Most end users have no reason to modify system files etc. Since they only use a web browser and word.

          • random65837@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            Really? How much damage to end users deal with when they HAVE admin access vs restricted user accts? When I was in IT, most of my time was wasted cleaning up messes that couldn’t have happened in the first place on a acct where the users couldn’t do what they did.

            Youre speaking as somebody’s thats probably competent with your devices, big surprise, most people aren’t!

            Most people click random links that would be obvious to a techy person as a trap, install software without checking what it’ll do, blindly giving permissions to anything their shady apps ask for. Then follow random shit on the internet and make things far worse.

            • ChonkaLoo@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              That’s going to be a thing of the past. The future for corporate users is a locked down monitored system with least privilege access in the name of security. Zero Trust they call it.

            • pimento64@sopuli.xyz
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              3
              ·
              1 year ago

              How much damage to end users deal

              When I was in IT

              most people aren’t

              most people click

              1. I’m talking about home computers

              2. Skill issue + not my problem. It doesn’t matter if most people are competent, they should have full control over their property. The ones who fuck up will be responsible for the consequences of their actions. Most people are too stupid to use power tools correctly, but the last time I checked, I didn’t have to nicely ask Milwaukee to unlock the bootloader on my drill so I could use it with torx bits.

              • random65837@lemmy.world
                link
                fedilink
                English
                arrow-up
                4
                ·
                1 year ago

                I’m talking about home computers

                Makes zero difference, it’s the exact same situation, and the example holds.

                Skill issue + not my problem

                We’re not talking about (you), that’s been established already.

                It doesn’t matter if most people are competent,

                Yes, It absolutely does, because the people that aren’t are the far majority.

                they should have full control over their property.

                They do, they can make the decision to root their device, void their warranty, and break their own shit. They waste other people’s time crying because they didn’t know what they were doing.

                I didn’t have to nicely ask Milwaukee to unlock the bootloader on my drill so I could use it with torx bits.

                Piss poor comparison, you also don’t need to ask your phone mfg to install apps on it, connect accessories, set wallpapers, or any other USER level change. You absolutely are NOT allowed by Milwaukee to open up your drill and self-service it without voiding their warranty, which is the exact same thing. You could do it anyway, but you’re on your own so they’re not going to give you the go ahead on it at anytime. They’re protecting themselves from the 99% who have no clue.

                • Zak@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  1 year ago

                  You absolutely are NOT allowed by Milwaukee to open up your drill and self-service it without voiding their warranty

                  If you’re in the USA, however, you’re allowed to do that by federal law, and Milwaukee is forbidden from voiding the warranty unless they can prove you serviced it incorrectly enough to cause the problem you’re seeking warranty service for.

                  https://en.wikipedia.org/wiki/Magnuson–Moss_Warranty_Act

                • pimento64@sopuli.xyz
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  arrow-down
                  2
                  ·
                  1 year ago

                  Is your ability to deliberately misinterpret everything you read the result of study, or does it come naturally?

          • 9tr6gyp3@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            arrow-down
            2
            ·
            edit-2
            1 year ago

            Notably, there is a difference between admin and root.

            One has checks, the other can run scripts, change permissions, move files, delete files, hide malware, install rootkits, install ransomware, exfiltrate data, alter your OS, change hardware voltages, etc all without so much as a prompt.

            It doesn’t matter if you’re a beginner or a seasoned veteran with handling root, it can cause some heavy damage to your system when you or another application mishandle it.

            Rule of thumb is to remain in user mode for the entirety of your sessions. Only use admin rights when you need to make a system change. Most well-designed applications should not need to be run as admin, and definitely not root.

              • 9tr6gyp3@lemmy.world
                link
                fedilink
                English
                arrow-up
                2
                arrow-down
                1
                ·
                1 year ago

                Its called the principle of least privilege, or principle of minimal privilege, or principle of least authority.

                Its a philosophy learned by anyone who is serious about information assurance. Its a very basic, yet fundamental security concept.

          • PlatinumSf@pawb.social
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            2
            ·
            1 year ago

            Lol you’re not getting those admin permissions by flipping a simple switch. Root access is far more involved than simple admin permissions so please try again.

      • evo@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        The thing about “knowing just enough to be dangerous” is typically the person doesn’t realize that’s all they know.

      • random65837@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        5
        ·
        1 year ago

        No, its not even remotely like that. You clearly have no working knowledge of how Linux based OS’s work. There a reason so many actual Linux distros ship with Root disabled and want you to use sudo instead.

          • random65837@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            You don’t directly, certain apps are already allowed to access certain system level permissions. You can’t directly without Rooting. Although arguably, many ADB commands are performing root level changes.