Not sure why their app would do such a thing...
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
teegraves58 said:
Not sure why their app would do such a thing... View attachment 5501785
Click to expand...
Click to collapse
Because the app might refuse to work, or work in a gimped way if you're rooted, or some other secret reason. I'd hide root from Verizon's apps.
I would definitely not be letting anything Verizon have root access
teegraves58 said:
Not sure why their app would do such a thing... View attachment 5501785
Click to expand...
Click to collapse
Your attachment doesn't work (at least not for me)
->
Besides that, Verizon is known to cause issues to root users. I don't know of any Verizon apps actually wanting/utilizing (magisk) root access. It's probably a mechanism to detect root and then make your day sour.
Best just, as @roirraW "edor" ehT suggested, hide all the "sensitive" apps with Magisk (Zygisk -> Denylist).
roirraW edor ehT said:
Because the app might refuse to work, or work in a gimped way if you're rooted, or some other secret reason. I'd hide root from Verizon's apps.
Click to expand...
Click to collapse
Interesting. My phone is unlocked straight from Google. I simply have the app to pay the bill. I denied access because they can F off lol.
roirraW edor ehT said:
Because the app might refuse to work, or work in a gimped way if you're rooted, or some other secret reason. I'd hide root from Verizon's apps.
Click to expand...
Click to collapse
I have two bank apps and one from work that can tell I'm rooted without requesting root though. But also I use a Korean search engine that also requests root, but isn't gimped at all when I ran it in a sandbox to see what exactly it was trying to accomplish. I wasn't going to log into it or do any purchasing so I'm not sure what it wanted but I think there are sneakier ways to "catch" rooted users.
Also what could Verizon really do to you if they knew you were rooted.
teegraves58 said:
Interesting. My phone is unlocked straight from Google. I simply have the app to pay the bill. I denied access because they can F off lol.
Click to expand...
Click to collapse
I honestly think it's a way to farm more information.
pcriz said:
I have two bank apps and one from work that can tell I'm rooted without requesting root though. But also I use a Korean search engine that also requests root, but isn't gimped at all when I ran it in a sandbox to see what exactly it was trying to accomplish. I wasn't going to log into it or do any purchasing so I'm not sure what it wanted but I think there are sneakier ways to "catch" rooted users.
Also what could Verizon really do to if they knew you were rooted.
Click to expand...
Click to collapse
I agree, there are sneakier ways, but some apps don't bother trying to be sneaky. Merely just trying to get root access with su is the easiest, low-effort, no development needed way to try.
Some apps just check if your bootloader is unlocked, and then don't work if it is. As far as I know, there's no way to hide that.
I also had the thought like @prciz said that it could be just gathering information.
The literal answer for any app, if you actually granted root access is they could do absolutely anything since that's what root does.
But realistically, if the Verizon app knew you were rooted, they could just keep the app from working, or disable some of its features. It's up to the app developer.
roirraW edor ehT said:
I agree, there are sneakier ways, but some apps don't bother trying to be sneaky. Merely just trying to get root access with su is the easiest, low-effort, no development needed way to try.
Some apps just check if your bootloader is unlocked, and then don't work if it is. As far as I know, there's no way to hide that.
I also had the thought like @prciz said that it could be just gathering information.
The literal answer for any app, if you actually granted root access is they could do absolutely anything since that's what root does.
But realistically, if there Verizon app knew you were rooted, they could just keep the app from working, or disable some of its features. It's up to the app developer.
Click to expand...
Click to collapse
So the bootloader check is seperate from the safety net check?
pcriz said:
So the bootloader check is seperate from the safety net check?
Click to expand...
Click to collapse
I believe so, yes. I've been wrong before, though.
roirraW edor ehT said:
I believe so, yes. I've been wrong before, though.
Click to expand...
Click to collapse
Yeah I wasn't sure. I've been on a locked down Sammy so long that there is definitely a learning curve when it comes back to rooting
pcriz said:
So the bootloader check is seperate from the safety net check?
Click to expand...
Click to collapse
roirraW edor ehT said:
I believe so, yes. I've been wrong before, though.
Click to expand...
Click to collapse
You can't pass Safetynet with an unlocked bootloader unless it is hidden.
Basic integrity will fail.
If root is not hidden, CTS profile will also fail.
The best way to hide both is with Universal Safetynet fix installed as a magisk module
shoey63 said:
You can't pass Safetynet with an unlocked bootloader unless it is hidden.
Basic integrity will fail.
If root is not hidden, CTS profile will also fail.
The best way to hide both is with Universal Safetynet fix installed as a magisk module
Click to expand...
Click to collapse
That is incorrect regarding unlocked bootloader.
So you can pass without hiding your unlocked bootloader?
bobby janow said:
That is incorrect regarding unlocked bootloader.
Click to expand...
Click to collapse
I dunno if it's this app or me but I keep somehow not quoting anything. Please see my previous
pcriz said:
So you can pass without hiding your unlocked bootloader?
Click to expand...
Click to collapse
Yes I can. There is no way I know of to hide a locked bootloader either.
roirraW edor ehT said:
Because the app might refuse to work, or work in a gimped way if you're rooted, or some other secret reason. I'd hide root from Verizon's apps.
Click to expand...
Click to collapse
There is an app (system - show all) called My Verizon Services that allows them to see everything you have ever done on your phone. From installing apps, to when you last rebooted, last wiped the device and which OS and root apps you're running. Their app depends on that service to run. So personally if you are creeped out, and you should be, delete the app, freeze the service or adb uninstall it. I actually uninstall all 4 below but it's the mips one that is the culprit. If it's disabled and you need support they will see that it's not installed immediately and ask you to approve a text request to view your device in its entirety. If you are rooted you can delete the auto install somewhere is system/apps maybe? Not sure where it is but I'm not rooted so I check this regularly because they have a way of reinstalling on their own either on a monthly system update or something else.
adb shell
$ pm list package | grep 'verizon'
package:com.verizon.mips.services
package:com.verizon.obdm_permissions
package:com.verizon.obdm
package:com.verizon.llkagent
(device):/ $ pm uninstall -k --user 0 com.verizon.mips.services
roirraW edor ehT said:
The literal answer for any app, if you actually granted root access is they could do absolutely anything since that's what root does.
But realistically, if there Verizon app knew you were rooted, they could just keep the app from working, or disable some of its features. It's up to the app developer.
Click to expand...
Click to collapse
I would like to emphasize on this point, since not everyone is fully aware of it.
If you grant an app full root permissions, chances are that this app can now access your personal data - bank details, app passwords, two factor auth, incoming sms... the list goes on and on and on. Now there are many companies out there, especially Google and Apple, that like to claim to teh world that rooting is potentially evil and dangerous, which is not entirely wrong. Rooting comes with danger. The danger of knowing your ****.
Yes, you might do a mistake and pay dearly. But then again, people are also entrusted with driving a car - and that one can also end up in a disaster, if people don't pay attention. People are also entrusted with a lock and key, and that they properly close their door once they leave. If you take that and "transform" it to the rooting topic, that becomes quite similar. Rooting comes with great possibility, but it's easy to make a mistake.
Now Verizon has, as far as I as a European can tell from afar, a terrible reputation, especially considering root. Whatever the reason is for them trying to get root access, and even if it's done by mistake or just to confirm whether or not you have root (to block stuff, probably), it's best to just hide/block that. I wouldn't count Verizon as a "trustworthy" SU access party.
Morgrain said:
people are also entrusted with driving a car - and that one can also end up in a disaster
Click to expand...
Click to collapse
Are they though? Because its starting to get to the point where there's proximity detectors and automatic braking, partial and full self driving cars, that I'm expecting eventually that people will be DENIED permission to drive for themselves.
Humanity is losing.
Morgrain said:
I would like to emphasize on this point, since not everyone is fully aware of it.
If you grant an app full root permissions, chances are that this app can now access your personal data - bank details, app passwords, two factor auth, incoming sms... the list goes on and on and on. Now there are many companies out there, especially Google and Apple, that like to claim to teh world that rooting is potentially evil and dangerous, which is not entirely wrong. Rooting comes with danger. The danger of knowing your ****.
Yes, you might do a mistake and pay dearly. But then again, people are also entrusted with driving a car - and that one can also end up in a disaster, if people don't pay attention. People are also entrusted with a lock and key, and that they properly close their door once they leave. If you take that and "transform" it to the rooting topic, that becomes quite similar. Rooting comes with great possibility, but it's easy to make a mistake.
Now Verizon has, as far as I as a European can tell from afar, a terrible reputation, especially considering root. Whatever the reason is for them trying to get root access, and even if it's done by mistake or just to confirm whether or not you have root (to block stuff, probably), it's best to just hide/block that. I wouldn't count Verizon as a "trustworthy" SU access party.
Click to expand...
Click to collapse
I feel like you need more than root access my bank details for instance. It doesn't hurt but at the same time when you consider the part of security that requires something you have, something you know, something you are. A savvy person shouldn't keep all those parts in one place. Hell no one should because then root isn't your biggest compromise.
And root or not you should scrutinize every app because a rooted user being asked for root is one thing. An app or exploit finding ways to elevate privileges is even more dangerous because you don't know it's happening
Related
to start yes i used the search bar, for a while. and quite frankly it didn't help one bit
im just curious as to how it works so i could try to figure it out on my own evo as im very impatient to find a way to root my 2.2 phone.
I don't know what makes you think you'll find one before the experts but a root is an exploit in the software that allows flashing custom recovery, SU and the engineering HBOOT
063_XOBX said:
I don't know what makes you think you'll find one before the experts but a root is an exploit in the software that allows flashing custom recovery, SU and the engineering HBOOT
Click to expand...
Click to collapse
just because someones an expert doesnt make them perfect...
but i work in the satellite industry and commonly do things similar to rooting a phone and am willing to try my hand at doing it on my phone
063_XOBX said:
I don't know what makes you think you'll find one before the experts but a root is an exploit in the software that allows flashing custom recovery, SU and the engineering HBOOT
Click to expand...
Click to collapse
Actually your wrong. We use magical beans to empower the very essence of one self, thus making root possible. Ok back to reality its not something you can learn over night trust me. I have been working on some solutions got real close just to get thrown further back. Patience is key to anything in life.
Basically, root is like being the "master administrator" of the file system on your phone. Without root, the phone just recognizes you as an ordinary user and will only give you the ability to read and write to certain parts of the system. Once you find a way for the system to recognize you as "root", you then have access to everything. You can read and write and do almost whatever you want. This could be pretty dangerous if you don't know what you're doing, but that's why we have the SU app to control what is getting full access and what isn't. If you haven't already had experience with a Linux OS to know this, your chances of finding an exploit to root 2.2 are pretty much .00485% .
Root is akin to the networking term "full administrator access". The Android filing system is setup with permission requirements for accessing certain areas. Root means you have been granted read/write access instead of just read-only.
I believe root is also a Linux term denoting the lowest directory on any particular storage device. By rooting, you gain read/write access to this area of your phone's sdcard and the internal storage.
Sent from my PC36100 using XDA App
Roots are constantly growing and digging into the soil for more nutrients and water to feed on. Roots use time and pressure to find water. The penetration may start as an almost microscopic root end, but over time the root grows thicker and pushes its way in deeper, growing more tendrils along the way.
garyfunk said:
Roots are constantly growing and digging into the soil for more nutrients and water to feed on. Roots use time and pressure to find water. The penetration may start as an almost microscopic root end, but over time the root grows thicker and pushes its way in deeper, growing more tendrils along the way.
Click to expand...
Click to collapse
---Like---
I've seen some replies as to what what is, but not how you get there. To answer the OP, to get to root, you have to be able to find an exploit in the software that allows you to flash recovery. Once you're able to flash recovery, that can be used to flash su permissions bootloaders, roms, etc. The last exploit was found in how the phone uses flash, and some root methods had you actually opening the browser and going to any site that was running something in flash - this would open the loophole and allow access to things that are normally blocked.
This loophole/exploit has been plugged with 2.2, so now a whole new rood method has to be discovered.
thank you pikkon and fachadick you two have been the most helpful in this.
but also so what your saying is theres no ##xxxxxx# code i could put in to find the administration change menu or anything like that?
If you really want to learn, get some books on Linux and read everything about root access and how to hack the root user.
Sent from my PC36100 using XDA App
envoykrawkwarrior7 said:
thank you pikkon and fachadick you two have been the most helpful in this.
but also so what your saying is theres no ##xxxxxx# code i could put in to find the administration change menu or anything like that?
Click to expand...
Click to collapse
Supposedly there is some sort of code to get access, but its supposed to be impossible to crack. Wiser men than I have discussed the possibility of using brute force attacks to crack the code, but those ideas were discounted when the numbers were crunched and it was determined that it would take a ridiculously long time, using state of the art equipment. As I understand it, the only way to get a crack at the code is if the key is leaked, and it was agreed that the odds of that happening are pretty much nil.
Your best bet if you're serious, is probably to pick up some books on the subject, like the other post mentioned. Try and see if anything in your day-to-day can be transferred over to solving the problem. The way I see it, the more people working on it, the better.
Sent from my blah blah blah blah
I can see 100,000 Iphones Evos working together to crack the SU password. SETI @ Evo team maybe?
fachadick said:
Supposedly there is some sort of code to get access, but its supposed to be impossible to crack.
Click to expand...
Click to collapse
It is the root password. Find out the password and you are in.
weidnerj said:
I can see 100,000 Iphones Evos working together to crack the SU password. SETI @ Evo team maybe?
Click to expand...
Click to collapse
LOVE IT! +1!
Sent from my blah blah blah blah
No offense... but if you don't even know what "root" is, and aren't familiar with the Unix-based software platform, and think you can just fiddle with something in a hidden menu on your phone, you have absolutely no chance at discovering a root method. Zero. It'd be nice if it could work that way though...
Obtaining root is essentially hacking into your own phone. In order to do that, you have to know what potential vulnerabilities there are in the software running on the phone, and how to exploit them to give you precisely what you want. It's a lot of trial and error, reverse engineering, and sometimes, just plain educated guessing backed by experience.
Also, this comment baffles me:
but i work in the satellite industry and commonly do things similar to rooting a phone and am willing to try my hand at doing it on my phone
Click to expand...
Click to collapse
You claim you do things similiar to rooting a phone because you work in the satellite industry, but you don't even know what rooting involoves?? I admire your confidence, but I wish it was more well-placed...
sohr said:
You claim you do things similiar to rooting a phone because you work in the satellite industry, but you don't even know what rooting involoves?? I admire your confidence, but I wish it was more well-placed...
Click to expand...
Click to collapse
well the difference im working on already administrator devices running through a root menu commonly, and to me, technology is technology, no matter how different the usage or device its still just a chip computing algorithms the way it was set up by someone else, which means that anyone else can change what someone else did.
Is there a possibility that Amazon might remove the ability to side load apps with future firmware auto update, if you are not rooted?
Thank you
Sure there is. There's a possibility they could do all sorts of bone-headed things to it.
wellersl said:
Sure there is. There's a possibility they could do all sorts of bone-headed things to it.
Click to expand...
Click to collapse
But of course they never would. Because then people wouldn't be able to test their apps on it. No people testing apps == no one releasing apps.
the probably couldn;t remove the Install from Unknown Sources since it;s part of the OS. But they could try to hide it. They could try to hide file managers like ES File manager from their app store as well. It;s more truble than it;s worth. But as long as you can use ADB to push and install apps to your device we will be fine.
I think the biggest thing we need is to unlock the bootloader because that will allow you to install a custom recovery like TWRP or CWM if you want full command and control of the unit.
rbox said:
But of course they never would.
Click to expand...
Click to collapse
But of course!
In your esteemed opinion, did they deliberately cause the eFuse/locked bootloader fiasco? IOW - Was that a conscious move on Amazon's part?
---------- Post added at 10:49 AM ---------- Previous post was at 10:45 AM ----------
tekweezle said:
They could try to hide file managers like ES File manager from their app store as well.
Click to expand...
Click to collapse
They don't need to hide it. They've determined that it's not compatible.
Strange to me how the Amazon app store is so void of apps that *are* compatible with my Fire TV. :silly:
tekweezle said:
the probably couldn;t remove the Install from Unknown Sources since it;s part of the OS. But they could try to hide it. They could try to hide file managers like ES File manager from their app store as well. It;s more truble than it;s worth. But as long as you can use ADB to push and install apps to your device we will be fine.
I think the biggest thing we need is to unlock the bootloader because that will allow you to install a custom recovery like TWRP or CWM if you want full command and control of the unit.
Click to expand...
Click to collapse
They can do whatever they want. They have all of the source code.
wellersl said:
But of course!
In your esteemed opinion, did they deliberately cause the eFuse/locked bootloader fiasco? IOW - Was that a conscious move on Amazon's part?
Click to expand...
Click to collapse
Very much so. They went out of their way to write a program that blew the fuse.
rbox said:
Very much so. They went out of their way to write a program that blew the fuse.
Click to expand...
Click to collapse
Now see, IMO, if I fell victim to that, I'd have them in small claims court in a heartbeat. That's just plain bone-headed consumer product management. That is... if I could prove it.
Note to Amazon: How about a *special* Fire TV with *Special Offers"?
wellersl said:
Now see, IMO, if I fell victim to that, I'd have them in small claims court in a heartbeat. That's just plain bone-headed consumer product management. That is... if I could prove it.
Note to Amazon: How about a *special* Fire TV with *Special Offers"?
Click to expand...
Click to collapse
It's common practice. All the manufacturers do it. What would you sue them for? Protecting their product? They are patching vulnerabilities.
rbox said:
It's common practice. All the manufacturers do it. What would you sue them for? Protecting their product? They are patching vulnerabilities.
Click to expand...
Click to collapse
Well... it just occurred to me. They aren't actually disabling the device, are they? I keep seeing the term "brick." If, in fact, they're bricking these devices, wrong. There's absolutely nothing that came with or on my Fire TV that says I can't root it.
Else, in terms of vulnerability, I could see them locking me out of AVOD. But they should have any say over my access to Netflix.
wellersl said:
Well... it just occurred to me. They aren't actually disabling the device, are they? I keep seeing the term "brick." If, in fact, they're bricking these devices, wrong. There's absolutely nothing that came with or on my Fire TV that says I can't root it.
Else, in terms of vulnerability, I could see them locking me out of AVOD. But they should have any say over my access to Netflix.
Click to expand...
Click to collapse
All the efuse does is prevent you from booting an old bootloader. As long as you aren't doing the things we are doing, it's harmless. But if you try to go out of your way to screw around with the software and use an old bootloader, then it will be bricked because the old bootloader will not work with the fuse blown, and it doesn't boot. It has nothing to do with rooting, nor anything to do with avod or netflix...
rbox said:
... use an old bootloader, then it will be bricked because the old bootloader will not work with the fuse blown, and it doesn't boot.
Click to expand...
Click to collapse
Still trying to grasp this...
If you aren't trying to root, why else would you use an old bootloader?
rbox said:
They are patching vulnerabilities.
Click to expand...
Click to collapse
I was only using Netflix as an example. I don't see Amazon bricking their devices to patch a competitor's vulnerabilities. Though that is a strange relationship...
wellersl said:
Still trying to grasp this...
If you aren't trying to root, why else would you use an old bootloader?
I was only using Netflix as an example. I don't see Amazon bricking their devices to patch a competitor's vulnerabilities. Though that is a strange relationship...
Click to expand...
Click to collapse
You use the old bootloader so you can take advantage of the bug in the bootloader and load unsigned code. Custom kernels, custom roms, recovery, etc.
That makes no sense... they patched a vulnerability in the bootloader and then prevent you from using said vulnerable bootloader... It has nothing to do with apps.
rbox said:
You use the old bootloader so you can take advantage of the bug in the bootloader and load unsigned code. Custom kernels, custom roms, recovery, etc.
That makes no sense... they patched a vulnerability in the bootloader and then prevent you from using said vulnerable bootloader... It has nothing to do with apps.
Click to expand...
Click to collapse
Got the first point (I think).
On the second point, Amazon can obviously patch what they perceive as vulnerabilities -unrestricted-. But as soon as they've patched me out of an otherwise legitimate use of the box, they've gone too far. IMHO.
Some years back, I filed a claim against UPS and won. I'm sure they got the paperwork and had no clue what to do with it.
More recently, I filed a claim with the BBB against Roku for the crappy firmware they pushed out on the 2XS. Roku sent me a new 2XS and a new Roku 3. Just to shut me up.
wellersl said:
Got the first point (I think).
On the second point, Amazon can obviously patch what they perceive as vulnerabilities -unrestricted-. But as soon as they've patched me out of an otherwise legitimate use of the box, they've gone too far. IMHO.
Some years back, I filed a claim against UPS and won. I'm sure they got the paperwork and had no clue what to do with it.
More recently, I filed a claim with the BBB against Roku for the crappy firmware they pushed out on the 2XS. Roku sent me a new 2XS and a new Roku 3. Just to shut me up.
Click to expand...
Click to collapse
Bypassing their secure bootchain is not a legitimate use. Exploiting a vulnerability in the kernel to gain root is also not a legitimate use.
rbox said:
Bypassing their secure bootchain is not a legitimate use. Exploiting a vulnerability in the kernel to gain root is also not a legitimate use.
Click to expand...
Click to collapse
Obviously, I'm not getting my point across. But that's ok.
Peace.
rbox said:
But of course they never would. Because then people wouldn't be able to test their apps on it. No people testing apps == no one releasing apps.
Click to expand...
Click to collapse
Hi Rbox,
This make sense thank you for responding but can the developer just be released the app in amazon app store as free and then user would just download from amazon app, unless of course it is really painful process to get an app approved by amazon for a developer than i can understand or why go thru the process again with amazon if the app is already on google play store.
It seems there are quite a few folks out there who chose not to root there device as long as they can side load any apps they want, which is fine but if Amazon goal is to lock down user on there echosystem than allowing folks to side load any apps user wants this would seriously undermine there goal (Amazon app store, AFTV device, the whole amazon echosystem), this is Just my opinion.
Thank you
ashsha7877 said:
Hi Rbox,
This make sense thank you for responding but can the developer just be released the app in amazon app store as free and then user would just download from amazon app, unless of course it is really painful process to get an app approved by amazon for a developer than i can understand or why go thru the process again with amazon if the app is already on google play store.
It seems there are quite a few folks out there who chose not to root there device as long as they can side load any apps they want, which is fine but if Amazon goal is to lock down user on there echosystem than allowing folks to side load any apps user wants this would seriously undermine there goal (Amazon app store, AFTV device, the whole amazon echosystem), this is Just my opinion.
Thank you
Click to expand...
Click to collapse
It has nothing to do with releasing apps. If I make an app for the Fire TV. I'm going to test it on the Fire TV. And the way I do that is using adb install. They can't block that, or else no one would be able to test their apps.
rbox said:
It has nothing to do with releasing apps. If I make an app for the Fire TV. I'm going to test it on the Fire TV. And the way I do that is using adb install. They can't block that, or else no one would be able to test their apps.
Click to expand...
Click to collapse
Ahh, since you put it that way it make more sense. Thank you Sir!
Also it would be a pretty stupid move for Amazon to add "Install from unknown sources" in their latest firmware's if they did not wan't people to install 3'rd party android app's on it. As you do not have to "sideload" with adb anymore, you can just install a webbrowser and browse to a web site (kodi.tv for example) click on a installer .apk and it will immediately install. You can also copy the apk to the sdcard and click on it in a filebrowser and it will install.
Amazon put that option in 1 version ago. So beginning to remove sideloading via. adb and hiding apps seems pretty silly to me.
But ofcause in theory they still have the source and the rights to do what they like..
On the one hand, Amazon doesn't have to provide support for side loaded apps, which saves them money. On the other hand, some side loaded apps allow users to access premium content for free, so Amazon might claim they lose revenue, but those users probably would never have purchased premium content from Amazon in the first place and at least they made some money off the hardware. So I would say that they won't revoke side loading functionality.
Hi developers!
Since the OOS 3.2.2 update, systemless root is now failing to pass googled safetynet checks, meaning Android pay no longer works :/ if I roll back to 3.2.1 then it works fine. I'm using the safetynet helped app from the play store to test this. I wondered if any developers or knowledgeable people would know if this is a change in the rom causing this, or just a SuperSU incompatibility?
OOS 3.2.2 validates with no root. I just flash SuperSU when needed and then unroot when finished. (TWRP as recovery) Some of my banking apps will not work with root installed.
Google made server side change that somehow now detects systemless root around 25th July.
spetrie said:
OOS 3.2.2 validates with no root. I just flash SuperSU when needed and then unroot when finished. (TWRP as recovery) Some of my banking apps will not work with root installed.
Google made server side change that somehow now detects systemless root around 25th July.
Click to expand...
Click to collapse
That might have been why then. Worked momentarily before the 3.2.2 update. Cheers for the info
manor7777 said:
Hi developers!
Since the OOS 3.2.2 update, systemless root is now failing to pass googled safetynet checks, meaning Android pay no longer works :/ if I roll back to 3.2.1 then it works fine. I'm using the safetynet helped app from the play store to test this. I wondered if any developers or knowledgeable people would know if this is a change in the rom causing this, or just a SuperSU incompatibility?
Click to expand...
Click to collapse
It's working for you on 3.2.1.? It stopped working for me on that version just prior to 3.2.2. coming out.
Google made changes sever side to prevent it from working. IT is getting to the point of having to pick. Root or android pay. We all knew this was coming.
Mit Hipster said:
It's working for you on 3.2.1.? It stopped working for me on that version just prior to 3.2.2. coming out.
Click to expand...
Click to collapse
It did momentarily but not for long. might have been a glitch or a slow-rollout on googles part. It's not working now!
zelendel said:
Google made changes sever side to prevent it from working. IT is getting to the point of having to pick. Root or android pay. We all knew this was coming.
Click to expand...
Click to collapse
Yeah we were waiting. Someone on XDA will find a way round at some point i bet, but we all knew it was coming!
manor7777 said:
Yeah we were waiting. Someone on XDA will find a way round at some point i bet, but we all knew it was coming!
Click to expand...
Click to collapse
If it was done server side there will be no work around. Plus with the new security measures in the linux kernel (XDA portal post) Things like this will be even harder if not impossible.
zelendel said:
If it was done server side there will be no work around. Plus with the new security measures in the linux kernel (XDA portal post) Things like this will be even harder if not impossible.
Click to expand...
Click to collapse
That's a fair point. Someone made a workaround before that worked for about 6 months through xposed, but to be honest I have twrp so I can flash what I need anyway, no biggie.
manor7777 said:
That's a fair point. Someone made a workaround before that worked for about 6 months through xposed, but to be honest I have twrp so I can flash what I need anyway, no biggie.
Click to expand...
Click to collapse
Yeah that will be the next thing they start looking for. Agreed doesnt really matter to me either. Mobile payments are banned everywhere I go and since I have to legally carry my ID around I also have my cards so even if it wasnt banned I still wouldnt use it.
zelendel said:
Yeah that will be the next thing they start looking for. Agreed doesnt really matter to me either. Mobile payments are banned everywhere I go and since I have to legally carry my ID around I also have my cards so even if it wasnt banned I still wouldnt use it.
Click to expand...
Click to collapse
That's a shame! Where are you based? Its EVERYWHERE in the UK!
manor7777 said:
That's a shame! Where are you based? Its EVERYWHERE in the UK!
Click to expand...
Click to collapse
I am in the US. It is available in most places just not in my town. After it was proven that it could be intercepted and the fact that stores are making their own alt to the pay apps, they decided to just block them.Even my Credit union has removed the chip from their cards due security concerns.
Like I said even if it was I still wouldnt use it. I am smarter then keeping things like my credit card info stored on a device that is always sending data everywhere. Mainly when you think about the fact that keyboards can record every keystroke.
Also I have to keep my ID on me at all times so it is just faster to take my card out and hand it to the cashier.
zelendel said:
I am in the US. It is available in most places just not in my town. After it was proven that it could be intercepted and the fact that stores are making their own alt to the pay apps, they decided to just block them.Even my Credit union has removed the chip from their cards due security concerns.
Like I said even if it was I still wouldnt use it. I am smarter then keeping things like my credit card info stored on a device that is always sending data everywhere. Mainly when you think about the fact that keyboards can record every keystroke.
Also I have to keep my ID on me at all times so it is just faster to take my card out and hand it to the cashier.
Click to expand...
Click to collapse
It's only stealable (like with card skimming) whilst the screen is on, at least on a phone. I have a card that I transfer money too whenever I use it (its actually my PayPal card) so I don't have too much of a risk there. They have done a few things like that over here in the UK too but I'm still cautious about it. I have a few measures in place to prevent some of that
manor7777 said:
It's only stealable (like with card skimming) whilst the screen is on, at least on a phone. I have a card that I transfer money too whenever I use it (its actually my PayPal card) so I don't have too much of a risk there. They have done a few things like that over here in the UK too but I'm still cautious about it. I have a few measures in place to prevent some of that
Click to expand...
Click to collapse
Thats all it really takes. When checked they found that the majority of the card readers had some sort of extra device installed on it. Like I said it is not a big deal for me as I wouldn't use it if it was available.
I was using systemless root for a while, it passed system checks just fine. But the funs over now, they've patched it. :/
Has anyone tried to see what works with some bloatware disabled & what doesn't work? Personally I would like the iris scanner and samsung pay to be enabled and everything else disabled.
Yeah, it's working for me quite well
XavierAD said:
Yeah, it's working for me quite well
Click to expand...
Click to collapse
Glad to hear it,arguably the best feature available for any Samsung device,short of root/ROMs.
Hopefully it'll still work once Android 7.0 rolls out.
KOLIOSIS said:
Glad to hear it,arguably the best feature available for any Samsung device,short of root/ROMs.
Hopefully it'll still work once Android 7.0 rolls out.
Click to expand...
Click to collapse
It will. They use Knox which is a product of Samsung.
Sent from my XT1528 using XDA Labs
I'm rather confused by this thread. Is the poster asking what will 'break' if you disabled all the bloatware? Or asking something else entirely? Cause you can disable everything that comes on any phone and it'll always work just fine.
And I have no idea what Android 7.0 would have to do with bloatware, or what KNOX would have to do with bloatware...
HikariNoKitsune said:
I'm rather confused by this thread. Is the poster asking what will 'break' if you disabled all the bloatware? Or asking something else entirely? Cause you can disable everything that comes on any phone and it'll always work just fine.
And I have no idea what Android 7.0 would have to do with bloatware, or what KNOX would have to do with bloatware...
Click to expand...
Click to collapse
I can't speak for the O.P.,but,my guess is, as with me, just making sure that it works before purchasing the Note 7,especially for those of us with the Snapdragon powered versions that may have no other way to disable bloat.
JMHO, but, the Q&A regarding functionality of PDP, whatever they may be, are of merit & might as well have a thread addressing the subject.
Most realize you can disable the bloat, but,not everyone, including yours truly, understand exactly how it works & why only on Samsung devices.
The Knox tie-in makes sense to me, even without a full understanding of how it works.
KOLIOSIS said:
I can't speak for the O.P.,but,my guess is, as with me, just making sure that it works before purchasing the Note 7,especially for those of us with the Snapdragon powered versions that may have no other way to disable bloat.
JMHO, but, the Q&A regarding functionality of PDP, whatever they may be, are of merit & might as well have a thread addressing the subject.
Most realize you can disable the bloat, but,not everyone, including yours truly, understand exactly how it works & why only on Samsung devices.
The Knox tie-in makes sense to me, even without a full understanding of how it works.
Click to expand...
Click to collapse
KNOX doesn't make much sense to me, because that's just a security platform. It just makes sure you protected from being 'hacked' per say. As in like, it adds an extra layer of security over your phone so someone can't just pick it up and plug it into a computer to gain access to all of your stuff. Though thats only the very loosest of analogies.
But I have to ask what you exactly mean by the "not everyone understands exactly how it works and why only on Samsung devices". Do you mean as in why disabling works? or something else. Because you can disable the bloatware on any android phone so long as the carrier and manufacturer didn't lock the option out. Which most devices will let you do it now because of the whole 'you'll get sued for forcing users to use a specific thing without giving them a way out' (an example would be microsoft getting sued over the bundling of Internet Explorer and Microsoft Office with the earlier Windows OS's).
What I'm wondering is, based on the title of the thread after thinking about it some, does the OP mean an app that disables/uninstalls bloat? Because I'm sure there are plenty of apps out there that do it. But most I think require Root in order to do it properly and reliably. I use Sprint for my service, and its Sprint ID and such are a pain in the ass, and they can't just be 'disabled' easily even though there is the option to (every time you disable it, Sprint just re-installs it the next time you reboot the phone because it thinks it got uninstalled somehow). But to get it to disable properly on my Note 5, I had to install some random app that I think was called App Quarantine. It looked like a bio-hazard symbol for the icon. I haven't re-installed it since this last wipe I was forced to do, so I can't remember exactly lol. But it was the only one that would let me actually disable the Sprint ID stuff and not have it re-install all the time.
HikariNoKitsune said:
What I'm wondering is, based on the title of the thread after thinking about it some, does the OP mean an app that disables/uninstalls bloat? Because I'm sure there are plenty of apps out there that do it.
Click to expand...
Click to collapse
Yes it's an app in the Google Play Store that has the ability to disable literally anything on Samsung devices,WITHOUT ROOT, so, care must be taken to not get carried away & I recommend only disabling, not deleting, in the event of not being able to take an update otherwise.
Not everything can be disabled natively, so, that explains the appeal of the app.
If you used it, you'd see the tie-in with Knox........
KOLIOSIS said:
Yes it's an app in the Google Play Store that has the ability to disable literally anything on Samsung devices,WITHOUT ROOT, so, care must be taken to not get carried away & I recommend only disabling, not deleting, in the event of not being able to take an update otherwise.
Not everything can be disabled natively, so, that explains the appeal of the app.
If you used it, you'd see the tie-in with Knox........
Click to expand...
Click to collapse
Then that makes alot more sense. I originally just thought they were basically asking if there was an app to disable everything instead of having to do it manually. I've always just manually disabled everything cause its not that hard to do. Just find the troublesome things and hit that disable button lol. But if this can do it all in one quick swoop, then I'm all in =O I'll definitely be looking into it later today when my phone finally arrives...
Sprint screwed up my pre-order, and is sending me the wrong device, so I have to take it into a store to get it exchanged because they refused to cancel my pre-order or change the order at all even though I legitimately ordered the dang thing 2 minutes past midnight on the 3rd. So ontop of that, they also didn't ship the phone when they said they would, AND the put restrictions on my package. I normally have to physically go to a UPS location to pick up my packages cause the dumb driver will never deliver to my house... always states that they can't find my house even though its the ONLY house down the ONLY long driveway... heck you can SEE my house above the trees! But nope, the guy wont deliver. But because of the restrictions, UPS wont let me flag the package as 'hold for pickup' like usual, so I gotta stand at the end of my drive way for hours upon hours just to catch the UPS driver. Then I gotta drive all the way into town to HOPEFULLY exchange the phone for the Black Onyx variant that I was supposed to get...
Anyway, sorry for the ramble o-o; didn't realize it was that long XD
HikariNoKitsune said:
Then that makes alot more sense. I originally just thought they were basically asking if there was an app to disable everything instead of having to do it manually. I've always just manually disabled everything cause its not that hard to do. Just find the troublesome things and hit that disable button lol. But if this can do it all in one quick swoop, then I'm all in =O I'll definitely be looking into it later today when my phone finally arrives...
Click to expand...
Click to collapse
It's a nice tool to have, a powerful one.
Just a friendly piece of advice :
Read up on it before using, check the FAQs on the developers site if need be & go conservative at 1st if you're not familiar with what is safe to disable.
The app gives color-coded guidelines per each app on what is known to be safe to disable. You can go above and beyond that, but, mainly, just disable, do not delete anything & leave the stock keyboard alone.
You might be able to disable the stock launcher, provided you have another one installed, but, I'd leave it alone until you're certain one way or the other........
KOLIOSIS said:
It's a nice tool to have, a powerful one.
Just a friendly piece of advice :
Read up on it before using, check the FAQs on the developers site if need be & go conservative at 1st if you're not familiar with what is safe to disable.
The app gives color-coded guidelines per each app on what is known to be safe to disable. You can go above and beyond that, but, mainly, just disable, do not delete anything & leave the stock keyboard alone.
You might be able to disable the stock launcher, provided you have another one installed, but, I'd leave it alone until you're certain one way or the other........
Click to expand...
Click to collapse
Lol I'd only disable the things I already know I need to disable. Like all the Sprint stuff. I leave the Samsung stuff alone cause I actually use alot of Samsung's things. But as for Sprint's stuff? All of that goes bye bye lol. Now that is assuming it doesn't somehow show things that you normally can't see from the applications manager. In which case then I wouldn't bother, cause I don't see much of a point lol.
there are a few package disabler for Samsung out there, which one the best?
amenlo9 said:
there are a few package disabler for Samsung out there, which one the best?
Click to expand...
Click to collapse
Go with either one,the Pro+ has a hardware lockdown feature,otherwise,there two are identical:
https://play.google.com/store/apps/details?id=com.ospolice.packagedisablerpremium&hl=en
https://play.google.com/store/apps/details?id=com.ospolice.packagedisablerpro&hl=en
I'm guessing Samsung still has a partnership w/Cheetah Mobile,which is one of the main reasons I like having this app,Package Disabler Pro,on-board to ward off the data mining/crapware/etc...
However,I'm not seeing anything in the apps,system or otherwise,that's jumping out & identifying itself as CheetahMobile/CleanMaster/etc.......
I'm guessing it's some/all of the apps identified w/the "Smart" moniker,but,I'm not 100% certain on that.
Anyone have an idea on which,if any,of the apps are actual CheetahMobile bloatware?
Thanks In Advance!
Using EZ Disabler here. Works well, but you gotta be careful using "disable bloat" part as it will turn off many useful things. I just went through and picked what i wanted. Very Easy to use though
Thanks for recommending Package Disabler Pro. I was worried Since not rooted. In past had always used TB . This worked Great!!
Sent from my SM-N930P using Tapatalk
Why would you guys use an app for disabling stuff.
Since we're on xda, enable USB debugging and use pm (package manager) cmd from adb shell.
For instance: adb shell pm hide 'package'
There are other interesting options: list, install, uninstall.
Sent from my HTC One using Tapatalk
millicent said:
Why would you guys use an app for disabling stuff.
Since we're on xda, enable USB debugging and use pm (package manager) cmd from adb shell.
For instance: adb shell pm hide 'package'
There are other interesting options: list, install, uninstall.
Click to expand...
Click to collapse
I see your point, but i would also say there is a ease to the app though. Whatever works best for people. Im just glad there are options.
I have never had so many issues with updating a phone with Magisk before. Today is the 2nd time I lost all my data trying to update. I feel like Magisk isn't worth the hassle anymore. It is frustrating how anti-root google is becoming.
Anyone else share the same opinion?
mkhcb said:
I have never had so many issues with updating a phone with Magisk before. Today is the 2nd time I lost all my data trying to update. I feel like Magisk isn't worth the hassle anymore. It is frustrating how anti-root google is becoming.
Anyone else share the same opinion?
Click to expand...
Click to collapse
Were you running a custom kernel and you tried to update to March? Did you get the phone is corrupt and it wouldn't boot screen? If that ever happens again, you don't have to wipe, Just go on the Android flashing tool uncheck everything flash and you'll be good to go again. At least it's worked for me every time so far.
mac796 said:
Were you running a custom kernel and you tried to update to March? Did you get the phone is corrupt and it wouldn't boot screen? If that ever happens again, you don't have to wipe, Just go on the Android flashing tool uncheck everything flash and you'll be good to go again. At least it's worked for me every time so far.
Click to expand...
Click to collapse
No custom Kernel, it came to a point where the only screen I was given was Android Recovery screen.
mkhcb said:
No custom Kernel, it came to a point where the only screen I was given was Android Recovery screen.
Click to expand...
Click to collapse
I ended up going to stable magisk
mkhcb said:
I have never had so many issues with updating a phone with Magisk before. Today is the 2nd time I lost all my data trying to update. I feel like Magisk isn't worth the hassle anymore. It is frustrating how anti-root google is becoming.
Anyone else share the same opinion?
Click to expand...
Click to collapse
I disagree with you...
Coming from the OnePlus 6T, and previous phones you can't really beat just pulling the boot.img from the factory image, patching it with magisk, then fastboot boot that img then install directly in the magisk app. It's actually that simple. Really is that black and white to be up front about it.
That's how I have been doing it for a while now...and...no problems for me! But this IS JUST ME.
mkhcb said:
I have never had so many issues with updating a phone with Magisk before. Today is the 2nd time I lost all my data trying to update. I feel like Magisk isn't worth the hassle anymore. It is frustrating how anti-root google is becoming.
Anyone else share the same opinion?
Click to expand...
Click to collapse
No. It really comes down to reading instructions and knowing what you're supposed to do when it comes to rooting. I can't tell you how many times I read folks spewing instructions that are out of date or they're patching the wrong files for their device that inevitably cause a problem.
I have not had any issues with root since the P6 came out. I have followed directions exactly as they've been written and I've been fine.
mkhcb said:
I have never had so many issues with updating a phone with Magisk before. Today is the 2nd time I lost all my data trying to update. I feel like Magisk isn't worth the hassle anymore. It is frustrating how anti-root google is becoming.
Anyone else share the same opinion?
Click to expand...
Click to collapse
Did you update magisk and then faced a bootloop?
That was a bug/is a bug introduced with the latest magisk update (monday), Magisk kind of "lost" the ability to handle a certain amount of modules/certain modules. We are all waiting for a fix. The temporary solution was/is to press down Lower Volume rocker when the Google logo appeared when booting, that way you activate safe mode and all Magisk modules get deactivated. Discord says 4 modules are max right now, some say it's "just" certain audio modules that are incompatible.
I wouldn't say it's become a pain but you really need to "do your homework" and make sure to read before attempting stuff. Same old, same old I'd say.
If you're unsure, just ask. There's plenty of people here who are willing to help out.
I was on regular A12 and tried to update from the app. The device rebooted and didn't appear to be rooted (I know that ryhmed) tried to direct install but got an error, can not remember the error.
Then I decided to update to the A13 DP2 beta and used canary magisk , updating via flashtool and fastboot flashing the patched image and voila! Couldn't be happier.
Seems like people have had some issues lately
I don't know about harder, but maybe more haphazard. February update I did the uninstall magisk method and it worked as described. Did it again for March and this time it took me three tries to get the phone to boot and at that point I lost root. Had to download the image from Google, extract boot, patch it and flash it. Not the end of the world but still no idea what happened.
There was some glitchyness at the beginning with the vbmeta nonsense, but that's all sorted out now. The tools available are so simple to use now that its hard to imagine that anyone could have any trouble with it.
FWIW: for privacy/security reasons, I run GrapheneOS. It would normally do its own update procedures, but when you need root (I need for conducting proper backups since the built-in misses a lot), it freaks out with the unmatched boot.img. The update solution then is to download the full "factory" update package, extract the boot.img, patch it with magisk, edit the "flash-all.sh" script to remove the "-w", run the flash-all.sh, then finally fastboot flash the magisk-patched boot.img.
Ghisy said:
I wouldn't say it's become a pain but you really need to "do your homework" and make sure to read before attempting stuff. Same old, same old I'd say.
If you're unsure, just ask. There's plenty of people here who are willing to help out.
Click to expand...
Click to collapse
^^^This 100%
mkhcb said:
I have never had so many issues with updating a phone with Magisk before. Today is the 2nd time I lost all my data trying to update. I feel like Magisk isn't worth the hassle anymore. It is frustrating how anti-root google is becoming.
Anyone else share the same opinion?
Click to expand...
Click to collapse
While there are many ways to skin this cat, I follow the step by step instructions in my sig every update, and haven't had an issue yet.
I will admit that rooting is loosing it's allure for me as it seems cust Rom development on the phones I prefer is waning (remember the day when every device had a dozen cust Roms to choose from). That coupled with I'm no longer the guy who tries to squeeze an extra 30 min of battery life, who over/underclocked cpu's and gpu's to get a 100 pt higher benchmark score.
Root is something I still do because I like having the OPTION of customizing beyond a cust kernel and some "root required" apps, and jumping through a few hoops to make magisk work is worth it IMHO.
Az Biker said:
Root is something I still do because I like having the OPTION of customizing beyond a cust kernel and some "root required" apps, and jumping through a few hoops to make magisk work is worth it IMHO.
Click to expand...
Click to collapse
This 100% as well!!
The stock Google ROM is perfectly fine with some tweaks!
96carboard said:
There was some glitchyness at the beginning with the vbmeta nonsense, but that's all sorted out now. The tools available are so simple to use now that its hard to imagine that anyone could have any trouble with it.
FWIW: for privacy/security reasons, I run GrapheneOS. It would normally do its own update procedures, but when you need root (I need for conducting proper backups since the built-in misses a lot), it freaks out with the unmatched boot.img. The update solution then is to download the full "factory" update package, extract the boot.img, patch it with magisk, edit the "flash-all.sh" script to remove the "-w", run the flash-all.sh, then finally fastboot flash the magisk-patched boot.img.
Click to expand...
Click to collapse
Root renders half of the purpose of grapheneos moot though... It's "security hardened". Hand a rooted "security hardened" android phone to anyone who can watch a YouTube video and has a computer that has a USB port or wifi and they could be dumping your system files in in a matter of minutes.
What sort of privacy do you imagine you gain? Are you under the assumption that Googleplayservices is the only method by which your traffic can be singled out of the background internet swarms? Hopefully you're not replying on it to not be physically tracked. Or worse, trust it to go dark and do dirt with.
I'm asking because because I generally don't understand the motivations of users such as yourself. Using a flagship device, attempting to de-google/brand it, and then openly say it's for X privacy or X security usecase. It's simply not true. To me it's like someone buying a Porsche, throwing Ford stickers on it's and saying it's because they get better traction.
erktheerk said:
Root renders half of the purpose of grapheneos moot though... It's "security hardened". Hand a rooted "security hardened" android phone to anyone who can watch a YouTube video and has a computer that has a USB port or wifi and they could be dumping your system files in in a matter of minutes.
Click to expand...
Click to collapse
Maybe in the hands of an incompetent, but no, you can't just "walk in". Said compromising individual would have to somehow unlock the device in order to authorize the USB debugging session or whatever type of compromise they're attempting.
erktheerk said:
What sort of privacy do you imagine you gain? Are you under the assumption that Googleplayservices is the only method by which your traffic can be singled out of the background internet swarms? Hopefully you're not replying on it to not be physically tracked. Or worse, trust it to go dark and do dirt with.
Click to expand...
Click to collapse
You are mistaking absolute security for mitigating known and easy to close holes. Bad mistake, which will always make you look like a fool.
erktheerk said:
I'm asking because because I generally don't understand the motivations of users such as yourself. Using a flagship device, attempting to de-google/brand it, and then openly say it's for X privacy or X security usecase. It's simply not true. To me it's like someone buying a Porsche, throwing Ford stickers on it's and saying it's because they get better traction.
Click to expand...
Click to collapse
While root control of a device can provide a high degree of access to a system, it only does so in the hands of an incompetent. Every single server running connected with the public internet has a root account. If it was so terrifyingly and absolutely dangerous, it would be pretty obvious. But the reality is that those systems are administered, in large part, by competent system administrators, who know how to safely make use of the increased access without guaranteeing that some hostile entity will walk in and take control.
Conversely, consumer electronics are assumed to be placed in the hands of nitwits who will install applications that promise to deliver jiggling lady parts that are published in hostile countries, and even worse, will hit the "ok" button when a root authorization prompt pops up. Yes, consumers, by and large, are a security DISASTER waiting to happen.
So don't you dare make the claim that root access is a violation of sane security measures. There is nothing wrong with root, as long as it is used responsibly by someone competent to make use of it.
No, you misunderstand me. I've been rooting android since day one. Literally. Rooted by Dream/G1 running Cupcake with telnet on release day in 2008. I have 3 Pixel in front of me right now. One with CalyxOS, and one with Graphene. Those are for a paying customer who values their privacy, and not walking around with a crippled 'hardened device". So no root. The other is by test device I really want to Kali running on at some point.
I'll just let the lead dev/owner of GrapheneOS say the rest, I'm not debating what you want/like, I only elaborated on you want it sounds like to others.
96carboard said:
Maybe in the hands of an incompetent, but no, you can't just "walk in". Said compromising individual would have to somehow unlock the device in order to authorize the USB debugging session or whatever type of compromise they're attempting.
You are mistaking absolute security for mitigating known and easy to close holes. Bad mistake, which will always make you look like a fool.
While root control of a device can provide a high degree of access to a system, it only does so in the hands of an incompetent. Every single server running connected with the public internet has a root account. If it was so terrifyingly and absolutely dangerous, it would be pretty obvious. But the reality is that those systems are administered, in large part, by competent system administrators, who know how to safely make use of the increased access without guaranteeing that some hostile entity will walk in and take control.
Conversely, consumer electronics are assumed to be placed in the hands of nitwits who will install applications that promise to deliver jiggling lady parts that are published in hostile countries, and even worse, will hit the "ok" button when a root authorization prompt pops up. Yes, consumers, by and large, are a security DISASTER waiting to happen.
So don't you dare make the claim that root access is a violation of sane security measures. There is nothing wrong with root, as long as it is used responsibly by someone competent to make use of it.
Click to expand...
Click to collapse
No, you misunderstand me. I've been rooting android since day one. Literally. Rooted by Dream/G1 running Cupcake with telnet on release day in 2008. I have 3 Pixel in front of me right now. One with CalyxOS, and one with Graphene. Those are for a paying customer who values their privacy, and not walking around with a crippled 'hardened device". So no root. The other is by test device I really want to Kali running on at some point.
I'll just let the lead dev/owner of GrapheneOS say the rest, I'm not debating what you want/like, I only elaborated on you want it sounds like to others.
erktheerk said:
No, you misunderstand me. I've been rooting android since day one. Literally. Rooted by Dream/G1 running Cupcake with telnet on release day in 2008. I have 3 Pixel in front of me right now. One with CalyxOS, and one with Graphene. Those are for a paying customer who values their privacy, and not walking around with a crippled 'hardened device". So no root. The other is by test device I really want to Kali running on at some point.
I'll just let the lead dev/owner of GrapheneOS say the rest, I'm not debating what you want/like, I only elaborated on you want it sounds like to others.
Click to expand...
Click to collapse
There's nothing "crippled" about it. Its just AOSP with some hardening.
Yeah briefly looking at that link, their explanations are irrelevant. The bottom line is that they don't want morons who don't know what they're doing modifying the crap out of it, and either (a) having to be supported, or failing that (b) making the project look bad.
Nothing about it makes it "less customizable" than any other AOSP. Magisk/root or anything else installs on it and works just like it does on any other AOSP distribution. It just doesn't have all the broken junk thrown in willy nilly without taking a careful look at the implementation first, i.e., is it actually a *useful* feature, and can it be implemented in a secure manner? As a clear example, take a look at the call recording feature request; https://github.com/GrapheneOS/os-issue-tracker/issues/868 -- clearly a useful feature. The "lineageos" implementation has been brought forward, not as something to pull straight in, but as a point of study and/or somewhere to start building a good implementation -- their implementation is unsatisfactory in terms of security and maintainability.
Rooting this device is so easy compared to attempting to root a z fold 3 or any other recent Samsung flagship