194
this post was submitted on 03 Oct 2024
194 points (97.5% liked)
DeGoogle Yourself
8829 readers
6 users here now
A community for those that would like to get away from Google.
Here you may post anything related to DeGoogling, why we should do it or good software alternatives!
Rules
-
Be respectful even in disagreement
-
No advertising unless it is very relevent and justified. Do not do this excessively.
-
No low value posts / memes. We or you need to learn, or discuss something.
Related communities
!privacyguides@lemmy.one !privacy@lemmy.ml !privatelife@lemmy.ml !linuxphones@lemmy.ml !fossdroid@social.fossware.space !fdroid@lemmy.ml
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Please read the many write-ups by developers of well regarded privacy and security ROMs, such as grapheneOS and divestOS.
Who detail in great length why root access is a bad idea, and why many apps that require root access, are just poorly developed security nightmares.
That said, I agree that it should be an option, or at least a standardized means of enabling it. As well as all bootloaders should be unlockable. But phones are more personal devices than the PC ever was, and there are good reasons NOT to push for the proliferation of standardized root access.
These writeups never managed to to convince me me that I should not be able to modify any file on my device. If the system is not able to grant this access to me, and me only, while doing it securely, than it's bad operating system, designed without my interests first on mind. I am absolutely sure that granting so-called "root access" can be done securely, as decades of almost-every-other-OS have shown.
I have GrapheneOS and I know having root is not ideal and I was wondering about https://shizuku.rikka.app/ It looks like a more elegant way to have for some apps higher privileges while preserving security but I'm not sure about it so I'm thinking out loud
I will admit that I also use Shizuku, but I only enable it for short bursts when I need access for a very select number of precise use cases. Immediately afterwards, I reboot.
I also assume that if I spent any amount of time digging into it, I would realize it's a bad idea, but nothing's perfect.
And don't assume that all apps allowing Shizuku access were developed securely, or that there all developers have good intentions. Really I only use it for Swift, or if I'm really behind on my updates, I'll briefly allow Droidify access for hands off updating.
Is rebooting disables Shizuku?
How do you do these short bursts? Through adb?
And still Shizuku seems like a better idea than rooting the smartphone.
Yes. It is the principle, everyone should be informed of the security risks, but not stripped of the root privileges they keep for themselves.