Comment by nunez
9 days ago
As someone who roots single-purpose Android devices, this is one of those things that sucks big-time but makes total sense.
The only reason one would unlock a bootloader is to root the system partition. It is impossible to protect data on rooted phones and makes data exfiltration attacks significantly easier to do.
This is a huge problem for banking and music apps that absolutely rely on this capability. Samsung is, by far, the biggest seller of Android phones in the US. (I think Xiaomi is the biggest globally), so they are under much more pressure to clamp down on this.
That said, rooting Samsung devices has been a worthless pursuit for a long time. Doing so irreversibly (via eFuse) disables KNOX, which prevents DeX and Samsung Health from working. It also trips SafetyNet, which disables a whole suite of key apps (banking apps and Apple Music don't work; not sure about Spotify). There's a Magisk module that uses well-known device IDs to work around these, but these only work temporaily. Many people have also reported issues with the camera (a popular reason for buying Samsungs in the first place), and you no longer get OTA updates. I believe you also get degraded camera performance if you flash another ROM since the device module is closed-source and relies on One UI to work. This is before considering that stock ROMs have gotten really good over the years (especially Samsung's), and many of the reasons why we had to root have mostly gone away.
You can work around this by buying a Pixel for now, but I think we're a few years away from bootloader unlocking going away entirely.
That said, I stll root Android devices that will only serve a single-purpose, like my BOOX eBook readers that I use Firefox on. This lets me run AFWall so that I can block network traffic for everything except Firefox (and a few other apps). However, I won't be logging into my Google account on them, and they aren't ever going to run banking apps or anything like that.
My response would be it doesn't make any sense. There are so many reasons why blocking rooting is a stupid idea. Just some of them:
- If you're capable of rooting a device then you're capable of understanding the risks which come with doing so.
- The number of users who root their devices will always be so comparitively tiny that the increased risk of data exfil is incredibly small. Also, similarly to above, if you're technical enough to root your device then you're probably not regularly putting yourself at risk by downloading shady apps etc. anyway.
- Rather than decreasing security, rooting allows you to enhance the security of your device by installing lower-level tools and, most importantly, removing all the bloatware crap which comes on most phones. This reduces the surface area of attack.
Let's be honest and admit that the only reason to prevent users from rooting their phones is to protect companies' profits by ensuring users can't fight back against the blatant tracking, data mining, and analytics capture which is so valuable to companies.
The main reason IMO to block rooting is to stop resellers selling phones with preinstalled malware. If the phone has two Amazon/Aliexpress sellers, you're going to pick the cheaper one right? With who-knows-what alterations? It's a really prevalent problem and most people are not going to notice the "insecure" warning at bootup.
Phones can and do have a warning that they were rooted on boot. So this is not an excuse. But don't worry, I'm sure there are several marketing teams at work on new excuses why your computers should be controlled by benevolent corporations and not you.
1 reply →
> The number of users who root their devices will always be so comparitively tiny that the increased risk of data exfil is incredibly small
> the only reason to prevent users from rooting their phones is to protect companies' profits by ensuring users can't fight back against the blatant tracking, data mining, and analytics capture
You contradict yourself, if the number of users which will root their devices is tiny, the lost profits from tracking, data mining, analytics is tiny as well.
Not necessarily if you consider the level of paranoia of these companies regarding controlling how their devices are used, as well as the tech sectors growth at all costs mantra.
There's also the argument that if tiny percent can do it, could it start to catch on and slowly grow to a larger percent?
More so in an economic environment where spending $2,000 on a new phone every year is decreasing in popularity, especially when the differences between model X and model X+1 have to squinted at ever harder to determine.
> Let's be honest and admit that the only reason to prevent users from rooting their phones is to protect companies' profits by ensuring users can't fight back against the blatant tracking, data mining, and analytics capture which is so valuable to companies.
I'm with you on the general sentiment, but how do the companies that block rooting benefit from any of the nefarious activities you mentioned? Those are executed by different organizations, typically.
They benefit from user buying a new phone when they stop providing updates for it. If the bootloader can be unlocked, the community can take over support & the device will be used for longer. Kinda like a 10+ old laptop is perfectly functional and usually fully supported by moder Linux distros, but 10 year old phone is more often than not a paperweight.
First party apps, carrots and sticks from large players like alphabet and meta, pressure from banks, pressure from governments.
- If you're capable of rooting a device then you're capable of understanding the risks which come with doing so.
Spend an hour in xdaforums and you'll see how untrue that is.
Many people root just to get YouTube Revanced or something like that. Meanwhile, you have launchers masquerading as a stock launcher that will happily steal refresh tokens for your Google account.
> This is a huge problem for banking and music apps that absolutely rely on this capability.
In the case of banking, unlocking the bootloader usually requires a full device reset and leaves a very obvious message when you boot up the phone—you can't grab someone's locked device, root it, and grab their financial data just like that.
As for music apps and other apps that download copyrighted content to the user's device, leaving the moral aspects of stripping the user of control of files on their own device aside, preventing their use on rooted devices just loses them users since
- Those are by no means essential apps
- If you know how to root your phone, you probably know how how to pirate media as well
- People can just use computers to exfiltrate copyrighted media instead since most of those apps have PC versions
It "doesn't make total sense", it never has. It's just a kneejerk reaction that conveniently aligns with stripping the user of control.
The problem with banking isn't rooting itself as an attack vector, but the insecurity and laxk of reliability guarantees of rooted phones so that banks rightfully don't want any liability when something goes wrong with their apps.
which is idiotic as you can have things like locked through adb root that only grants you root if you use adb to connect and you need to approve the request to connect on the phone first. This has nothing to do with guarantees but is just a security theater to sound like they are doing something
2 replies →
> The only reason one would unlock a bootloader is to root the system partition. It is impossible to protect data on rooted phones and makes data exfiltration attacks significantly easier to do.
What are you smoking?
The only reason I've ever unlocked a bootloader has been to replace the OS with a different one. And it had nothing to do with rooting. I have no interest in having a rooted phone on my person at all times. But I have full interest in having GrapheneOS protecting me, among many other things, from opportunistic government spying.
Yeah, I immediately cleared application data and uninstalled it, once I discovered my bank, of all organizations, was relying on Android to silo a token that grants access to my bank account with nothing else but a 4-digit PIN.
I had submitted a vulnerability report, because the option to require a password could be turned off without a password, and their response was that it works as expected, because they only require a PIN and providing a password is optional. That isn't to say that I have the option to make my account require passwords, it's that providing a password isn't needed, but I have the option of providing one anyway.
With only the PIN requirement, and four attempts before a lockout, a security vulnerability in the OS immediately becomes a 1 in 250 chance they'll have full access to may bank account, if I have a truly random PIN, or a 1 in 5 chance, if I have one of the four most common PINs and it always tries those. All that without having to wait to capture me logging in.
Also, Google explicitly states that the phones storage should not be used for sensitive data.
> It is impossible to protect data on rooted phones
What makes securing rooted phones different from securing rooted PCs?
Phones are portable, and thus more likely to suffer from a physical attack. But that's about it.
It is, and always was a flimsy excuse to the strip user of control over his own device.
"Secure Boot" isn't actually there to protect the device from an attacker. It's there to "protect" the device from its own user. It's used to "secure" DRM schemes and App Store revenue streams.
>"Secure Boot" isn't actually there to protect the device from an attacker. It's there to "protect" the device from its own user. It's used to "secure" DRM schemes and App Store revenue streams.
1. Basically all the serious DRMs (eg. widevine L1) rely on the content being encrypted all the way to the display itself. The OS, secure boot or not, never sees the content in cleartext, because decryption happens in a secure enclave and is immediately encrypted to the display using HDCP.
2. The "app store revenue stream" excuse doesn't really make sense, because you can easily install third party apps on Android, even though nearly all phones have locked bootloaders.
1 reply →
This is exactly what it is. Google only implemented playintegrity api to please banks and governments. This is all to lock out users and secure revenue and spying agencies.
I don’t get this too. Laptops are just as portable but don’t have this limitation (yet). This argument that it’s to protect banking and music apps is silly, those products work fine on pcs while maintaining security.
> those products work fine on pcs
In the EU, banking apps no longer do. They require a trusted companion device for 2FA, e.g. a smartphone app or a dedicated chip-and-pin device. This is enforced by the PSD2 directive [1], which has been in effect since 2019.
In contrast to that, you’re always allowed to do banking on an iOS/Android banking app. Banks seem to trust the integrity of the OS enough that they allow the app to be its own second factor.
[1]: https://en.wikipedia.org/wiki/Payment_Services_Directive
To clarify, that line was implying something that makes a big impact:
It matters a lot to distributors why like to trick copyright holders into thinking that DRM is effect, which could only be the case if it works 100% of the time on 100% of the users, which it generally doesn't.
In other words, security against the user.
Magic rock complicated. Grog say Grug too dumb to do magic rock right, so only Grog have secret magic rock key.
Grug pay Grog many shiny rock for make magic rock work, or Grog use key and magic rock stop working.
???
What?
1 reply →
Nothing. They just perceive the users as more stupid and incapable of handling their personal property properly.
The scariest part is, they might actually be.
If PCs were newly invented today, they may well have been locked down from the start. You already seeing the big names, Apple and Microsoft, with MacOS and Windows, respectively, inching along in that direction.
> The only reason one would unlock a bootloader is to root the system partition.
This couldn't be more wrong. You need to unlock the bootloader if you want to install an alternative OS. Which is a completely valid use-case.
> music apps
It is so silly though. Someone who knows how to root a phone can probably also figure out how to download songs from Spotify (librespot wink wink.)
I'm not sure if this is true, or for how long it has been true. I rooted my company phone (Samsung Galaxy S4), removed the crapware, and un-rooted it so that it could join the corporate network. This was a long time ago.
Rooting certainly blows the Vault eFuse. Knox Vault, etc. are newer than the S4 (Knox Vault was introduced in the S21).
For removing bloatware from the user partition you don't need to root, adb or the universal android debloater will do.
Banking app do not need to protect data, they are just websites really.
My S24 Ultra is unlocked and rooted and I use DeX every day.