← Back to context

Comment by palata

19 hours ago

> [I want root,] The fact that I own my device is non-negotiable.

I read that a lot, and I agree that I want to own my device. But that does not mean that I should have root access on the OS I choose to install on it.

Owning my device means that I should be able to install whatever OS I want. It does not mean at all that OS developers must do whatever I tell you to do.

6 comments

palata

Reply
kevincox  18 hours ago

Yes, that is why it is a deal breaker. I'll choose to run a different OS. I didn't say that GrapheneOS must support root. Just that I won't run it if they don't.

  • palata  17 hours ago

    And I'm fine with you wanting root on the device you own. But you were implying that not having root means that you don't own your device. I disagree with that. You can totally own your device and not be root.

    I think it is important, because I read a lot of comments that imply that "owning their device" means "owning the developers". And that's a wrong fight.

    The real fight is that it should be illegal to prevent me from installing my preferred OS on a general-purpose computer.

    • kevincox  17 hours ago

      Fair enough. Owning means having a choice. The unlockable bootloader enables that. But for me the choice of OS will be one that lets me access all files on the device should I need to.

  • galangalalgol  18 hours ago

    What should that support look like? Maybe have a userdebug build already built and available? I don't include a root account on hardened container images for some of the same reasons they cite. So including it for everyone and creating a way to activate it is suboptimal for people who don't want that trade off. A parallel build pipeline seems the most reasonable to me?

    • kevincox  17 hours ago

      Yeah, I would be fine with a different build stream. I do think it could be sufficiently secure in a single stream but it will always be increased attack surface so the safest option is to do separate builds.

      I also don't include a root account in my container images, but you probably have a root account on the sever that runs them in case you need to debug something. But you can probably also build and deploy a new container. At the end of the day you almost always want some last-resort way to access the data stored in case something goes very wrong. Whether that is for backups, "hostile" data export or for other reasons it is important to me.

      1 reply →