top | item 46452247

(no title)

1. It's not possible to root GrapheneOS or any Android-based OS and preserve the Android security model. That would run entirely counter to the goal of the GOS. It can be done but shouldn't.

2. They have implemented kill switches for these on the software level. Afaik there's nothing up dispute these working just as well as hardware switches assuming proper verified install of GOS.

discuss

bgbntty2|1 month ago

1. I've read that rooting breaks Android's security model, but I have yet to find a detailed explanation of how it actually lowers Android's security, especially compared to desktop OSes that are usually rooted, like Linux or MacOS.

2. Software kill switches are prone to software attacks, aren't they? They can't be as secure as hardware kill switches unless we can prove the software kill switches can't be attacked by software. I doubt anyone can prove this.

fc417fc802|1 month ago

Approximately, if the user doesn't have root then there's no way to trick them. They also can't access internal app files which gives app authors tight control over how their software is used.

That's the security model. Giving users root breaks both of those assumptions, hence it breaks the security model.

Notice that it is clearly in the best interests of users to at least have this option. But modern BigTech operating systems are designed around corporate interests, not yours. And security professionals seem to prefer to ignore inconvenient things like user freedom.

palata|1 month ago

> how it actually lowers Android's security, especially compared to desktop OSes that are usually rooted, like Linux or MacOS

Mobile OSes are notoriously more secure than desktop ones, precisel because of the security model.