• @[email protected]
    link
    fedilink
    English
    778 months ago

    I always disliked RCS, I kept telling people it’s a walled garden, mainly controlled by Google

      • @ForgotAboutDre
        link
        English
        58 months ago

        Jibe is RCS. They are so dominant all other implementations will have to follow. So far only Google, Samsung and soon Apple can actually implement RCS practically.

        • Chewy
          link
          fedilink
          English
          38 months ago

          Where I live there’s a single ISP which doesn’t use Jibe. RCS is largely Google, and this likely won’t change with iPhones supporting RCS.

    • lemmyvore
      link
      fedilink
      English
      248 months ago

      Even so you’d think they’d want to get as many people as possible on board with RCS to increase adoption, not fewer.

      • @[email protected]
        link
        fedilink
        English
        168 months ago

        Then what they’re doing tells us all we need to know.

        Google wants to control what data they can glean from RCS users.

        • @ForgotAboutDre
          link
          English
          48 months ago

          This is Google’s end game messaging app. They want to replace text messaging and Google hangouts/allo/chat… were never going to cut it.

          Its a chat app that doesn’t look like one. It looks like the default sms app, you don’t need anyone to download or make an account for it. There biggest hurdle was getting iOS users. They’ve now pressed apple into supporting it as well. They even have Apple state Google will help with their installation. We know Google pay apple billions every year to keep Google search the default on iOS, it even binds Apple to publicly and in court support the arrangements. I wouldn’t be surprised if Google has paid billions just for RCS on iPhone. It will keep their marketing monopoly in place for a long time.

    • @Dehydrated
      link
      English
      16
      edit-2
      8 months ago

      I agree. You’re much better off just using Signal. It’s not federated/decentralized, but all client apps, the protocol and the server code are completely open source and anyone can fork the project. It also works on every platform, its encryption protocol is the most secure one out there and it’s been around for over 10 years. They also recently added some cool new privacy features.

      • @[email protected]
        link
        fedilink
        English
        68 months ago

        Ok good. But then there’s the problem of actually convincing people to use Signal. A messaging app is pointless if nobody else wants to use it.

        • @Dehydrated
          link
          English
          18 months ago

          Sure, but in my experience it’s not that hard to convince people to get on Signal. (Maybe because here in Europe everyone already has like 15 messengers on their phone, so it doesn’t bother anyone to download another one)

          If you use SMS, you can argue that Signal has much better photo and video quality, it can be used from a tablet or a computer and it’s basically just like iMessage but for all platforms.

    • @[email protected]
      link
      fedilink
      English
      28 months ago

      The thing is is that if MNO’s truly cared about running their own RCS network (instead of leaving everything to Apple and Google). It might actually be a more open system. Sure, you can’t self host an MNO, but it’s still a much larger step forward.

    • Kbin_space_program
      link
      fedilink
      -38 months ago

      The weird thing is that so many people are buying into the Google and Apple marketing on SMS being insecure.

      If you’re on an unroooted smartphone running stock OS, nothing you do is secure

      • Bipta
        link
        fedilink
        68 months ago

        Basically everything is more secure than SMS though. Security is a gradient, and never absolutel.

        • Kbin_space_program
          link
          fedilink
          18 months ago

          Yes, but I was never under the impression that SMS was secure, and have never heard anyone say it was secure.

          What it was, was cheap, designed to be free, effective and difficult to monetize.

          Google RCS is proprietary and designed to sell your data as well as deliver targeted ads to you that you cannot block.

    • @[email protected]OP
      link
      fedilink
      English
      788 months ago

      We really need to move away from the idea that a user having control over his/her device is insecure.

      I can use online banking and paypal with windows logged in as administrator or GNU/Linux logged in as root[0], why shouldn’t I be able to use google wallet pay wallet with root?

      [0] yes I know you shouldn’t log in as root, but that doesn’t change that you can do it.

      • Yurgenst
        link
        English
        238 months ago

        “why shouldn’t I be able to use google wallet pay wallet with root?” Because little innocent Google won’t be able to build their advertising profile of you. Can’t have that!

      • @[email protected]
        link
        fedilink
        English
        218 months ago

        No my friend, our overloads have decided that you shouldn’t have control over your desktop either.

        • @x6a61686e
          link
          English
          88 months ago

          Tried installing the most recent WhatsApp update but it’s failing. I think a virus is blocking the update, better try again with secure browsing off…

        • @dejected_warp_core
          link
          English
          68 months ago

          I must be missing something. How would Google be at all liable for restoring funds stolen by software that they themselves didn’t furnish, on a device that’s out of their control?

          • @ForgotAboutDre
            link
            English
            68 months ago

            A judge may not see it that way. They may perceive it as Google failing to provide adequate protections to their users.

            If user installed the app created by Google and did not share any login credentials. It’s easy to claim Google is liable.

            The equivalent would be a bank leaving the back door to their vault open. An intruder going in and removing your funds. Despite following all the banks instructions, the bank has not replaced the funds.

            The banks is responsible for people gaining unauthorised access to your account. Especially when you don’t share your login credentials with anyone (even unknowingly). If they can’t protect against root access attacks then, they shouldn’t permit use of their app on those devices.

            Apps have convenience features, especially related to easy sign in. Their website logins don’t have these features. They require the user to enter passwords, challenge codes, card reader etc. If someone gets access to a password manager, the user is at fault. The bank likely stated you shouldn’t write down or record your password.

            • @JamesFire
              link
              English
              08 months ago

              is now forced to work until they die

              As if that’s not already the case

      • Programmer Belch
        link
        fedilink
        English
        108 months ago

        Does rooting your device make you the root user or just gives you access to superuser utilities?

        In linux systems the root user shouldn’t be used for daily use, you just make an user account with permission to use sudo, doas or su.

        • u/lukmly013 💾 (lemmy.sdf.org)
          link
          fedilink
          English
          148 months ago

          If you root your phone, at least with most tools, you don’t become the root user. Apps that use root access have to request it, and you’ll have to allow it in the root tool you flashed.

          Example pop-up from SuperSU:

          • Programmer Belch
            link
            fedilink
            English
            78 months ago

            So google is lying about rooted devices, they seem as secure as an OEM letting an user sideload apps or google themselves letting malware apps inside their store

          • @[email protected]
            link
            fedilink
            English
            -88 months ago

            Lol. So if you use an exploit to gain SU what makes you think a malicious app can’t do the same? Or better yet, find a new exploit in the SU management software you installed. As soon as you root, you can no longer guarantee root activities are not taking place unbeknownst to you…

            • @michaelmrose
              link
              English
              158 months ago

              if you use an exploit to gain SU what makes you think a malicious app can’t do the same

              They can. 99% of computer security is still not installing malware or being tricked into taking actions that enable your own harm. That said often rooting methods involve physically pressing keys while booting to access the boot loader, ADB, running things with with expansive permissions. Malicious apps install via play store with reasonable permissions will generally have a much harder time breaking out of the sandbox.

              Or better yet, find a new exploit in the SU management software you installed

              Historically “sudo” tools haven’t been the source of many issues whereas a multitude of problems flowed from complex memory unsafe code.

              As soon as you root, you can no longer guarantee root activities are not taking place unbeknownst to you

              You can never guarantee this however if you are careful what you install you will remain safe same as it was before.

            • @[email protected]
              link
              fedilink
              English
              08 months ago

              That goes for unrooted phones as well. The danger with rooting a phone comes from the automated software that is doing the initial rooting. It could install anything in there and the user would be none the wiser. Once it’s rooted and permissions are requested via the superuser app, it’s not any more dangerous than a non-rooted phone, assuming nothing malicious was installed during the rooting process, that is.

              • @[email protected]
                link
                fedilink
                English
                -28 months ago

                Once it’s rooted and permissions are requested via the superuser app

                And you expect this piece of community software (that is often closed source to avoid detection by safetynet) is perfect? Never had any bugs or exploits?

                it’s not any more dangerous than a non-rooted phone

                The SU software itself is an attack vector. One with the ultimate payoff (root access). When you root the device you install a window in what was otherwise a solid wall. It is inherently less secure and I can’t understand how a knowledgeable person would argue otherwise.

                • @michaelmrose
                  link
                  English
                  28 months ago

                  SU software has been a thing for about as long as android about 20 years or about. Has otherwise legitimate su been a source of unattended exploiting?

                  The obvious risk factors are that users shall be tricked into granting inappropriate permissions to otherwise malicious or compromised software that they have deliberately installed. Outside of mobile platforms this is considered an acceptable risk that competent users can consistently successfully manage on their own hardware.

                  In fact if you look at actual users even those with very limited technical know how the primary thing that

                  The secondary risk is that users with no legit source of tools to root

                • @[email protected]
                  link
                  fedilink
                  English
                  0
                  edit-2
                  8 months ago

                  I agree with what you’re saying, but all software is insecure and it should be up to the user what their risk tolerance is. Instead, users’ control of their equipment is whittled down and before long the only choice will be deal with it or don’t play. Pinephone comes to mind as a phone with root access that is somewhat secure, but it also has latent vulnerabilities that could be exploited as its version of sudo is also an attack vector. Everything is a trade off especially in software/tech.

      • BoofStroke
        link
        fedilink
        English
        108 months ago

        I’m not even rooted and gpay keeps breaking on crdroid for me, despite passing safetynet. I’ve given up and just got another credit card that I can use with my garmin watch that works every time without the hassle.

      • @[email protected]
        link
        fedilink
        English
        5
        edit-2
        8 months ago

        how would an unrooted but old, deprecated version of android be any better than an updated custom rom?

        those things baffle me, they just want to take away control dont they?

      • @[email protected]
        link
        fedilink
        English
        -58 months ago

        Yeah, I’m going to get downvoted into oblivion for this…

        I’m sick and tired of reading this same uneducated argument. Your desktop browser and an app on your phone are entirely different paradigms security/development wise.

        Your desktop browser is expected to be insecure. Nobody stores data there besides cookies. Most processing happens somewhere else on a server.

        Apple and Google have changed this stance entirely because they knew apps could be a lot more powerful if they did. The API’s that exist to build apps on your phone are designed around the concept of having a secure, sandboxed environment per app. Apps can run offline and manipulate data quickly because data can be synced down and stored locally. I know it sucks for rooted users, but I don’t blame developers for refusing to support those devices one bit.

        • @Norodix
          link
          English
          28 months ago

          We all get that the design paradigm is “a secure, sandboxed environment per app”. We just know its a retarded design.

    • @[email protected]
      link
      fedilink
      English
      178 months ago

      The standard seems to be complete and utter garbage. It was garbage from the very beginning, which is why I never understood why people were getting so incredibly hyped up about RCS support.

  • @[email protected]
    link
    fedilink
    English
    448 months ago

    Good standard you have there. Good features are proprietary to Google and you can’t use it while rooted.

    Lmao

  • u/lukmly013 💾 (lemmy.sdf.org)
    link
    fedilink
    English
    338 months ago

    Every day I am attracted more and more by PinePhone. At least as a secondary device, at first.

    Perhaps it’s not even close to polished yet with existing distributions, but at least it isn’t made to be shitty.

      • @[email protected]
        link
        fedilink
        English
        228 months ago

        No. I genuinely doubt it ever will… Huge pinephone stan here but I don’t see it happening. And before you make the purchase… Please be sure you know what you’re getting into… I’m so sick and tired of folks popping in the chat rooms asking how to install android. We’re actually dealing with a lot of spam lately due to a clearly butt hurt person…

    • @[email protected]
      link
      fedilink
      English
      58 months ago

      Seems like a decently attractive option. I wish more apps were/had PWA alternatives and I’d be good

    • @[email protected]
      link
      fedilink
      English
      198 months ago

      Good news.

      The more people they keep from using this garbage “standard”, the better.

      It still requires a phone number. It still falls back to SMS, it still fails, a LOT - just see the comments in this thread.

      It’s 20 years too late.

      XMPP was better, in 2010, than RCS is today. I was using XMPP on my phone in 2010, messaging people on computers, seamlessly. Without a phone number. On multiple services using Pidgin.

      No thanks, I don’t want this garbage called RCS.

  • @[email protected]
    link
    fedilink
    English
    108 months ago

    I don’t get the RCS hype. I already have apps for rich messaging and RCS offers nothing for me over those apps. What I do appreciate is SMS, which is posed to be killed-off by RCS. I can rely on SMS even when there is no data signal, can’t say that for RCS. I wish I had a way to permanently disable RCS on my Pixel 6a, instead I have to keep rejecting the ‘upgrade to RCS’ dialog.

    • @[email protected]
      link
      fedilink
      English
      58 months ago

      The hype is because America won’t switch to Internet messaging by default and only wants one app to message with. So SMS is the only primary option for that. Meaning lower resolution media, and a lack of modern features like read receipts and typing indicators.

  • GodlessCommie
    link
    English
    68 months ago

    My husband and I were having an issue yesterday sending an RCS message, they were never getting delivered. They ended up being sent via SMS. It cleared up after an hour or so

  • Southern Wolf
    link
    fedilink
    English
    58 months ago

    I can also confirm it doesn’t work on a de-Googled device, even with something like MicroG (though it may work on GrapheneOS’s sandbox thing).

    • Brad Boimler
      link
      fedilink
      English
      18 months ago

      Nope I had to go back to Google Android on my pixel won’t even activate anymore.

  • Big P
    link
    fedilink
    English
    -61
    edit-2
    8 months ago

    This is shitty, but genuinely I have no idea why people root or run custom ROMs these days. I haven’t found an actual use for it since about 2015

    Edit: plenty have people have given me fair enough reasons now, thanks

    • @[email protected]
      link
      fedilink
      English
      818 months ago
      • Less bloat ware/spy ware - custom ROMs don’t come prepackaged with random shady games from shady companies or random shady social media apps from shady social media companies.

      • Better privacy and security implementations along with DeGoogling - a lot of ROMs offer Gappless ROMs which is really important since Google is way to big and has too much influence on android OEMs and its easily the biggest ad company in the world and constantly refused to respect peoples privacy. e.g GrapheneOS https://grapheneos.org/features and DivestOS https://divestos.org/

      • Long term software support to help against e-waste e.g LineageOS supports so many phones who’s manufacturers have stopped supplying software updates. https://wiki.lineageos.org/devices/

      • Customization e.g Crdroid includes loads of custom settings from a variety of other custom ROMs and OEM ROMs that rarely get implemented by any stock ROMs. https://crdroid.net/

      • Rooting android phones gives users the ability to access system files that they may not have been able to backup if the apps don’t support it. It also allows for a full system backup and restore

      • It also allows users to block ads and unwated connections without using a local VPN e.g adaway

      Enabling Google to dictate what a user can do with their own device by limiting features is a slippery slope and the last thing we want to happen is for Android to end up like iOS with its walled garden approach.

      • @[email protected]
        link
        fedilink
        English
        18
        edit-2
        8 months ago

        The walled garden is something that grows fast everywhere. Users should have the rights over their devices. Maybe its time to get the EU on this train, their last approaches like the GDPR or the DSA are from near the same spirit.

        • @[email protected]
          link
          fedilink
          English
          58 months ago

          Its unlikely that they’d get involved, RCS might be default on Googles messenger app but people still mainly use alternatives like WhatsApp so there’s not a big enough user base that would be affected and since Google is pushing RCS as interoperal, DSA won’t apply.

        • JackGreenEarth
          link
          fedilink
          English
          28 months ago

          Yes, OS supported root should be mandatory, it shouldn’t have to be some sort of hack.

      • @[email protected]
        link
        fedilink
        English
        8
        edit-2
        8 months ago

        You can still install custom roms without root enabled. Enabling root access is an optional step on most custom roms installation as long as your bootlooader has been unlocked. The question is, does google disable rcs on such devices too, or is it just on rooted devices?

        • @[email protected]
          link
          fedilink
          English
          138 months ago

          As of 2024, Google is now quietly blocking RCS messages on unlocked/rooted android devices. Even if your device only has an unlocked bootloader, it is now at risk of being quietly shadowbanned from sending RCS text messages.

          According to the OP that opened the issue with Google, it doesn’t work with devices with unlocked bootloaders so it would affect the majority of custom ROM users since very few custom ROMs and devices support relocking the bootloader, and I think it probably would still affect these devices too since the last time I relocked a bootloader with DivestOS I still had the error message about system integrity on boot

          Rooted users can probably bypass this issue with some Magisk modules the same way they do with GPay and banking apps.

          If Google really does want to push RCS then disabling access to the more technically inclined users now seems a bit silly.

          I thought they’d at least wait for wider adoption before locking it down like they’re doing with YouTube and ad blockers, especially with imessage and WhatsApp being such big competitors. At least in Europe, I don’t see anyone dropping WhatsApp for RCS anytime soon.

          • LaggyKar
            link
            fedilink
            English
            58 months ago

            Rooted users can probably bypass this issue with some Magisk modules the same way they do with GPay and banking apps.

            That doesn’t work anymore due to hardware attestation

          • @[email protected]
            link
            fedilink
            English
            28 months ago

            Yeah this will cause issues because many device that allows relocking bootloader can only do it once, which lock out future rom upgrades.

            What prompt google to do this? Do they have bots problem abusing the service?

            • @[email protected]
              link
              fedilink
              English
              28 months ago

              I’ve been degoogled since 2019 so I have never actually used RCS so I’m not 100% sure.

              If I were to guess I would assume it has something to do with Apples support for RCS. The last time I checked, Apple won’t support end-to-end encryption in RCS and the messages are only encrypted in transit so maybe Android users that will use RCS with Apple users will have all of the chats saved unencrypted within the system folders and that would be no bueno for Google

              But I’m honestly not sure, I have no interest in learning about RCS unless GSMA helps open source apps integrate it so I’m not stuck with either Samsungs or Googles messaging apps

              • @[email protected]
                link
                fedilink
                English
                28 months ago

                I have no interest in learning about RCS

                I never will. It’s too little, too late.

                20 years ago it would’ve been a god replacement for SMS. Today? I only use SMS with people who refuse to switch to any modern messenger. I was using XMPP on my phone 20 years ago…

            • @[email protected]
              link
              fedilink
              English
              18 months ago

              You can only relock once? Since when?

              Or do you mean relock once with current OS? Yea, unlocking requires a reset, as a security mechanism.

              • @[email protected]
                link
                fedilink
                English
                18 months ago

                iirc many chinese phones can only be unlocked using the stock rom, so if you lock it while using a custom rom, you better not planning to unlock it again.

            • @michaelmrose
              link
              English
              18 months ago

              For practical purposes its capturing revenue from OEMs and users. Android being open source if they didn’t completely sabotage an actual open source market they could well find OEMs or third parties capturing those dollars or indeed those unearned dollars evaporating in a competitive market. Think the IBM PC and Microsoft.

      • Big P
        link
        fedilink
        English
        88 months ago

        I was speaking for myself, I have no idea why people do it. Didn’t say there aren’t legitimate reasons, I just don’t know any of them

        • u/lukmly013 💾 (lemmy.sdf.org)
          link
          fedilink
          English
          13
          edit-2
          8 months ago

          I have installed custom ROM (PixelExperience) on my Moto G5s Plus. This way I extended its life by 2 years. The stock ROM only went up to Android 8.1 and was very slow and buggy, unlike with Android 7. This way I got Android 11 which was newest at the time. It was also much faster than the flawed 8.1 update.
          Additionally, PixelExperience allowed some nice things. It looks like Google Pixel phone, even to Google, so I got free unlimited photo/video backups. This may be against ToS, but it’s not like I said I have a Pixel 5, they decided that I do ¯⁠\_⁠(⁠ツ⁠)_⁠/⁠¯.
          Another really great thing is routing Wi-Fi hotspot over VPN. I definitely don’t want someone using my internet connection raw.

          Next, root. I have only done that with Samsung Galaxy Ace from 2011. No locked bootloader BS, just flash, Tada! Rooted.
          This allowed me to do full backups, including apps on that device.

          But there’s countless other uses, most of which I forgot. Some that I can think of that would be useful to me are:

          • Proper firewall
          • Access to Android folder (without using desktop) (removed since Android 11)
          • Full app backups
          • Routing hotspot over VPN
          • Band locking on Qualcomm SoC (possible without root on Exynos and MediaTek)
          • WPS push and WPS pin Wi-Fi connection (insecure) (removed since Android 9)
          • Opening ports <1024
          • Changing screen resolution and aspect ratio (useful for screen mirroring)
          • Removing bloatware
          • Changing Wi-Fi MAC address manually
          • Battery charge limiting (e.g. to 80%)
          • Precise management of app permissions
          • LaggyKar
            link
            fedilink
            English
            -28 months ago

            Proper firewall

            What services does it have that are listening on external interfaces?

            • @[email protected]
              link
              fedilink
              English
              58 months ago

              It’s not necessarily about listening.

              Many/most apps try to connect to Facebook, for example. Part of the ghost profile issue.

              Or a handful of other data gathering services.

              Blocking those are useful for both privacy reasons and battery life.

              Those apps like to run in the background at al times, registering for every single receiver the phone has (apps like Solitaire, for example). If I didn’t block receivers many apps would run all the time, even apps I use once a month.

              It’s MY phone… End

        • @MigratingtoLemmy
          link
          English
          8
          edit-2
          8 months ago

          Privacy? I am astonished that you’re seriously asking this.

          Is this the point about unlocking the bootloader being risky, or did you just pour the Google/Samsung advertisement ethos down your throat?

          • Big P
            link
            fedilink
            English
            -28 months ago

            I guess that’s a fair reason. I hadn’t really considered that because I don’t personally care too much

            • @MigratingtoLemmy
              link
              English
              58 months ago

              I’m interested; are you saying you don’t care about privacy from your android device?

              • Big P
                link
                fedilink
                English
                08 months ago

                I don’t care to enhance it any further from the default experience, especially with the downsides

        • @[email protected]
          link
          fedilink
          English
          28 months ago

          You’re talking about other people, not yourself.

          The internet is chock full of people rooting. If you don’t know why other people rot it’s from willful ignorance.

      • @LemmyIsFantastic
        link
        English
        18 months ago

        Meh, they were speaking to the other population. They speak for most.

    • @[email protected]
      link
      fedilink
      English
      17
      edit-2
      8 months ago

      Because it’s my device, not Googles.

      Do you let Dell lock down your laptop and prevent you creating an Admin account?

      • Big P
        link
        fedilink
        English
        -58 months ago

        What I do on my PC and what I do on my phone are different. Above all the most important feature of my phone is that it works reliably, not that I can tinker or install mods

        • kratoz29
          link
          fedilink
          English
          18 months ago

          tinker or install mods

          lol, tinker and modding is one of the two things I do most on my phone.

          Telegram community is way more active than XDA for my phone.

          • Big P
            link
            fedilink
            English
            18 months ago

            Different uses for a phone then I guess. To me my phone is an appliance like my washing machine. I want it to work when I need it to and be reliable.

    • strawberry
      link
      fedilink
      168 months ago

      for me , privacy. no google services run in my phone, and none od my data gets shared with anyone

    • southsamurai
      link
      fedilink
      English
      16
      edit-2
      8 months ago

      Because it’s my fucking phone.

      Custom "rom"s extend the life of the device via both security updates and app compatibility. They’re usually able to be used without propriety Google shit at all, if the person wants.

      Just rooting allows more control over what is and isn’t on the device, which goes back to the “my fucking phone” factor as well as the rest.

      Yeah, you can partially debloat via adb, but that’s a partial solution to a systematic problem.

      And that’s ignoring apps that can do more with root, if you want them to have those abilities.

      Edit: hell, just access to hosts file is enough justification.

    • @squid_slime
      link
      English
      14
      edit-2
      8 months ago

      Custom roms: I don’t want google service on my device.

      As to rooting, I have rooted in the passed, its my device and I’m a tinkerer so why not?

      Might as well ask why people run linux after buying a laptop with pre installed windows.

      • Big P
        link
        fedilink
        English
        -48 months ago

        Well Linux is an entire different OS which comes with its own benefits. Rooting makes it a lot more difficult to use apps that use safetynet so doing it because “why not” rather than for a specific benefit doesn’t make sense to me

        • Ace! _SL/S
          link
          fedilink
          English
          6
          edit-2
          8 months ago

          I need root for some things like IsoDrive and Frida. Frida would be usable without root but it’s really cumbersome. Also AdBlocking and some LsPosed modules like CorePatch. WireGuard works better with root aswell because you can use the kernel module directly

          I also hate being restricted by arbitrary locks, it’s my device so I wanna be able to do whatever I want with it

        • @MigratingtoLemmy
          link
          English
          68 months ago

          Android is Linux with a patched kernel and a different userland. Are you saying you never use root on Linux?

          • Big P
            link
            fedilink
            English
            -38 months ago

            My usage of my phone is different from the usage of devices I specifically install Linux on.

            • @MigratingtoLemmy
              link
              English
              58 months ago

              Being root gives you access to the firewall and better access to controls over apps. Although maybe you don’t care

              • Big P
                link
                fedilink
                English
                18 months ago

                That’s fair, but yeah I don’t really care for that. I can understand why someone would though

          • Big P
            link
            fedilink
            English
            1
            edit-2
            8 months ago

            I don’t want a different experience, I know you can install different Linux OSes on your phone but that’s not what I use my phone for. Last I checked Ubuntu touch barely worked too.

    • @[email protected]
      link
      fedilink
      English
      108 months ago

      How do you keep a phone more than 5 years while still having security updates without a custom ROM?

      • Big P
        link
        fedilink
        English
        18 months ago

        I had my note 8 for longer than security updates existed so I installed lineageOS on it, it got security updates but lost a ton of other features and became buggy and slow. Maybe with other phones the experience is better.

        • @[email protected]
          link
          fedilink
          English
          1
          edit-2
          8 months ago

          I’m running a 2018 flagship using DivestOS (a fork of Lineage). It’s faster than most new phones, battery gets charged midday (because I hammer it), and I’d argue more secure than most (because I have a proper firewall and some other security tools.

          If I were to not hammer on it, the battery would last for 10 hours+ (using just messaging apps, instead of ftp, file sync, games, etc).

    • shininghero
      link
      fedilink
      38 months ago

      Personal firewall.
      If an app doesn’t need internet access to do its job, it doesn’t get it. Simple as that.

    • @Dehydrated
      link
      English
      0
      edit-2
      8 months ago

      You need to differentiate between root and custom ROMs. Root is counterproductive in regards to security, because it significantly increases attack surface, but Custom ROMs like GrapheneOS can make your device much more private and secure. It also doesn’t ship any proprietary apps by default and Google Play services are sandboxed and isolated, just like any other app. It’s pretty amazing.

      • LaggyKar
        link
        fedilink
        English
        28 months ago

        It’s not necessarily counterproductive, it depends on what you’re trying to accomplish

        • @Dehydrated
          link
          English
          18 months ago

          *counterproductive in regards to security, I updated my original comment

          • @[email protected]
            link
            fedilink
            English
            -28 months ago

            Even then it’s not.

            Is your PC less secure because it has root access/Admin accounts?

            It’s all about how it’s managed. And I’d argue my phone is more secure, because of how I use root to improve security.

            Good luck installing any app on my phone, without knowing how to unlock that functionality.

            • @Dehydrated
              link
              English
              38 months ago

              I recommend the following section of this article:

              Rooting your device allows an attacker to easily gain extremely high privileges. Android’s architecture is built upon the principle of least privilege. By default, only around 6 processes run as the root user on a typical Android device, and even those are still heavily constrained via the full system SELinux policy. Completely unrestricted root is found nowhere in the operating system; even the init system does not have unrestricted root access. Exposing privileges far greater than any other part of the OS to the application layer is not a good idea.

              It does not matter if you have to whitelist apps that have root — an attacker can fake user input by, for example, clickjacking, or they can exploit vulnerabilities in apps that you have granted root to. Rooting turns huge portions of the operating system into root attack surface; vulnerabilities in the UI layer — such as in the display server, among other things — can now be abused to gain complete root access. In addition, root fundamentally breaks verified boot and other security features by placing excessive trust in persistent state. By rooting your device, you are breaking Android’s security model and adding further layers of trust where it is inappropriate.

              A common argument for rooting is that Linux allows root, but this does not account for the fact that the average desktop Linux system does not have a security model like Android does. On the usual Linux system, gaining root is extremely easy, hence Linux hardening procedures often involve restricting access to the root account.