453
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 29 Sep 2025
453 points (100.0% liked)
Android
20351 readers
94 users here now
The new home of /r/Android on Lemmy and the Fediverse!
Android news, reviews, tips, and discussions about rooting, tutorials, and apps.
🔗Universal Link: !android@lemdro.id
💡Content Philosophy:
Content which benefits the community (news, rumours, and discussions) is generally allowed and is valued over content which benefits only the individual (technical questions, help buying/selling, rants, self-promotion, etc.) which will be removed if it's in violation of the rules.
Support, technical, or app related questions belong in: !askandroid@lemdro.id
For fresh communities, lemmy apps, and instance updates: !lemdroid@lemdro.id
📰Our communities below
Rules
-
Stay on topic: All posts should be related to the Android OS or ecosystem.
-
No support questions, recommendation requests, rants, or bug reports: Posts must benefit the community rather than the individual. Please post to !askandroid@lemdro.id.
-
Describe images/videos, no memes: Please include a text description when sharing images or videos. Post memes to !androidmemes@lemdro.id.
-
No self-promotion spam: Active community members can post their apps if they answer any questions in the comments. Please do not post links to your own website, YouTube, blog content, or communities.
-
No reposts or rehosted content: Share only the original source of an article, unless it's not available in English or requires logging in (like Twitter). Avoid reposting the same topic from other sources.
-
No editorializing titles: You can add the author or website's name if helpful, but keep article titles unchanged.
-
No piracy or unverified APKs: Do not share links or direct people to pirated content or unverified APKs, which may contain malicious code.
-
No unauthorized polls, bots, or giveaways: Do not create polls, use bots, or organize giveaways without first contacting mods for approval.
-
No offensive or low-effort content: Don't post offensive or unhelpful content. Keep it civil and friendly!
-
No affiliate links: Posting affiliate links is not allowed.
Quick Links
Our Communities
- !askandroid@lemdro.id
- !androidmemes@lemdro.id
- !techkit@lemdro.id
- !google@lemdro.id
- !nothing@lemdro.id
- !googlepixel@lemdro.id
- !xiaomi@lemdro.id
- !sony@lemdro.id
- !samsung@lemdro.id
- !galaxywatch@lemdro.id
- !oneplus@lemdro.id
- !motorola@lemdro.id
- !meta@lemdro.id
- !apple@lemdro.id
- !microsoft@lemdro.id
- !chatgpt@lemdro.id
- !bing@lemdro.id
- !reddit@lemdro.id
Lemmy App List
Chat and More
founded 2 years ago
MODERATORS
That's one of the biggest lies that's been systemically propagated by the industry. A rooted phone is as secure as you make it, because you are in control of your device's security.
And a device you have control over is as secure as you make it so.
Is it? I'm no security expert but doesn't that go against things like the principle of least privilege? Even obsessive security people like GrapheneOS say root access breaks the Android security model.
I agree in theory, but you're never completely in control of what's running on Android because there are still proprietary bits (like device firmware) that we can't replace, right?
That argument is moot, even if you use a device that's 100% FOSS and you actually have total control over even down to firmware, like a Raspberry Pi cyberdeck/small form factor PC you built yourself using open source wifi cards, you are still connected to an internet infrastructure that's filled with proprietary devices such as routers and servers which you have practically no control over, and deliberate malicious actors can still do MITM attack for example as long as any data is being transmitted. And it's not really a personal mobile device anymore if you don't connect it to the Internet at all.
However, even if you cannot ensure 100% control, having root access on your personal device enables you far greater freedom to monitor and investigate the behavior of the proprietary stuff you can't control directly, and mitigate or bypass the security and privacy vulnerabilities they might poss with far more options than is ever even close to possible on an unrooted device.
For example, there are many apps I need to use because of services I need to use because of the city I live in, they have known track records of security and privacy violations. With a rooted device I have the freedom to capture every single pocket they transmit and analyze on Wireshark to see what they are doing, I can block internet access specifically for these apps without conflicting with my existing VPN setup, I can spoof my device's IMEI and other identifiable information for specifically these apps so they can't identify my phone, including even spoof my geolocation without the apps realizing they are spoofed, I can block these app's access to my phone's application list so they can't profile me by seeing what other apps I have, I can block their access to my phone's sensors without the apps knowing they are blocked (other than getting empty sensor reading), I can even deny permissions to those apps without the apps knowing the permissions were denied. On an unrooted device you either need ADB or can't do any of these at all.
Also, without any of these tools how do you even know your device's manufecturer has done everything they need to do to protect your security and privacy? Just because they said "Trust me bro!"?
Principle of least privilege is completely irrelevant here, any system app provided by your phone's manufecturer already have total system control anyway, including Google's GMS apps and Facebook framework apps that are pre-installed, and without root you also do not have an option for truly stopping or removing those apps.