Hacker News new | ask | show | jobs
by fc417fc802 124 days ago
You're saying that the Android security model shouldn't be illegal. I agree.

I'm saying that despite all they get right, the Android and Apple security models, when foisted on the mass market, are socially and ethically flawed. I'm saying that the end user has a fundamental right to tamper with the software on his own system. Those designing an OS that intentionally thwarts the user's will are in the wrong.

Just because something is legal that doesn't mean doing it is a good thing.
1 comments
palata 123 days ago
I may be biased, but I have never seen anyone who would want to tamper with the software on their own system and would not be capable of installing an alternative OS, given that their device allows it (e.g. allowing unlocking the bootloader, etc).

For "normies", it feels like the existing security model is actually not that bad. I can't imagine what would happen if everybody was running something without any sandboxing.

link
fc417fc802 123 days ago
You have to install a different OS in advance though. Even when the bootloader can be unlocked doing so wipes all the data (as it should). It's no help if you start with a stock phone and then later discover that a particular app you've been using doesn't support data export (for example).

> I can't imagine what would happen if everybody was running something without any sandboxing.

I don't think anyone implied that? Having root or signature spoofing or even the ability to install kernel modules doesn't imply anything about the rest of the security model.

link
palata 123 days ago
I guess my point is that it is a bit of a gradient. You say you want Stock Android to allow you to get root access, others will say that Stock Android should not allow a normie to be tricked into getting root access and shooting themselves in the foot. Truth is, none of those is a "right": there is a product (Android) that tries to do well for the vast majority of its users. It seems totally reasonable to me that Google doesn't want to invest a lot of resources into making an extremely small minority happy. I am pretty sure that the number of people who want root on their smartphone is a rounding error.

Second thing is: if you have root and change something on the system, you break the secure boot. So you fundamentally cannot have full access, can you?

That's why my opinion is that it's not Google's role to make everyone happy. They should just not be allowed to prevent alternatives. So that the rounding error minority can install the system they want and be happy with it.

link