• @markstos
    link
    168 months ago

    Rooted mobile devices are a reasonable signal they been have hacked and security features might be disabled or work as expected.

    It just banks, a lot of corporate security polices don’t allow rooted devices, as they could bypass mobile device management policies for devices owned by the company.

    With laptops it’s a different story. Whether users have Mac, Linux or Windows, there’s a reasonable chance they have admin access too, so checking for root access is not such a useful signal there.

    • Katlah
      link
      fedilink
      English
      328 months ago

      Rooted mobile devices are a reasonable signal they been have hacked and security features might be disabled or work as expected.

      Rooted mobile devices are a reasonable signal that someone wants to actually own what they buy, and corporations want to make sure as few people think that as possible.

      • @[email protected]
        link
        fedilink
        English
        38 months ago

        Windows/Macos/Linux are designed around the fact that the person managing the device has root access, Android and iOS are designed around noone having root access.

        Sure it’s fine to mess around with rooted phone and look what’s inside, but essentially for your daily operations having rooted phone is unnecessary security risk.

        • Katlah
          link
          fedilink
          English
          158 months ago

          Android and iOS are designed around noone having root access.

          Yes and I consider that to mean I don’t own the device. And there are plenty of Android forks specifically designed around you having root access.

          • @dumpsterlid
            link
            English
            12
            edit-2
            8 months ago

            The important question is why smartphones are designed around not having root access and computers are?

            What are the incentives at play?

            The answer is obvious, tech companies wouldn’t have given users access to root control on their computers either if they knew what they were doing and thought they could have gotten away with it.

            It is just circular logic claiming smartphones have to be this way, circular logic that provides a rhetorical smokescreen for the process of corporations taking our agency away from us over our lives and the tools that sustain us.

          • @[email protected]
            link
            fedilink
            English
            -18 months ago

            You’re free to install another operating system or variation on Android on your phone still. And if you decided to go with another Android such as Graphene, you’d still not want to root it because it’s a security risk.

          • @chonglibloodsport
            link
            -3
            edit-2
            8 months ago

            The issue is that you don’t want to give some random untrusted process root access. You, the user, have root access as long as you’re capable of running processes as root, but that doesn’t mean you should.

            There could be tons of apps on the iOS App Store or Google Play Store that are completely benign under the existing security model but do nefarious things when run as root. No one knows that for sure because they aren’t tested under root by Apple or Google.

            The problem with root is that it’s giving the process the keys to the Ferrari. That’s long since been decided to be a bad security model. Far better to have the process request permission to access particular resources and you grant them on a case by case basis.

            • kick_out_the_jams
              link
              fedilink
              11
              edit-2
              8 months ago

              The issue is that you don’t want to give some random untrusted process root access.

              It’s been awhile since I’ve used anything but Magisk but usually you have to set root permissions per app, or you can get Magisk notification to request access.

            • @[email protected]
              link
              fedilink
              68 months ago

              I just want to point out, that what you are saying sounds good in an ideal world. But the realitiy looks different. (I actually typed out some points, but then I remembered that I don’t want to engage in yet another lengthy internet-debate, that ultimately comes down to personal preferences and philosophy)

              • @[email protected]
                link
                fedilink
                28 months ago

                Ah but I love reading these specific philosophical discussions on tech, I don’t blame you though

        • 520
          link
          fedilink
          58 months ago

          There’s also the fact that on Win/Mac/Linux, you’re interacting with the bank via a browser and not a bespoke app.

    • @[email protected]
      link
      fedilink
      48 months ago

      So just warn the user that it’s their own responsibility and all claims are waived, instead of just saying “no” ?

      • @markstos
        link
        18 months ago

        There is parallel with masking. The bank values the safety of the whole rather than the freedom to root for an individual. You stand to lose only your own bank balance. The bank stands to lose the funds of every rooted phone that contains a banking app exploit targeting them.

        • @[email protected]
          link
          fedilink
          28 months ago

          I mean, they get that anyway with malware and security exploits. Except that rooted phones usually have a root manager, which asks for permission if an app wants to do more. And i don’t think the root user listening into the app/their own account should be a problem; because in this case the problem is with the banks’ security practice.

          Well, at least my bank doesn’t care about root or safety net.