Steve "CyanogenMod" Kondik Contemplates The Death of Root On Android

c0d3g33k writes "Prompted by the addition of new security features in Android 4.3 that limit the effectiveness of elevated privileges, Steve Kondik wonders which uses really require full root. Most common activities that prompt owners to root their devices (backup/restore tools, firewall/DNS resolver management, kernel tuning), could be accomplished without exposing root, argues Kondik, by providing additional APIs and extensions to the user. This would improve security by limiting the exposure of the system to exploits. Reasonable enough, on the face of it. The title of the post, however, suggests that Kondik believes that eventually all useful activities can be designed into the system so the 'dangerous and insecure' abilities provided by root/administrator privileges aren't needed. This kind of top-down thinking seems a bit troubling because it leads to greater control of the system by the developer at the expense of the owner of the device. It's been said that the best tools are those that lend themselves to uses not anticipated by the creator. Reducing or eliminating the ability of the owner to use a device in ways that are unanticipated ultimately reduces its potential power and usefulness. Perhaps that's what is wanted to prevent an owner from using the device in ways that are inconvenient or contrary to an established business model."

Controller

The only reason why I've really needed to root is to use my Dualshock 3 controller via Bluetooth. And I think that if only for that, rooting being gone and with it the ability to use the controller in such a way, would be a real let down..

Re:Controller

[Nerdfest]

The first thing I noticed when upgrading to 4.3 was that my ad-blocker that works by altering the hosts file no longer works. That's one thing I'm sure Google would love to see people stop doing. I'm sure it's fixable with some new SELinux rules, but I haven't looked into it yet.

Re:Controller

[CastrTroy]

I can't believe that ad networks haven't figured this stuff out yet. Instead of serving up ads using a domain name, just serve them up by pointing to an IP address. Sure you could start blocking whole addresses, but then you risk blocking a useful service as well, especially if you plan on blocking Google's ads. Or you could proxy them through a script on the actual website so you can't tell the difference between the actual content from the webpage and the ads shown on the web page. It would be pretty easy for the ad network to provide a script in the common web programming languages that could proxy the ads to the user. I guess that there's still not enough people blocking ads for this to be worth their time. I'm sure it's coming though.

Re:Controller

[thejynxed]

The problem is, end users are not always completely stupid. They start doing it all via script, users will find what scripts, and block them from loading, especially if any proxy servers are involved.

Re:Controller

[segin]

AdBlock Plus on Android can function as a system-wide HTTP proxy on non-rooted devices, or as a 'iptables' front-end on rooted devices. And I believe it's use of iptables is rather advanced.

Re:Controller

[oreaq]

Adaway works fine on my rooted 4.3 galaxy nexus.

Re:Controller

As long as only a small "hacker elite" block ads, they aren't going to do anything. Most people don't install add-ons to their browser, many don't even have firefox...

Sure, you don't need to be a hacker to install adblock any more, but the commoners don't do it anyway.

stop phone carriers / oems from slowing down updat

[Joe_Dragon]

stop phone carriers / oems from slowing down updates and force loading software that can't be removed.

also force unlocked sims on all android phones.

ObXKCD

All applicable XKCD should just be in tags at top of Slashdot stories.

Re:ObXKCD

[Zontar+The+Mindless]

Some knothead has sunk the parent with an Overrated mod despite that fact that it's pretty much on target.

Re:ObXKCD

Fixed it. Silly wabbit.

Re:ObXKCD

Someone always has root access to your PC.

Right now it's you. Very soon it will be the manufacturer rather than you.

Fairly Obvious

[Nemyst]

The issue is that those new APIs and extensions are NEVER provided because the hardware manufacturers and software providers don't want to provide them. Providing deeper access to the software and hardware means you can do more things, including circumvent protections and such. They'd rather make it as hard as possible to do this, and rooting is harder than using a sanctioned app.

In an ideal world, we'd have all the functionality we need straight up and "rooting" wouldn't even exist as a term.

Re:Fairly Obvious

Your argument is wrong. Protection against unauthorised activity (like accessing the unprotected data from a DRM protected music or video file you have purchased) does NOT require locking down computers built in 2013. DRM protection, for instance, is now build into the hardware itself, and the APIs merely activate and control this functionality. With the hardware supporting 'protected path', no possible user code running at any privilege level can 'hack' into the data stream.

You are still living in the age where, because there were no effective 'locks', you had to try to hide the door behind which the goodies could be found. Now, the locks are 'fool-proof', so you can happily allow the user to know which 'door' protects the goodies, and allow the user to 'knock' all he/she wishes.

The lock-down we are really talking about is the inability to run games/apps not pre-approved by Google or one of its partners. Or the inability to switch off/remove unwanted software services. Or the inability to install another shell. Or the inability to use the device as a target for software development.

Current APIs that hardware peeps don't seem to want to offer (say, like hardware JPG encode/decode) often reflect the crappy state of hardware drivers, and the fact that outside VERY limited use, the drivers are full of bugs. So with JPG, say, only a very limited part of the usual JPG standard actually works in hardware. To be honest, we would be far better of with such functionality moved to, say, OpenGL 4.0. Proprietary APIs aren't usual worth the effort, and anyway every Android device would require special code to access the unique hardware found within.

Re:Fairly Obvious

[cppmonkey]

It is fairly obvious that it is in Google's best interest to provide these API's and to an extent they have. Apple makes a killing in the phone world not because their phones are locked down but because they are free of bloat. Heck if I could install a better browser and music player I'd be quite happy with iOS but I can't because it is locked down. Similarly my experience with Android is that I can't remove the Verizon crap and the HTC/Samsung crap so while Android is nice in an emulator (if really depressingly dark) it does not work in the real world without root because I need to substitute stock vanilla android to get the simple easier (Google you have a lot of work to do here...) to use interface that lets me just use my phone.

Re:Fairly Obvious

Android is utter shit AFAIC...what kind of OS allows a root account with no password functionality?

Fuck that, it might as well be Windows fer Lord Racist Satan's sake.

Re:Fairly Obvious

[emblemparade]

Well, CynagonMod specifically has the ability to introduce new CM-specific APIs to allow this functionality.

I know I would feel much better allowing an app to do something specific rather than give it blanket authority via root.

PolicyKit for Android, perhaps?

Re: Fairly Obvious

[LF11]

What timeline do you live in? Here in 2013, iOS is getting absolutely crushed by Android.

Re: Fairly Obvious

[MrMickS]

What timeline do you live in? Here in 2013, iOS is getting absolutely crushed by Android.

Ooh. I spy a Google cheerleader, do I get a prize.

Its odd that things have to be termed in such an adversarial manner. That there has to be a winner and a loser.

That said I suggest you look at the numbers a little closer. Its true that there are more Android phones being bought than iOS ones. However this is only the case if you look at ALL Android phones including cheap ones that are shipping with 2.3 on just good enough hardware. That was always going to happen because Apple have chosen not to play in that space.

http://uk.ign.com/articles/2013/02/20/apples-iphone-5-passes-samsung-galaxy-s3-in-q4-global-sales
http://wallstcheatsheet.com/stocks/analyst-samsung-galaxy-s4-sales-vs-apple-iphone-5-sales.html/?a=viewall

iOS is competitive in the market that Apple chooses to engage in. So in that sense iOS isn't being crushed at all.

I'm happy to see the competition between Android and iOS, it should mean that both continue to improve. If one were to truly crush the other then it would be worse for the everyone.

Re: Fairly Obvious

What does that mean? Windows is better than Linux because more people use it?

Re: Fairly Obvious

[LF11]

Yes, I am a Google cheerleader. Unfortunately, Google is becoming tediously tyrannical in their habits, so I am looking for someone that takes information security a little more seriously than they do. Regardless, the moment they lock down Android so I can't have root, I will be gone.

As for comparative security, Google appears to be vastly the superior option to any of the other major players. Microsoft gives advance notice to the NSA on zero-day exploits before they are patched. BlackBerry actively cooperated with tyrannical regimes to provide decrypted access to messages. Apple can decrypt their own devices without your key. Android is a clear winner because (1) the software allows unfettered root and (2) they support full-device encryption.

So yes, I am a Google cheerleader. That support is not without reservation, however.

Re:If no root, no Android. FirefoxOS anyone?

[barlevg]

You missed the point--he's saying that root access might one day no longer be necessary, not that it'll become impossible to root an Android device.

In my opinion

[drolli]

Most things which required me to root my phone should be preinstalled

-backup
-firewall
-disable any service *which i do not need*

Re:In my opinion

[icebike]

None of those are issues for me.

All I want is to remove pre-installed bloatware so that I have more of what I want.

I've never had a backup issue because there are apps for that, and everything is in the cloud anyway.

Re:In my opinion

[Trogre]

Also:

Change the device ID string so I can install some badly-packaged apps from Google Play that don't know about my tablet.

Re:In my opinion

bah. whatever toad. toad wants only flies. why does toad talk, when it wants only flies?

Bad summary

[swillden]

He's not talking about root going away, he's talking about reducing the need for it, in order to have much of the freedom provided by a rooted phone without the associated security risks. Whether or not root is available is a separate, and orthogonal question, and he clearly never wants to lose the ability to root, just the need.

Re:Bad summary

[bmo]

This.

Just like Linus' justifiable rant about having to be root in SuSE to set up a printer.

There are legitimate reasons why an end user should need Root/Administrator, but they should be as few as possible. Microsoft has seen the light and has tried to beat developers over the head with UAC to make them see the light. (a game needing admin to run? seriously?)

--
BMO

Re:Bad summary

[c0d3g33k]

He's not talking about root going away, he's talking about reducing the need for it

Submitter here. I'm probably a little thick, clearly Kondik meant something more subtle by naming his post "The Death of Root" than I was able to discern. Shame on me for taking that as a suggestion of where his thoughts might be turning.

Re:Bad summary

[squiggleslash]

Having read the article, I don't think that's a good summary of what he's saying at all.

Kondik is saying that Android 4.3 makes it harder to obtain root, with root via ADB being the only real root available. He's also saying that this is OK, because if he needs something that would normally need root, he doesn't actually need root because he pretty much already owns the operating system - he runs CM, and has the ability to modify it to do what he wants.

Kondik's not talking about reducing the need for root, he's saying it's probably not a problem that 4.3 cannot be rooted in the conventional sense because the work that had to be done to reduce the need for it has already been done.

Re:Bad summary

[squiggleslash]

I don't think there's anything wrong with your summary. The GP's criticism of it doesn't make any sense, given the entire article is about "the death of root" having already happened in 4.3

Re:Bad summary

[intermodal]

The problem with UAC is that it is highly obnoxious and intrusive. As it was put to me recently, an admin account will let you install drivers and modify system files, but user access is all they need to get into the average user's email, finances, social networks, and so on.

Root/admin access should be available to everyone who wants it, but many of the functions that require it really shouldn't for most users outside certain environments. And the interfaces should absolutely make it clearer and easier for people to elevate (with appropriate credentials if applicable) to the needed priveleges.

Ever try to edit a hosts file in Win7 on an administrator account, and then still had to reopen the file running AS administrator to accomplish it, making sure to keep your changes available to paste back in? It's nonsense. I have an app for changing the hosts file on my Galaxy Tab for the hosts file on my Galaxy Tab. After all, I have a LAN at home with hosts I access rather a lot. Did I have to root my tablet to do it? You betcha.

But that's nothing compared to all the things I had to jailbreak my old iPhone for.

Re:Bad summary

(a game needing admin to run? seriously?)

Of course! How else can the DRM/rootkit that was installed with the game going to function without admin?!

Re:Bad summary

[bmo]

The problem with UAC is that it is highly obnoxious and intrusive.

No, it's not a problem. It's the entire point of UAC - to be obnoxious. It's there to generate bad feedback to devs who abuse root/admin privs. This is because Windows many devs "grew up" with single user operating systems and then suddenly had a multiuser OS (XP and above are NT based as opposed to 9x) and still insisted that the person behind the keyboard somehow always owns the computer.

It's a club to hit dumb Windows devs with. Once someone explained this to me, it suddenly made sense. Now I'm explaining it to you.

  I have a LAN at home

Good for you. But you own the LAN. There are people on LANs that don't own the LAN (like, at work) and should never have admin access. And I would argue that there are dumbasses who should never have admin on their own equipment and should pay someone to admin their stuff. I have a friend who does exactly that for his entire extended family as a side project.

Root/admin access should be available to everyone who wants

Down this path lies madness.

--
BMO

Re:Bad summary

[intermodal]

I'm pro-madness. They had some pretty solid ska back in the day.

Re:Bad summary

[bmo]

Ernie Ranglin is better ska.

--
BMO

P.S. I need to see him live before he dies.

Re:Bad summary

[intermodal]

Oh, that is a sure fact. I'd love to see him perform.

Re:Bad summary

[Ash+Vince]

Ever try to edit a hosts file in Win7 on an administrator account, and then still had to reopen the file running AS administrator to accomplish it, making sure to keep your changes available to paste back in? It's nonsense.

No, its not. If you could edit the hosts file programmatically without jumping through this many hoops then you could force entries into the hosts file that redirected traffic to your bank to a different server.

Just the administrator account should be enough, but too many people use administrator accounts for day to day stuff just so they can install software. On linux you end up needing to put in the root password or use sudo for tons of stuff, windows have tried to avoid this but some things like editing the hosts file are such dangerous edge cases compared to what most users do that they need to be protected differently.

To be honest, there is a strong argument that you should NEVER edit your hosts file on a windows machine (ok, I admit I do not always follow this advice). If you want to do crap like that maybe you should run a local DNS server just so you know what you are doing, especially if you run a linux server on your network since DNSMasq is so easy to use. It might still involve editing a hosts file, but at least it is a hosts file on a separate server and becomes the central point for all local DNS changes you make. Using DNSmasq also lets you test anything you are testing on a number of devices on your private network without having to keep track of hosts file entries on each device.

Seriously, DNSMasq is a much better shout for most stuff like this if you need to do it regularly.

Re:If no root, no Android. FirefoxOS anyone?

Yeah. So the only people who will need it will be the carriers and NSA. Got it.

Reminds me of linux without a root prompt

[hibiki_r]

There's a certain well known Linux distro that starts with a disabled su command, because root prompts are evil. You can, however, use sudo, to run one command at a time.

Like, for instance, sudo bash.

You can provide a single API to let your user do what he wants. it's called admin access.

Re:Reminds me of linux without a root prompt

Debian also lets you choose your user as a pseudo-root by not entering a passwd in the root menu in the main installer.

Stop bashing Ubuntu. :-)

Re:Reminds me of linux without a root prompt

Just use "sudo su" instead..

Re:Reminds me of linux without a root prompt

Just use "sudo su" instead..

No no no no no no no no no no no no no no no! If you need to drop into a root shell use "sudo -i".

Re: Reminds me of linux without a root prompt

I've always done "sudo -s"... would -i be better?

Re: Reminds me of linux without a root prompt

You're all wrong. It's sudo su -.

Everybody knows that.

Re:Reminds me of linux without a root prompt

[maccodemonkey]

You can, however, use sudo, to run one command at a time.

Errr, I use sudo -s all the time to run as many commands as I want as root. I usually use it only because I don't want to actually have to enable a root user on my machine.

Re: Reminds me of linux without a root prompt

So close, you must mean sudo su /.

Re: Reminds me of linux without a root prompt

[chihowa]

-i simulates an initial login, so it's more like "sudo su -" in that you get a root shell and all of the .profile and such are read. -s doesn't read those files.

Re:Reminds me of linux without a root prompt

[i.r.id10t]

Yup, and if I remember the post from when I was banned from their forums for giving instructions on how to set a root password to enable su or even direct login they do it for security reasons...

Re:Reminds me of linux without a root prompt

[GTRacer]

Phil Collins reportedly uses "sudo su su sudio" for his root calls...

Re:Reminds me of linux without a root prompt

lol =D

Re:Reminds me of linux without a root prompt

Oooo. Thanks!

Re:If no root, no Android. FirefoxOS anyone?

[Nerdfest]

Well, good timing for Ubuntu Edge. The hardware looks great so far, and apparently it will run Android.

Listen very very carefully

IT'S **MY** GODDAMN MOTHERFUCKING DEVICE, ***NOT*** YOURS.

Yes, I'm yelling, and now I have to type a whole bunch of lower case stuff so the lame lameness filter lets me post this, but you get the idea.

Re:If no root, no Android. FirefoxOS anyone?

[Dracos]

Root will be nesessary until the carriers allow us to freely uninstall their bloatware, and other useless/quasi-hostile junk (for me, that means facebook).

Re:The good thing about Steve Kondik

I only did it once. Your anus was too loose.

Wi-Fi-only devices

[tepples]

So the only people who will need it will be the carriers and NSA.

Wi-Fi carriers such as cable and DSL ISPs typically don't provide a subsidized tablet. Nor do cellular carriers outside North America and maybe Japan. So what do "carriers" necessarily have to do with rooting, especially with rooting a Wi-Fi-only device?

Re:Wi-Fi-only devices

All carriers are equal, but some carriers are more equal than others.

Those carriers that are more equal should have their business model protected.

Re:android

[Skapare]

Warning: SPAM link in parent.

No root = developer headaches

[Sla$hPot]

With no option to root your devices. How are you going to test both new and old Android versions on specific devices?
The thing is that the phone providers forces updates when new Android versions are available.
Owners with the same device model might be updated at different times.
Without root, you won't be able to perform a full test without having duplicate models, from different phone providers.
And you won't be able to test before its..too late.
Hopefully someone have been thinking about this.

Re:No root = developer headaches

[tepples]

You could always test on a few hardware versions representative of the range of devices you're targeting, including one stuck on 2.x, along with the official emulator.

Re:No root = developer headaches

Ok, let me try:

I'm going to rant and rant and make it obvious to everyone that not only did I not RTFA, I didn't understand a single word of TFS!!!

Because TFS!!!! says nothing about REMOVING root, only that root may no longer be NECESSARY!!!

YES I AM CLUELESS

Sla$hpot

Re:No root = developer headaches

[Tr3vin]

As an Android developer I can tell you that switching versions on a device is not provided by root access. Root gives you access to all of the system while the phone is running. Getting a different version running requires an unlocked bootloader. For example, on my Nexus devices I first do a "fastboot oem unlock" to unlock the bootloader, then I can use fastboot to send any version of the OS I want to the device. It gets tricky on more locked down devices, but the same basic idea still applies. You need to get past the bootloader to get a different OS running.

Re:No root = developer headaches

[Sla$hPot]

Assuming that different versions behave the same and that you have the money, time and luck to acquire them. That is going to be difficult.
Emulation is never going to cut it, unless what you are doing is very simple. Forget about web apps. Browsers very allot between Android versions.

Re:No root = developer headaches

[Sla$hPot]

>I can tell you that switching versions on a device is not provided by root access

Without SU or root you can do nothing with new or old roms. Sorry.

Re:No root = developer headaches

[Sla$hPot]

And an AC :)

Re:No root = developer headaches

[Tr3vin]

Since when does flashing a new image actually require root? We have several devices at work that are used for testing. None of them are rooted and yet we can upgrade / downgrade because the bootloaders are unlocked.

Re:No root = developer headaches

Without superuser privileges an unlocked bootloader is useless.
Try to upgrade a popular device like the HTC Sensation XL to JB.
Tell me when you are done.

Re:No root = developer headaches

[Kufat]

"Root" is something you have or do not have within Android. ROMs aren't flashed from within Android, they're flashed from either recovery or the bootloader. (Usually recovery.)
GP is correct, you're misunderstanding either the terminology or the roles played by the OS/bootloader/recovery.

Re:No root = developer headaches

Well i have several devices that don't have SU.
Since i can not root the device i can not update the devices with SU.
Thus i can't do much in recovery mode. No image updates.

Re:No root = developer headaches

Why? I thought android didn't have a fragmentation problem!

Re:No root = developer headaches

[segin]

On a number of devices, you cannot flash a new recovery from 'fastboot'. You must use a special OEM flashing program to flash partitons (which then leaves an god-awful reminder of your "sin" of non-OEM software every power up in the form of an annoying yellow warning triangle on your firmware splash) or you must manually flash the firmware with 'dd'. If you don't want your device reminding you that you've voided your warranty on every power up, then root access is needed to 'dd' the recovery.img to the correct partition.

Your forgot ...

[Skapare]

-remove any app *which i do not want*

Re:Your forgot ...

Facebook being first and foremost. I made the extremely bad lapse in judgment of ever letting them on my mobile phone, and they've managed to embed themselves in as a system app that even the "Root App Delete" apps can't remove without a whole set of things I need to do in order to root the phone.

It's just a phone. I don't care to nor have the time to invest a lot in tinkering with its particular hoops to root it. Better would be for Facebook to avoid such privilege escalation as a simple App Market application, but now unless I want to decline their EULA every single time I use my phone, I'll have to do whatever is necessary to force them off.

And never make that sort of mistake with any Facebook parasite-app again.

Joystick API

[tepples]

According to how I understand the summary, Google or an Android distributor would be responsible for "providing additional APIs and extensions to the user", such as adding Dual Shock 3 support to Android's existing joystick API.

Re:Joystick API

[idontgno]

Or alternately, "providing APIs and extensions to the user for whatever the wireless provider thinks the user needs, and the user can just suck it if they think they know better."

Honestly, if I wanted someone else to do my thinking for me, I might have bought into a certain other mobile device brand.

CDMA2000

[tepples]

also force unlocked sims on all android phones.

How would that work on a CDMA2000 network, which doesn't use a SIM in the first place?

Re:CDMA2000

[LiENUS]

CDMA2000 is on its way out even vzw and sprint are moving to gsm with LTE. At this point you can only do data and only in areas with lte service but eventually lte service will provide voice and will be pretty ubiquitous.

Re:CDMA2000

I see this being parroted all the time and it simply isn't true, nor was it ever true in the first place. CDMA IS-95 as initially deployed in the US didn't support subscriber modules because carriers wanted an easy way to track device activations/sales and allow for device blacklisting if phones were lost/stolen. In China and Korea/Japan, where the majority of CDMA R&D was actually conducted without carrier interference, the CDMA2000 extension allowed carriers to deploy subscriber module support under the R-UIM standard, which was deployed by Chinese carrier China Unicom, Japanese carrier KDDI and Southeast Asian carriers. When the CDMA2000 extension was deployed by Verizon and Sprint in the US, along with smaller CDMA carriers from 2002-2005, all of them decided not to enable R-UIM subscriber module support and extended the exhausted ESN serial number system with the MEID system instead, because it was thought that going to the R-UIM setup would be more expensive to deploy and maintain, a misconception quickly disproven with the growth of GSM in the mid-2000's in the US.

Re:CDMA2000

You needed to explore the pages linked from R-UIM. If you had you would have found CSIM which was the extension of R-UIM for CDMA2000. I've read they're used pretty frequently in Asia, but I doubt Sprint or Verizon would issue one even if you had a phone with support.

This is a bit tragic since the circuitry to support CDMA is "almost free" nowadays since it is a fraction of the size and power of the LTE circuitry. I write tragic since CDMA can pack many more devices into the same bandwidth since CDMA phones don't need to transmit when there is silence, unlike GSM where the phone must transmit (or at least have the timeslice allocated) all the time during a phone call. My impression is LTE is actually far more similar to CDMA than GSM.

Re:CDMA2000

[segin]

And what about UMTS? Please don't go "huh, what's that?". It's the 3G upgrade to GSM that came out around the same time as CDMA2000.

Re:CDMA2000

[adolf]

CDMA2000 is on its way out even vzw and sprint are moving to gsm with LTE. At this point you can only do data and only in areas with lte service but eventually lte service will provide voice and will be pretty ubiquitous.

Um. Last I checked (and no, it hasn't always been this way) I can talk on the phone with VZW over LTE: This is the only way that VZW allows voice and data to exist concurrently on the same handset. This works fine. Almost all of the calls I make are over LTE.

And I can also pull down a web page over the various CDMA2000 technologies where LTE is unavailable, albeit much more slowly than in the past when the airwaves were clearer.

And also, last I checked in VZW-land: LTE only exists on 700MHz bands, whereas CDMA2000 only exists on other bands.

So what exactly are you going on about? At this point, both CDMA2000 and LTE co-exist peacefully, and it will require a Great Cleansing to get rid of CDMA2000 entirely.

(CDMA "on its way out?" Show me an LTE-only VZW-sourced phone that I can get today, and I'll eat my hat.)

Re:If no root, no Android. FirefoxOS anyone?

[dc29A]

I don't care if I don't root my phone until I can write to the hosts file.

Re:If no root, no Android. FirefoxOS anyone?

[icebike]

You missed the point--he's saying that root access might one day no longer be necessary, not that it'll become impossible to root an Android device.

Exactly.
The reason people root phones is to get around arbitrary restrictions imposed by the carriers or the manufacturers.
Remove those restrictions, by providing APIs that allow users to do every legal thing, and virtually all reason to root disappear.

When you can remove bloatware, change carriers, bypass carrier restrictions, change the UI, and maybe even change the OS, all without requiring root, what would be the point of rooting?

There will still be those who will root simply because they can. These are the same kids that always ran their Linux machines at root because they were so 133t.

You said hosts file. Are you trying to summon him?

[tepples]

The first thing I noticed when upgrading to 4.3 was that my ad-blocker that works by altering the hosts file no longer works.

So Google is blocking one sort of APK, namely use of the hosts file as a crude DNS blacklist. Does this means we're soon going to lose another sort of APK, namely loading applications from unknown sources? Or am I clanging again?

SE/Linux (and SE/Android)

[lkcl]

there's an extremely common mistake made which needs to be pointed out: the clue is in the phrase "This kind of top-down thinking". the fundamental assumption is that there is a concept of "more privilege is required than before" to achieve privileged tasks. people imagine that security is hierarchical - that the further towards "the top" you get, the more access you are permitted. this is simply NOT TRUE. the classic example is "root", which is a drastic binary oversimplification which is simply very convenient.

so, people invent new security systems, but they invent them without actual proper thought towards design, and they invent them thinking that this "top down" hierarchical approach is the only way. thus, new APIs have to be invented.

there is another way: it's called SE/Linux (and there's a variant called SE/Android). SE/Linux follows the FLASK model, which basically says that based on the current context, the current application, that a new executable is given a COMPLETELY new security context, where the new privileges have to be explicitly given. the most important implication of this model is: it absolutely does not matter how "powerful" you were in the previous context - the one that fires up the new executable; the new one is literally a completely and utterly separate security context.

to give an example: take a 5 Star General, and send him to a security base. when he gets there, standard security procedure: they take away his passport and all his credentials, and they give him a security pass (a new context). that security pass has a pre-prepared set of restricted corridors and rooms that the 5 Star General can go to. he can go to the conference room, and the bathroom. if he tries to leave without returning the security pass, he has no passport, and no papers.

this incredibly powerful security model - FLASK basically fits on top of an OS *without* interfering with it. it's particularly fascinating because it can watch which programs exec() other programs, and it can watch what APIs those programs use.... *without* needing to actually modify those programs.

basically what i'm saying is that the problem that cyanogen is trying to solve already has a way in which it can be solved, if the SE/Android team haven't already solved it. and that's because, under SE/Linux and SE/Android, you can operate both the normal "root access" system *in parallel* with SE/Linux. all you need to do is create a FLASK security context which restricts access to only those applications that *should* be accessing the restricted APIs. you don't need to modify the applications, nor do anything special to the underlying OS.

Re:SE/Linux (and SE/Android)

Interesting. Although it makes me think, isn't this returning to what Multics was shooting for and what UNIX was reacting against?

Not that that would make this approach wrong. The classical UNIX security model was a reasonable abstraction over the typical use case of minicomputers of the era and midsize systems yet to come. Things are changing and that model is in some respects outmoded. It was natural to have a root account when there was always an I site administrator who had de facto system control by way of physical access. Now that isn't always the case and even when it is, it's not always meaningful.

Re:SE/Linux (and SE/Android)

[c0d3g33k]

Very insightful. You've hit the nail on the head. Brilliant and concise.

Anyone else have something intelligent to add to this? We're dealing with a security model developed long ago in a context where it no longer applies, but we're forced to deal with it because a big corporation decided to cut corners by exploiting an existing system to save time rather than expending the effort to develop their own solution. So now we have cognitive dissonance.

So what is a better security model for computing systems that gives full power to the device owner but allows things like the "app store", OEM applications and DRM to coexist?

Seems like it is time to design something better than what we have rather than layering cruft atop something that works just fine.

Re:SE/Linux (and SE/Android)

Yes, security can be done that way; however, it does not negate "root" as a potential security violation. The Executive (aka the kernel) will always have access to everything. Always. It must, since it is what all of the other fancy things are built off of. Root is merely an entry point into this "process". Even if you wall it completely off and create entirely new security contexts and paradigms, getting through that wall will not be impossible until you can create perfect hardware and perfect kernel software.

There is an additional issue here:

I want executive access to my computing devices. Why? So I have the ability to examine anything and everything. I want to watch the FBI rootkit in action. I want to be able to interfere with a kernel level process set up by the carrier I am using. I want absolute and total control of any system that I am using. I _never_ want to be told I can not do something. Never. Absolutely never. It is *MY* fucking device and it should do what *I* want.

Re:SE/Linux (and SE/Android)

[Lincolnshire+Poacher]

the classic example is "root", which is a drastic binary oversimplification which is simply very convenient.

Indeed, but in the case of SE Linux the Five Star General ( root ) is also the guy who writes the rules about where he is allowed to go and what he is allowed do ( SE Linux config ).

SE Linux doesn't make root go away, it just usefully reduces the need for root day-to-day. But root is still the key capability in configuring the environment.

And Linux distros always have a way for root to disable boot-time or run-time SE Linux.

Re:SE/Linux (and SE/Android)

You can have OEM applications and DRM, if you want to pay for garbage.

Re:SE/Linux (and SE/Android)

"app store"

You misspelled "package manager"!

and DRM

No. Just no. Supporting organized crime that wants to steal our hard-earned money is NEVER acceptable. EVER. Or are you part of that organized crime?
If you give me a mere *copy* of the result (information) of the work you (or even somebody else) did, then all you'll get is a mere *copy* of the result (money) of the work I (or even somebody else) did. End of story.

Re:SE/Linux (and SE/Android)

The trouble with the Linux security model is not that there is a kernel, but that too much stuff is in the kernel, and thus has
blanket permissions that it doesn't need.

Re:SE/Linux (and SE/Android)

KeyKOS, CapROS, EROS, et-al are steps in that "design something better" process. See also Symbian, QNX.

Re:SE/Linux (and SE/Android)

[lkcl]

the classic example is "root", which is a drastic binary oversimplification which is simply very convenient.

Indeed, but in the case of SE Linux the Five Star General ( root ) is also the guy who writes the rules about where he is allowed to go and what he is allowed do ( SE Linux config ).

ah *no*! he most definitely is not! again, you may be under the mistaken impression that the 5 star general has more power than he appears. if he were to start ordering people to bypass security measures, that would seriously be a breach of standard security protocol and his subordinates would report him.

but you may have misunderstood: if a 5 star general walks out of a secure area without his passport, how is he going to get on a commercial flight? he doesn't have a passport, because he didn't return his badge at the gate. mr 5 star general doesn't have control over commercial flights, does he? without identification papers, he doesn't even have control over *military* flights, let alone commercial ones.

in other words, you've misunderstood the analogy, because you are under the mistaken assumption that even a 5 star general actually has any "power" or "authority" outside of his domain and responsibilities: he doesn't. it's *all* about context, *not* about the "person". in other words it doesn't matter if he's a 5 star general, if he steps outside of the bounds of responsibility within the context that he's SPECIFICALLY been tasked to do, in that physical location, at that specific time, and under the specific circumstances, then all hell breaks loose and security alarms go off like mad.

is that clearer?

taking this away from the analogy, the OEM would prepare the OS, set the SE/Linux files up, digitally-sign the bootloader, flash it into ROM, digitally-sign the kernel, require the bootloader to check it.... then give *you* the root password, knowing full well that because SE/Linux is permanently enabled it is flat-out impossible for you - even though you have root access (a 5 star general) - to even replace the kernel, because the SE/Linux permissions explicitly forbid overwriting of the boot partition. and even though you have root, the SE/Linux permissions forbid you from chmodding the boot subdirectory.

SE Linux doesn't make root go away, it just usefully reduces the need for root day-to-day. But root is still the key capability in configuring the environment.

And Linux distros always have a way for root to disable boot-time or run-time SE Linux.

not in treacherous DRM-locked systems they don't - the ones where the bootloader is in a digitally-signed ROM which you cannot modify, where the kernel and its boot parameters are also digitally-signed and cannot be modified.

Re:SE/Linux (and SE/Android)

[lkcl]

But root is still the key capability in configuring the environment.

And Linux distros always have a way for root to disable boot-time or run-time SE Linux.

in SE/Linux, root is "parallel-tracked". in SE/Linux it's just yet another username. in fact, there is no such concept as usernames under FLASK. uids are just a convenient piece of information to place into the "security context" but so is the filename, directory name, port number, protocol (UDP, TCP), ip address - all these things are *also* part of the security context. more recently they've extended SE/Linux so that X11 primitives can also be added to the security context.

i forget the exact details - it's been a while

Re:android

[icebike]

be gone spammer.

Re:If no root, no Android. FirefoxOS anyone?

[Pioto]

Root will be nesessary until the carriers allow us to freely uninstall their bloatware, and other useless/quasi-hostile junk (for me, that means facebook).

Good news! You haven't needed root to do that for a Long Time now. You can just click the "Disable" button in the app's details page, or drag it to the trash can from the apps drawer, and it's disabled. Sure, it's taking up a few MB of space on your system image, but, "oh well." At least, this is certainly true on any Android 4.x device I've owned.

Re:If no root, no Android. FirefoxOS anyone?

[edit0r]

I don't care if I don't root my phone until I can write to the hosts file.

Exactly! the first half-dozen entries in my 600k hosts file are the various Facebook addresses.

Reading Comprehension!

[lesuth]

Is Steve Kondik saying he wants to remove those features or remove the need for elevated privileges of those features? I read his article as the latter and that means an increase to the ability of the owner to use a device in ways that are unanticipated.

Re:Reading Comprehension!

[c0d3g33k]

Steve Kondik said what he said - we shouldn't put words into his mouth. You're talking about my speculation about what this kind of approach ultimately means.

You're missing the big picture. In order to design API's or extensions that remove the need for elevated privileges for certain use cases, you need to know what those uses cases are. So you can, you know, design for them. This is the antithesis of unanticipated.

The point of administrator privileges on a system you own isn't to facilitate a set of standard activities agreed upon in advance by a group that decides those activities are worth supporting. The point of administrator privileges on a system is to allow you, the administrator, to use the system as you see fit, for the needs you deem worthy. Being limited to activities someone else deemed worthy enough to design, implement, test and deploy APIs and extensions isn't really compatible with this notion.

The reason Kondik can make such a proposal is that Android as a young platform lacks some capabilities that administrators or owners take for granted on other platforms. Naturally people would address the low hanging fruit first to bring their Android systems up to par with their other systems. The low hanging fruit is what Kondik and most people responding his post are talking about. Those things should probably be part of any mature computing platform these days, so why not add them?

But.

Once the low hanging fruit has been picked, I predict that people will turn to other things they want their little pocket computers/communicators to do so that they are more useful to them. At some point those activities won't be amenable to some sort of homogenous API that suits everyone. The things people want to do will be specific to their purposes. There won't be an API or extension to enable their new idea, so they will be limited in what they can do.

That's what I mean by using a device in ways that are unanticipated.

Re:Reading Comprehension!

[lesuth]

I do not miss big pictures. Steve Kondik's words about anything "... could be accomplished without exposing root" on these devices empowers the owner/user with more options, not limiting their activities by the foresight of someone else. The only way to believe in limits is to assume Kondik said he would provide limits in an API, despite stating his interest in abolishing the root requirement, which he did not. If we push Kondik's words to the extreme, would there be a need for root? Would the owner/user be more empowered or more limited by a completely open system where every aspect of the device is available via the API? Does opening up the device via an API breed more or less control by the developer? Low-hanging fruit is naturally to be addressed first, but most developers (from my experience) act in earnest with less limits on root capabilities.

Re:Reading Comprehension!

[c0d3g33k]

Sorry, but you're not making much sense and don't quite seem to understand how operating systems work. If this mythical "totally safe because it limits root privileges but not really limited because you can do all the same things as you used to do with root" API you describe existed, it would be functionally the same as what currently exists. Wrapping the system in an API that allows you to do officially sanctioned 'useful' things (things that have been designed into the API) but protects you from all the unsanctioned 'bad' things (everything that isn't explicitly defined by the API) is limiting. By definition.

Re:Reading Comprehension!

[lesuth]

Let us not be putting words in my mouth. Specifically, I did not say anything about totally safe. And let us not judge others about knowing / not knowing any OS - we are foreign in association, especially on the merit of OS experience. I suggest reading my words on their own merits, which is how they were crafted. If you believe in a mythically safe but unlimited API which would function the same as what we have, then cool; however, I did not describe one. Officially sanctioned sounds like Apple in a Big Brother ala 1984 / Galactic Empire sort of way, which is what I think most of us, including the developers I know, earnestly avoid. I believe I will still interpret Kondik's words as empowering device owners by taking steps toward abolishing the root requirements. Is there a man behind the curtain in an API conspiracy against the Dorothy and Toto of unanticipated invention? My belief is obviously different. Apple has a lot of "1984" history, btw. :^)

Re:Reading Comprehension!

[c0d3g33k]

lesuth? Oh, you troll, is that you, you forked tongued devil? I applaud your efforts. I fed you once - are you still hungry? Sorry, other than this small treat, I have no more because your comments are devoid of meaningful content, and I require meaningful content to justify fetching you more treats. Dorothy and Toto would undoubtedly agree with me. Toto totally wants your treats. He'll be coming around to collect them when he's finished traveling to 1984 in his time machine to deal with Big Brother and his burgeoning Galactic Empire. Please heed my advice if you personally go there - don't take a bite of the Apple. You will fall into a sleep indistinguishable from death. Kind of like a zombie.

Re:Reading Comprehension!

[lesuth]

Troll? Never have and never will. It's all waxing rhapsodic of the merits of root privileges and conspiracy theories. I believe in access and openness. I believe in regular haircuts at a fair price. I believe in wearing a helmet when bicycle riding. And I believe in people's words the way they are presented, whether it is an OS developer's intent or a theorists' post to such a fine website like this. Oh, Slashdot, how many years I have read thee... How many poignant articles I have digested! Thanks for that last reply of nonsense - ranks right up there with the theory. :^)

Re:Reading Comprehension!

[c0d3g33k]

Dude (or Dudette), you are so much fun!

Oh, Slashdot, how many years I have read thee... How many poignant articles I have digested!

Not very many, based on your ginormous UID, n00b. :-)

Thanks for that last reply of nonsense - ranks right up there with the theory. :^)

You're quite welcome. This place is too much fun to take seriously. But you're still borderline incoherent. You need to elevate your troll-fu. Or ease up on the ethanol a bit, clever lad. Your trolling will be much more effective if you can simulate a serious commentor. Your babbling is much less clever than you realize. But kudos for hanging in there and giving it the old college try.

If you were actually serious in your original posts...*shakes head*. I'm sorry, my good fellow. There are people than can help you.

Re:Reading Comprehension!

[lesuth]

Is it possible to read slashdot without keeping my account active? And keep the name calling to a minimum, please. I thought you had some semblance of ethics when you brought this article to slashdot? Here is a hand: http://www.acm.org/about/code-of-ethics Lad? Do you know what they say about assumptions? Interesting tacks... let's count them up: Post to slashdot with a barely coherent conspiracy theory on losing the possibility of invention through unanticipated use. Gasp! Respond by thinking everyone else is wrong, because, after all, there is no way anyone else could possibly be right. Respond by claiming others are ignorant, despite the foreign nature of this conversation. Oh, let's wrap comments in what they meant to say! Lastly, since you don't understand, then others must be trolls. Who needs people that can help?

Re:Reading Comprehension!

[c0d3g33k]

Thank you for the entertainment. Why settle for a concise argument on the topic at hand when a flurry of semi-relevant sentences will do. You, sir, are the master of trolls. Or lawyers. Blessed be you and your kin.
I must leave you now. Good night.

Re:Reading Comprehension!

[lesuth]

I was hoping for less debate over right vs. wrong and more discussion on better methods through an API for resources and accessibility without the need of root privileges. Seriously. I hope your iD is better for this, but I am doubting it. Is posting painted garbage and then taking honest questions and criticism personally considered trolling?

Re:Reading Comprehension!

[lesuth]

This thread is really sad on many different levels.

I have to admit that I figured out, very early, that this poster was baiting to feed his ego (otherwise, he would have engaged with some of my questions). And even though the topic was fairly interesting (I would have been glued to more appropriate responses), I called him out and took him down. This is NOT a good example of appropriate behavior by anyone and I am speaking for myself, even though it takes two people for an argument. I could have stopped the thread very early, I could have just let him feed his ego and be done with it, or I could have saved everyone a lot of time and not replied at all.

Although it could be said that the OP / Submitter *might* take a word or two to heart and that, of itself, is a benefit, I believe that the time involved is more precious and, therefore, this thread should have been avoided.

The OP may return to this thread and post even more delirious nonsense - I recommend ignoring the rest of this thread.

The weight of knowing there are better examples to display to myself, mostly, is heavy enough to keep my away.

Re:If no root, no Android. FirefoxOS anyone?

[Pioto]

You missed the point--he's saying that root access might one day no longer be necessary, not that it'll become impossible to root an Android device.

Yes, this. You shouldn't root your device "just because you can", which seems to be the mentality some people have. It greatly increases your attack surface for security vulnerabilities. I'm certain that the ability to root will stick around "forever", but for most people having a well thought out API which allows separation of privileges is going to lead to better results.

When root is no longer needed..

..will be when the end user can take *full* control of their own hardware without it.

Till then, FUCK THEIR NON_EXISTENT UPDATES and THEIR rules.

Manufacturers leave the gap where root is required, not the users.

Re:When root is no longer needed..

[tepples]

If given the mutually exclusive options of A. full control of their own hardware or B. access to major studio movies, what will most home users choose?

Re:When root is no longer needed..

[segin]

B needs to have "legal access" or "officially sanctioned access", not just "access". There's plenty of illegal and/or unsanctioned access to major studio movies available with option A. (If you are wondering how that's an "and/or", consider the point of ripping one's own DVDs to a DRM-free, neutral format to play back on their phone. Legal, but unsanctioned.)

AdBlockPlus

[ronmon]

Enough said.

Re:AdBlockPlus

Agreed. Only reason I installed SU on my Nexus 4 was to run "AdFree" - if I could re-write the hosts file without root? Sure I wouldn't bother.

Steve "CyanogenMod" Kondik

[SixGunMojo]

Am I the only one irritated by this? It should be Steve "Cyanogen" Kondik, CyanogenMod is the ROM. FFS

Re:Steve "CyanogenMod" Kondik

[c0d3g33k]

My bad. Sorry. You are fully justfied in being irritated. I was in a hurry and given the amount of poorly explained stories, I didn't just want to throw "Steve Kondik" out there and expect people to recognize the name. So I picked his pet project, rather than his nick.

Re:Steve "CyanogenMod" Kondik

[segin]

If someone doesn't recognize the name, then they know how to Google, and if they still can't Google, then either the article isn't for them to begin with, or they shouldn't be reading Slashdot to begin with.

Re:Steve "CyanogenMod" Kondik

[c0d3g33k]

Nonsense, segin.

Effective communication is the responsibility of the presenter, not the audience. Apart from the very rare instance where the audience is forced to attend, they are indulging the presenter. If the presenter doesn't deliver, the audience goes away. Telling the audience they didn't work hard enough will only make them go away faster.

You must be quite the hit at parties and social gatherings:

"Hey baby, I can light your fire better than Ivar Kreuger. Wanna light *my* matchstick? What? Who is Ivar Kreuger? Look it up, you airhead or I'm not for you and you shouldn't be at this bar to begin with! Wait! Where are you going? Awww. Alone again. Why? Why must I always be alone?"

Re:Steve "CyanogenMod" Kondik

[SixGunMojo]

I fully suspected this, hence the irritation and not the mouth foaming, vitriol spewing, keyboard smashing, response of most nit-pickers. I've been running CyanogenMod for more than 3 years and would not have recognized the name Steve Kondik (I would have recognized the nick cyanogen). However I do believe that among the target audience, people with rooted android phones (who doesn't root an android?) >90% would have recognized him by his nick alone or had a very good idea of who he was. Some people in their communities are very large personalities and among rom developers cyanogen may be one of the largest. For the non-target audience who he was could have been explained in the summary. Ah well, this is probably the sign of another aging slashdotter bitching about the apparent decline of quality in the headlines/summaries. Time to go make some "Get off my lawn!" signs :-)

Re:Steve "CyanogenMod" Kondik

[c0d3g33k]

For the non-target audience who he was could have been explained in the summary. Ah well, this is probably the sign of another aging slashdotter bitching about the apparent decline of quality in the headlines/summaries. Time to go make some "Get off my lawn!" signs :-)

Heh. Just borrow some of mine - this aging /.er has an ample supply. No need to make your own.

As for the "apparent decline of quality in headlines/summaries" and what to explain in the summary, that's a tricky business. In my estimation, the story wasn't about Steve "cyanogen" Kondik (there you go - irritation abated), or even which currently-need-root activities could be added to the standard Android toolkit, rather it was about the growing tension between the interests of the owners of a general computing device, the interests of the various actors who define the platform and want to build business models on top of it by limiting what the owner can do and the engineering challenges in reconciling these various interests. As it turned out, accurately summarizing what Kondik said without plagiarizing him (or the source that drew my attention to his post) *and* planting the thought provoking seed about the wider implications of this kind of thinking without writing an essay was more challenging than I anticipated. If you have any experience in public speaking (mine is in the present-your-data-to-your-peers science world), you know that it's more difficult to put together a 10 minute talk (plus 5 for questions) than it is to put together the standard 45 minutes (plus 10 for questions) talk. Blaise Pascal was right: "I made this [letter] very long, because I did not have the leisure to make it shorter." In my case the dearth of leisure was caused by the pets wanting to be fed and my spouse asking me to step away from the computer and help with dinner. Wracked with the throes of "hurry the hell up" and my own irritation at recent /. summaries that didn't adequately explain to the reader what the hell the story was about, I threw in "CyanogenMod", fussed with the summary I was really worried about a bit more and clicked submit.

Submitting a story that aspires to live up to higher quality standards is an interesting and humbling exercise. I recommend that all aging /.ers who are worried about the decline in quality of the headlines/summaries submit a story themselves when the urge to grumble strikes them. Who knows? Maybe you'll stimulate the very change you were hoping for. And the critics who point out where you fell short will make you better (many thanks, SixGunMojo).

Recurring fee

[tepples]

I've never had a backup issue because there are apps for that

Some existing "apps for that" require root to backup or restore because they try to back up private data that belongs to another application.

and everything is in the cloud anyway

If you have more than a couple GB of data to back up, cloud backup becomes an expensive recurring fee compared to backing up to local physical media.

I don't need to 'root' my copy of XP to use it

If Google plays fair with Android, who in their right mind would even worry about 'rooting' it. But this 'lock down' s**t that restricts what the user can do with their own device has to go.

Microsoft's fame and fortune resulted from Microsoft ending the 'lock down' situation that was universal with 'big tin' computing solutions from earlier times. Of course Microsoft didn't invent this freedom- but Microsoft surely proved it to be a sustainable and very profitable business model - giving the world a universal computing platform that met the needs of users and developers of all types.

If Google cannot break its habit of supporting 'lock down' on some devices, it should fork Android into 1984-Android, and OPEN-Android, so dirty hardware manufactures can opt for a locked down platform, and every other manufacturer can act like all those companies that built/build PCs that run Windows. The truth is that Google HAS effectively created these two versions of Android- it just won't publicly admit this fact for political reasons.

PS the open source community idiots do not help at all. Whining about so-called 'binary blobs', which are the 'drivers' we so happily install on Windows PCs, is completely counter-productive. Android does not have, and will never have 'open source' hardware, so why should we care when the manufacturers of hardware GPU or Audio blocks connect their proprietary driver software to their proprietary hardware? Do you not know just how crap open-source drivers prove to be, when a manufacturer provides enough technical info to allow such to be created?

Google stands at the edge of a precipice. A proper free open Android can easily become the world's replacement for XP/Windows 7 on general PC devices (this time using ARM, of course). But if Google stumbles (as it has with almost all of its initiatives that are not its search engine and related services) it will attempt to crudely monetise Android, and by doing so fall down the usual pit of total failure. The dreadful Google Glass and Chromecast are both warnings about Google's current wrong-headed thinking. Google is NOT offering services that simple run on Android. Google is perverting Android into the most crippled locked-down form simply to create devices to function ONLY to run its services. And by doing so, Google states it has absolute control over the nature of any app written for those services.

Just look how Google said "no adult uses for Google Glass". That's like a f**king camera company selling you a camera, and then telling you you better not use it to photograph people naked. But again, if Google really wants to do this, it can still fork Android, as I said earlier, and offer 1984-Android and OPEN-Android side-by-side to the hardware people, allowing it to have its cake and eat it too.

Re:I don't need to 'root' my copy of XP to use it

[techno-vampire]

Do you not know just how crap open-source drivers prove to be, when a manufacturer provides enough technical info to allow such to be created?

Yes, as a matter of fact I do. I have a Toshiba laptop with integrated Intel graphics that runs Fedora 19 with Xfce and Compiz. It works very well, TYVM, with no need for proprietary video drivers.

My desktop has nVidia graphics, and uses the same desktop and Compiz. I use the binary drivers as re-packaged for Fedora only because the OSS nouveau driver isn't quite ready for the 3D effects yet. If and when it is, I'll switch over to it for simplicity's sake, as I've heard some very good things about it recently.

It's needed to remove all the junk pre-installed

[bobjr94]

At least on Windows, it's fairly easy to remove all the preloaded programs. On my last phone (sidekick 4G) had so much preloaded junk and so little ram, it was constantly getting stuck for 10-15 seconds while loading / unloading swap files after exiting apps. I rooted it, got rid of about 10 useless apps and it solved all the phones problems. If they somehow lock down the android phones and remove root access, they need to also require all preloaded apps be removable.

Re:If no root, no Android. FirefoxOS anyone?

How in the hell is that uninstalling it? You can remove a startup entry in Windows to stop mcafee or other bloatware on an OEM machine to stop it running too. But would you like to keep it sitting around, not only taking up space but leaving the binary there for potential later execution? I think not

Nexus: Collect all four

[tepples]

You can build a representative sample from a used Nexus One, Nexus S, Galaxy Nexus, and Nexus 4 for fairly cheap. Or you can take advantage of the device diversity of your team of beta testers who brought their own devices.

Re:If no root, no Android. FirefoxOS anyone?

[aztracker1]

For me, the killer feature for rooting early on was wifi tethering.. in my G1 it was necessary to root for a lot of functionality... my N4, I haven't felt the need to root at all, and it includes tethering (though I tether to my laptop via bluetooth, the same rules apply)

Re:If no root, no Android. FirefoxOS anyone?

[aztracker1]

What bugs me, is the likes of Twitter and Pandora asking for every privilege under the sun. I'm sticking with a prior version of twitter for that reason.. it will suck when I have to change out phones again. I don't use most games for the same reasons... it's wrong on so many levels. I wish I could remove privileges from installed apps, like you can with facebook "apps" (setting their posts to only visible to you, etc)... at least then you could work around the crap/spyware.

Re:If no root, no Android. FirefoxOS anyone?

[L4m3rthanyou]

It's kind of a moot point. If the system is that badly "infected", you should probably replace the rom anyway.

On my aging Gingerbread phone, I used root to delete the OEM bloatware- Facebook, Amazon, NFL Mobile, etc. A few months later, an OTA update rolled out, and it threw a shit fit because the pre-installed crap was missing. Fortunately I had backups. Now I use Titanium Backup's "freeze" feature to disable (and prevent execution of) apps while still keeping them installed/updated.

Re:If no root, no Android. FirefoxOS anyone?

[gnoshi]

Check out XPrivacy. Of course, it requires the Xposed Framework to be installed. Which requires root.
Or, of course, the Privacy Guard on the new CyanogenMod 10.1 builds, but which requires CyanogenMod.
Or OpenPDroid, but that requires patching your rom.

Re:If no root, no Android. FirefoxOS anyone?

[dinfinity]

It greatly increases your attack surface for security vulnerabilities.

As far as I understand, 'rooting your Android phone' generally allows elevation to root privileges, access to which is handled by an SU-application. That means that if you never allow anything to have root privileges, you face no increased risk at all.

If Google plays fair with Android

[nurb432]

I don't think its a Google problem, its the carriers.

Re:If no root, no Android. FirefoxOS anyone?

Good news! You haven't needed root to do that for a Long Time now. You can just click the "Disable" button in the app's details page, or drag it to the trash can from the apps drawer, and it's disabled.

Bad news! You can only disable apps that your carrier has decided that they want to allow you to disable.

Re:If no root, no Android. FirefoxOS anyone?

> It's kind of a moot point. If the system is that badly "infected", you should probably replace the rom anyway.

Exactly. Which is why we still need root functionality. Phone ROMs are not likely to get less of bloatware, spyware, etc.

Re:If no root, no Android. FirefoxOS anyone?

[Pioto]

Yes, but then you haven't *really* rooted it, have you? Once you do, though, and have ANYTHING running as root that wouldn't otherwise be; that's where the increased risk comes from.

Re:If no root, no Android. FirefoxOS anyone?

Yeah...well I'd rather have root access all the same, despite his assurances and Google's. I feel more comfortable having power over my PC, not the other way around.

Re:If no root, no Android. FirefoxOS anyone?

[citizenr]

what hardware? there is NO HARDWARE - thats why its on igg and not kickstarter (rules prevent vaporware)

Nexus

Root will be nesessary until the carriers allow us to freely uninstall their bloatware, and other useless/quasi-hostile junk (for me, that means facebook).

Or you could try supporting the concept of non-carrier devices by purchasing Nexus devices at "full price".

Re:If no root, no Android. FirefoxOS anyone?

[fuzzyfuzzyfungus]

You missed the point--he's saying that root access might one day no longer be necessary, not that it'll become impossible to root an Android device.

It sounds like Android is busy reinventing the wheel. "Root", in ye-olde-user-account-whose-powers-are-above-all-others-and-limitless, is something that (at least optionally), UNIXlikes have been picking away at (precisely because it is a big, gaping, unbelievably-non-granular, security problem) for years. You've got your conceptually simple mechanisms like OpenBSD security levels (once you elevate, suitably marked files are immutable, period, until the system is brought down) and your fairly-seriously-hairy; but powerful, mechanisms like SELinux and TrustedBSD.

I certainly wouldn't trust any plan where some other, no doubt benevolent, entity would take up rootly duties so that I needn't worry my little head about them; but the capabilities of a classic Linux root are really a pretty awkward fit with Android's own set of access controls and security concerns.

Re: If no root, no Android. FirefoxOS anyone?

[corychristison]

You don't need root to image a new ROM. You need an UNLOCKED BOOTLOADER. Two completely different things.

Re: If no root, no Android. FirefoxOS anyone?

[corychristison]

Don't "buy" your phone subsidized through your carrier? I just bought two Nexus 4's right from Google and switched carriers. No contract _and_ got a 10% discount on my bill each month by bringing my own device.

To be clear I live in Canada, and just switched to Telus.

To install linux.

[Robert+Frazier]

I have linux installed on my Asus Fonepad side by side with Android, allowing me to turn my phone/tablet into a nifty little netbook (using a bluetooth keybord). I like having a full LaTeX installation available, if I want to do some writing. It isn't clear to me that I could do this without root (especially if I want to run services on privileged ports). If I can't do this with Android 4.3, I will have to rethink upgrading to it, when it becomes available.

Best wishes,
Bob

Re: If no root, no Android. FirefoxOS anyone?

Android 4.3 and Permission Manager. Problem solved.

https://play.google.com/store/apps/details?id=com.appaholics.applauncher

Disabled does not mean forgotten

[thegarbz]

Disabled does not mean forgotten. I had heaps of apps disabled on my phone. Yet once or twice a week I would get a Google Play notification to update [insert disabled and unused app].

I would be happy if they were just taking up space on my phone but as it is they annoyed me every other day.

Re:Disabled does not mean forgotten

[TheRaven64]

You can disable automatic updates for these as well. It isn't done automatically, which is a piss-poor UI from the perspective of the end user, but understandable given the layering of Android. App stores are not part of the base Android install, but the system preferences UI (where you disable applications) is. It is not aware that the app store that you are using will automatically try to update apps that are installed, because that is a higher layer in the stack (it is typically Google Play, but it might be F-Droid or the Amazon Appstore). If the Android team didn't completely suck at UI design, then they'd either have provided a notification to app stores that the app was disabled, or hidden it entirely from the apk database. Unfortunately, a 5 minute conversation with anyone who works on Android will inform you that the Android UX team at Google is entirely populated by drooling morons who don't understand the basic elements of HCI.

Re:Disabled does not mean forgotten

[thegarbz]

No it's not about auto-updates. It's about notifications. Notifications can't be disabled on an app by app basis, only a Google Play wide basis.

I don't auto-update. I get notifications and then I check to see if the app is worth updating or if the developer has become a greedy a$$hole and just plastered ads everywhere calling it a feature.

That's the #1 item on the list

[raymorris]

That seems to be the #1 item on his list of "things that need APIs before root is unnecessary.

Re:If no root, no Android. FirefoxOS anyone?

[maccodemonkey]

You missed the point--he's saying that root access might one day no longer be necessary, not that it'll become impossible to root an Android device.

Well, it sounds like he's saying a bit of both...

"Prompted by the addition of new security features in Android 4.3 that limit the effectiveness of elevated privileges..."

Obviously it doesn't sound like root is dead right now, but it does seem Google is taking measures that could lead one to think they might lock it down more completely in the future.

on purpose, or the system, or a rogue app

[raymorris]

If nobody and NOTHING ever calls sudo, yeah.
Don't assume that all calls to sudo are you doing it on purpose. The risk is that malware could use sudo.

By way of comparison, Windows is somewhat similarly "secure unless you allow something to have elevated privileges". Compare that with a write-once DVD live system, where there is no such thing as altering the system.

Re:on purpose, or the system, or a rogue app

[dinfinity]

You obviously have no experience whatsoever with a rooted Android phone. Even if malware were to call the su-application, the su-application would still prompt the user asking for privilege elevation. Now if that su-application is exploitable and the prompt can be avoided by malware, then that would be a pretty bad security risk.

Re:on purpose, or the system, or a rogue app

[raymorris]

Presumably if you root your phone, you'll at least check to see if it works. So at that moment you're expecting the prompt. When sudo is launched, that's when the malware requests root. That's one method. Another method is to use a video overlay to put a benign looking button on top of the prompt. As an overlay, the benign thing isn't clickable, the user is actually clicking on the hidden sudo prompt underneath.

Before assuming I have no experience, Google my name. Note you're also implying Steve Kondrick doesn't know what he's talking about. I guess Steve doesn't have any experience with rooted phone?

It seems there IS one person in this discussion who isn't a security professional. Guess who?

Re:on purpose, or the system, or a rogue app

[dinfinity]

When sudo is launched, that's when the malware requests root. That's one method.

There is nothing from stopping a piece of malware requesting root via the su application. The thing is that the prompt shows information on which package is requesting the elevation. In this case, only if the piece of malware could exploit the su application, could it completely undetectably masquerade as an application for which the user would allow root privileges.

Another method is to use a video overlay to put a benign looking button on top of the prompt

I would be highly surprised if su applications do not prevent this (in a way similar to how the UAC elevation prompt prevents it in Windows).

Before assuming I have no experience

That's not what I said. I said: "You obviously have no experience whatsoever with a rooted Android phone."
You can Google 'reading comprehension'.
Also: here is a little bit of gratuitous 'rooting experience' for you: https://play.google.com/store/apps/details?id=eu.chainfire.supersu&hl=en

Note you're also implying Steve Kondrick doesn't know what he's talking about.

I'm most certainly not. I support his idea of creating more fine grained powerful permissions. There are a number of applications that I have given access to root privileges because there is no other way. An AdBlocker that needs to modify the hosts file needs root, but I would rather just give it access to only that specific file.

His motivations are obviously the implementation difficulties of root privileges in SEAndroid: "+Koushik Dutta and +Chainfire are working hard to permit root in some way on 4.3, but I feel that anything done at this point might severely compromise the security of the system and we should start considering better options. "

Re:on purpose, or the system, or a rogue app

Googling your name brings up a make up artist http://www.raemorris.com/, then a rubgy player http://en.wikipedia.org/wiki/Ray_Morris, then a photographer http://raymorris-hill.smugmug.com/ and then a singer and a used car salesman and so on, nothing about any "security professionals".

It seems there IS one person in this discussion who is a great big asshole with an over inflated ego. Guess who?

Re:If no root, no Android. FirefoxOS anyone?

Good news! You haven't needed root to do that for a Long Time now. You can just click the "Disable" button in the app's details page, or drag it to the trash can from the apps drawer, and it's disabled. Sure, it's taking up a few MB of space on your system image, but, "oh well."

Good news, I just took a dump on your doorstep! Don't worry though, you can just throw your doormat over it. It will still stink, but "oh well"

WHO CARES

Why do we give a toss what this half assed muppet has to say? He hasnt done anything of note in a couple of years now, CM dont write their own code, they get all the developers on forks to do it for them then intergrate it into their own ROM.

No CSIM in USA

[tepples]

Or you could try supporting the concept of non-carrier devices by purchasing Nexus devices at "full price".

Good luck doing that in the United States if you happen to live where T-Mobile has poor coverage. CDMA2000 carriers in the United States don't use CSIM.

Re:No CSIM in USA

[lowlymarine]

AT&T does though, as do a number of MVNOs and a couple of local carriers like Cincinnati Bell. Yes, AT&T is stupidly evil, but I'd argue no more so than Verizon, and at least they're GSM/UMTS.

Re:No CSIM in USA

[Archangel+Michael]

I wouldn't say carriers are evil (immoral), I would say they are amoral. These two things may appear to be the same, but are not. Often times, they look exactly the same. But this is just my opinion.

And given the choice between amoral carrier A, and amoral carrier B (C, D, E) or MVNOs that bundle those carriers' signals, I can assure you that there is no difference between any of them ... morally. If you really are going to put "morality" (aka evilness or goodness), then by all means, please do and stop using "evil" services (and aren't all "evil"?) , yes, even if you have to not carry a cell phone. Until then, stop bitching about how "evil" one or the others are.

Re:No CSIM in USA

[Thumper_SVX]

I do this. With T-Mobile. And it works like a champ. Granted, I'm usually in a place that has decent service (I travel a lot on business, but usually to the larger cities) but even when I don't it's usually when I don't care. Besides, using Google Voice for my service means if I can find a WiFi hotspot (easier than you might think) I can fire up Talkatone and make calls with VoIP all day long. Hell, I've worked an entire day from a McDonalds in the butt end of Kansas with a laptop and my phone on VoIP on conference calls.

Now, having said that there are downsides; no MMS on GVoice for example... but if you're willing to put up with those minor downsides or just have no need of those services then quite frankly the entire service works better. Visual voicemail, transcribed (sometimes amusingly) voicemails... and again, no ties to any particular carrier.

Oh... the one time I ended up without good service for T-Mobile when I really needed it, I stopped by a Radio Shack (too small a town for a Best Buy apparently) and got a pay-as-you-go SIM which worked fantastically well even with tethering. I am not under contract to T-Mob... but it works well for me in general and since I've basically made myself carrier-independent, I can use anything I like. Oh and yeah; this is on a Nexus (the Samsung Galaxy Nexus to be precise... nothing has compelled me to upgrade to the 4)

Re:No CSIM in USA

[triffid_98]

They're all evil, but some are more evil (and have significantly better cell coverage) than others. AT&T certainly has the evil part down but....

Re:No CSIM in USA

[Miamicanes]

> AT&T does though,

They won't, however, give you any kind of a discount for buying your own phone, and your likelihood of getting LTE to work is almost nonexistent unless the phone you bought full-price was AT&T-branded (and bootloader-locked) to begin with. The fact is, right now, if you don't spend most/all of your time in areas where T-Mobile has solid coverage and HSPA+ or LTE, you're basically fucked phone-wise if you insist on being a rebel. You'll be stuck with slow 3G data, and basically end up with the worst of all worlds.

I had hoped the people who created Ada retired

" all useful activities can be designed into the system so the 'dangerous and insecure' abilities [...] aren't needed."

The last time I heard that they created a committee that gave us Ada 83.

When will arrogant newbies finally learn the lessons of the past?! It is simply impossible to pre-design all useful activities into whatever you're developing.

Use it as a thought experiment to see if maybe there's an enhancement worth adding to your thingy, but never ever drink the kool-aid of belief.

It has been possible for quite a while now

Any distribution can remove root if they want to.

SELinux makes it easier to manage when you do. It does take getting used to.

Re: If no root, no Android. FirefoxOS anyone?

[gagol]

Telus... I hope your billing will be more fair than mine. After signing up for 85$ monthly plan, it quickly jumped to around 300$ a month...

Re:If no root, no Android. FirefoxOS anyone?

Yep..and the only one that will be hurt are sleazebags such as Barnes and Noble, who locked down a perfectly good android device(s). By so doing ripped off maybe a few million people who believed their ads. People like that deserve to fail.

Re:If no root, no Android. FirefoxOS anyone?

[GNious]

Perhaps get a Jolla instead?
http://www.jolla.com/
Yeah, I've already pre-ordered mine...

permissions on Android are frustrating

[stenvar]

Every release, the folks at Google decide that some other capability needs to be restricted, and some useful utility breaks. In 4.2, you don't seem to be able to enable airplane mode from third party widgets anymore, for example. Google really needs to introduce a class of trusted privileged applications that can do stuff like that. If Google doesn't do anything about this, I'm going to switch to something else because it is getting really frustrating and annoying.

Re:permissions on Android are frustrating

In 4.2, you don't seem to be able to enable airplane mode from third party widgets anymore

Airplane Mode Helper

This is what is happening

[The+Cat]

You people are gleefully participating in the relinquishing of control of your own property.

Re:If no root, no Android. FirefoxOS anyone?

[kangsterizer]

Yes/No.
It's a classic argument. Next one will be "nobody uses root so lets make sure its never possible to root the device"... and bang, that's the point.

Expect thats the current defacto way to get full device access. The APIs that "replace" what "root is used for" give you only very specific access, not full access like root currently does.

Everyone just stay calm and....

[JayRott]

Move along, nothing to see here. https://plus.google.com/100275307499530023476/posts/aYgumDrwA1d

Re:android

[gagol]

If it was not for you replying to his post, I would not have seen it. Comment is no substitution for moderation.

Re: The good thing about Steve Kondik

You 2 should go out on a date.

Re:If no root, no Android. FirefoxOS anyone?

[kangsterizer]

Yeah using linux on your machine makes zero sense!
Having the freedom to use any os on the hardware you own makes zero sense!

Nice thinking there.

Re: If no root, no Android. FirefoxOS anyone?

[GigaplexNZ]

It's not just carrier bloatware. The Galaxy S4 comes with some Samsung junk that can't be disabled either, for example.

this is a joke

[strstr]

we want more root access, not less. and we want to make it easier to obtain. we want to completely restore all account management functionality to Android, so it's just like Linux outside of the box. we always want the ability for people to manage their phones and have full system access. we also want to make it as PC like as possible, none of that sandbox and apps only shit. we want scripts, automation, compile software, and ability to run what we want on our phones.

We've been here before

[rs79]

Pretend you used unix from the start and the web comes along decades later and you have your stuff set up all nice and lo and behold all seventeen web pages work and nearly 700 people a year look them and next thing you know your buddy wants his bread clip collection to have it's own home page and your girlfriend's friends wants to put an anthology of lesbian vegan poetty online so you go fuckit and cut and paste their stuff up then that want to update it themselves so you show them vi wish them the best of luck and get back to fixing sendmail.

Fast forward years later and 300 people are using your stuff and you've written enough tools so you never have to talk to them again they can be busy little beavers updating merrily and rarely call. When they so you slip into root, fiddle with something and they're done.

Now, when you have root on a web server it's very different from having one user account on a machine and the later is really how you want to do this. It's convenient as hell to be logged in as root all the time, everything works. But it's really not a good idea. So in the past decade everybody I know has tried to do that. And it seems to work. With enough stuff in place you really don't need root in normal operation. In fact I'd go so far as to say other than catastrophic failure or radically new hardware there is never any reason to use root that can't be accomplished by the proper tool. I'm 99% sure this is true. Maybe 99.9.

So, I don't see why the android/root issue is any different from what happened with unix as we went from logging into a VT-100 as root to now where it's been years since I've had to.

So I think his point is very valid. Doesn't mean this doesn't bother me though; if I pay for it I get to decide what fucking code it will run and thank you very much, I'm not buying a service here.

I think in the end companies that make more sensible hardware will do better than ones that pull stupid stunts like this. One has to wonder where the real motivation behind it originates.

Re:We've been here before

Actually, every product in the universe is a bit of matter/energy(/spacetime?) that belongs to everybody, with a chain of services applied to it.

You're still right. And even if you bought a *pure* service (like music or software), you *still* can do with it whatever the fuck you like.

Everything else (like attempting [and failing, since it's physically impossible] to limit your access to it) would be a crime. As I always say:

If~~ all you give me~ is a mere copy of the result (information) of the work you (or even somebody else) did,
then all I~~ give you is a mere copy of the result (money~~~~~~) of the work ~~I (or even somebody else) did.

                                        DRM is a crime.
                            Copyright is a crime.
"Intellectual property" is a crime.

Re:If no root, no Android. FirefoxOS anyone?

Why would you buy a phone from carrier anyway?

Silly Americans.

Re:If no root, no Android. FirefoxOS anyone?

[Dog-Cow]

At least he's thinking. You apparently have decided to forego the process.

root? is that really the problem?

[Mirar]

As far as I see it on android, you don't need root to do much, but you will need it for the things the OS developer didn't think you needed.

First time I rooted was because I wanted to set the clock using NTP. Something the devs didn't think of.

The more of those needs are covered in the normal Android app scheme, the less need for root there will be. For instance, add the possibility of an app to restore and backup the entire OS and you wouldn't need root for that. (But how do you separate that from just accessing the file system at will?)
Add the possibility of an app to remove/disable any other app, and you wouldn't need root for that. Etc.
But there'll be things you didn't think of. Always.

Which brings me to the point where I think that the security of android is stupid in the first place. Too many apps ask for too much -
but this I take it is because the security system isn't fine-grained enough. Maybe this is fixed in later Android versions, but

- access to read/write my sd-card? Seriously, limit this to one top directory on my SD card, I don't want every app to have access to my photos or my GPS traces or...
- GPS location? That would be nice if it was limited to when I want the app to know it. Webpages, games, etc, usually don't need to know this.
- etc, etc

But start to look at if it's possible to say "no" to some of the privileges the apps ask for, individually, instead of the whole app. I heard there's some variants of CM that does this already?

Re:If no root, no Android. FirefoxOS anyone?

[dinfinity]

You have no idea what you are talking about, do you?

Root is a bug anyway

That root exists is an example of a poorly designed system. Something the Unix guys got rid of entirely when they wrote plan9.

Re:If no root, no Android. FirefoxOS anyone?

[crutchy]

mod parent up... it would be really handy to be able to view a virtually hosted intranet page on my phone

the problem stems from newer routers not supporting loopback

Re:If no root, no Android. FirefoxOS anyone?

[TheRaven64]

There are several reasons for wanting to uninstall stock bloatware:

• To free up the flash space it takes.
• To avoid the UI clutter of having it visible.
• To reduce the attack surface by reducing the amount of executable code available.

The current Android model does not address the first of these, but it does address the next two. None of these applications installs shared libraries (Android applications can't install shared libraries that are visible to other apps) and they can only be launched either explicitly by the user or by a Binder event with a URL that they have registered to handle. Disabling them removes both of these mechanisms for launching them, and so removes the security implications (by the time a malicious application has enough privilege to reenable them enough to launch them, it effectively has full control of the device and so won't need them for privilege escalation) and removes them from the UI.

The space issue is far less than it used to be. My HTC Desire only has about 100MB of free on-board flash for apps and so is quite constrained. I'd love to free up some space by deleting crapware like the Facebook and Twitter apps and Google Maps, but I can't, even though doing so would increase my available storage by 20-50% (most apps can install most of their contents to the SD card, but you still need 2-8MB per app on the internal flash). My newer tablet, however, has 64GB of space, and so even deleting the whole Android install would only free up a few percent of the total storage space.

Re:If no root, no Android. FirefoxOS anyone?

[TheRaven64]

If you expose every single thing that requires root to non-root users, then there is no distinction between root and non-root and so root is unnecessary. Very few people, for example, feel the need to enable root on OS X, but since normal users in the administrator group can sudo with their password there is no need because they can do anything that a root user can.

If, however, you expose some subset of what root can do to normal users, then you are always going to find some users who need to do some of the things that you haven't thought of. In my case, for example, I want to stick a Debian chroot on my Android device for development. This requires the chroot system call, which is only permitted for root users for reasonably good security reasons (it makes various categories of confused deputy attacks easier). I'm sure that other people will find other interesting things to do that require root.

Re: If no root, no Android. FirefoxOS anyone?

[Chris+Hodges]

It's not just the carrier - a Motorola (Defy+) bought from Amazon UK still comes with plenty of crapware:
* zinio (buy magazines to read on a tiny screen - really?)
* 7 digital music store
* tunewiki/motorola music player - a new, slower UI with every update (seemingly every week)
You could easily count motoblur on that list as well, and with a non-rooted old android (like all the other waterproof phones), you can't disable them entirely, block them from updating or move much of their bloat onto SD card (obviously, because then I could delete that).
So for now, rooting is still needed. Unfortunately with up-to-date firmware, it's also rather tedious and risky on this handset.

Re:If no root, no Android. FirefoxOS anyone?

[Inda]

I've had some sucess with installing Go Launcher, using that to uninstall bloat, then uninstalling Go Launcher.

Re:If no root, no Android. FirefoxOS anyone?

[SuricouRaven]

The site doesn't actually say what a Jolla *is*. Some sort of compact tablet?

Re:If no root, no Android. FirefoxOS anyone?

[polyp2000]

I think he was referring to kids who run their linux machine as root as oppose to badmouthing linux in some way. We've all done it at some point and learned the pitfalls in the process. N.

permanent beta

If these proposed not-root APIs work as well as all the other APIs in Android, you'll still need root to work around them. Android is permanent beta and seems amazingly able to paint itself into a corner.

Re:If no root, no Android. FirefoxOS anyone?

These are the same kids that always ran their Linux machines at root because they were so 133t.

You don't run a linux machine "at" root. You run it "as" root. With that said, you don't. Nobody does. Not necessarily because they know it's unwise, but because they wouldn't get very far before hitting a show-stopper. Try it if you don't believe me.

Re: If no root, no Android. FirefoxOS anyone?

I always wonder how come Samsung apps have thousands of good reviews on the Play store. They're almost all "13,500 5*" and "12,500 1*" reviews. I'm guessing astroturfing works.

Most of my reviews say something like "this app is useless to me. Let us uninstall this app, then we'll see how popular it really is". I really can't imagine what sort of marketing retard thinks that leaving an app on my phone is somehow going to magically make me want to use it. Samsung's chat/music player/video player are all crap in my opinion, so I've downloaded alternatives that I used instead. How's annoying me with updates to this stuff I don't use and can't uninstall going to make me suddenly think "hey, this looks good, let me uninstall that app I've been using and use this instead!".

Re:If no root, no Android. FirefoxOS anyone?

[andydread]

It looks like that problem is solved in Android 4.3

Well, no shit, Sherlock

Everything users need to do could be achieved by adding the necessary APIs. But because they aren't there, we need to root the phones.

Re:If no root, no Android. FirefoxOS anyone?

[geminidomino]

Does Privacy Guard work like PDroid/OpenPDroid, in that it will/can spoof tracking data so that badly behaved apps don't FC?

If so, good on them for the reversal. CM has left a bad taste in my mouth since they sided with scummy devs over user privacy back when they said they would "never" add it, back in the CM7 days.

Re: If no root, no Android. FirefoxOS anyone?

[TheDarkMaster]

Me to. And if I forcibly remove bloatware (using rooted tools), Samsung starts to refuse to update the phone software.

Re: If no root, no Android. FirefoxOS anyone?

[O('_')O_Bush]

I'm pretty sure that every App can be disabled using the uninstall updates/disable method, but not all apps can be uninstalled.

Where is private-use DVD ripping legal?

[tepples]

consider the point of ripping one's own DVDs to a DRM-free, neutral format to play back on their phone. Legal, but unsanctioned.

Legal in what country? Mr. Kondik, Google, and Slashdot operate in the United States, and tools for private-use DVD ripping don't appear to be clearly legal there (Universal v. Reimerdes).

One (or none..)

[thrasherm2]

There can be only one! (thunder clashes at the might of the all powerful root)

I'm not guessing

[raymorris]

>. the prompt shows which application

When people open a root app and they get the same prompt they always get, they don't re-read it every time. They also don't get suspicious when the first click on "Ok" doesn't seem to work - the "same" prompt is still there.

> I'd be surprised if su applications don't [control the video memory]

Welcome to surprised.

Re:I'm not guessing

[dinfinity]

When people open a root app and they get the same prompt they always get, they don't re-read it every time.

The reality is, however, is that people tick the 'always allow' checkbox and get suspicious when they get a prompt for an application they had previously given permanent access to root privileges. Having said that: there is no curing stupid. Giving applications root access is potentially dangerous and should be done with care.

I'd be surprised if su applications don't [control the video memory]

Welcome to surprised.

And the malware does control the video memory? Don't be silly.
Are you implying that making a secure prompt (like the UAC prompt) is impossible in Android? If not, you'd have to show that the existing su applications don't to surprise me.

Re:If no root, no Android. FirefoxOS anyone?

[aztracker1]

That's pretty awesome... waiting for my N4 to get the OTA update to 4.3, my N7 already has it. :-)

how can you write?

[raymorris]

How in the world can you spell? Clearly you absolutely refuse to learn anything from anyone.

  Some of your thoughts are reasonable guesses. Thing is, you don't have to stick to those guesses when you're presented with facts by people who have actually done it.

Want to see an for yourself that it's possible for apps to ACCIDENTALLY overlay the prompt? Download open roads voyager, set it to overlay buttons, and open a root app.

Re:how can you write?

[dinfinity]

How in the world can you spell?

Meh, I've seen funnier attempts at insults.

Clearly you absolutely refuse to learn anything from anyone.

Please, enlighten me as to what I should have 'learnt' from your previous post and how it is clear that I didn't.

Download open roads voyager

You're going to have to provide a link. Google doesn't find any pages containing "open roads voyager".

I'd like to stress that nowhere did I claim to be 100% sure of su applications not being (easily) exploitable. I said I'd be surprised if they were. Let me add that I would also be disappointed if they were.

Replicant

There was a post about GNU Replicant, an Android port, here a few days ago. Remember that GNU free software does not have any DRM or restrictions in functionality. The project looks pretty good so far, I'm excited to see if they keep up development on it.

death of the microchip!

"ARM, the platform that has no root!"

What I lack on Android isn't root.

[hendrikboom]

All I really lack in Android is sshfs, ssh -X, and a decent X server (like the ones the X teminals provided decades ago) to be present and all work well together.

Nothing that isn't usually available for free in any normal Linux system. All that would be needed is for Google not to take them out.

Oh yes, a decent Linux-supported file system on large external sd cards wouldn't hurt.

-- hendrik

Submitter must read William Gibson

[idontgno]

That which is overdesigned, too highly specific, anticipates outcome; the anticipation of outcome guarantees, if not failure, the absence of grace.

--Konrad, All Tomorrow's Parties

Re:Submitter must read William Gibson

[c0d3g33k]

Thanks! I like me some Gibson, but haven't read that particular work yet. I will now.

Re:Submitter must read William Gibson

[c0d3g33k]

As an aside, Konrad reminds me a lot of Ghost Dog (http://en.wikipedia.org/wiki/Ghost_Dog:_The_Way_of_the_Samurai). Ironic that this film and All Tomorrow's Parties came out the same year. Must be the Zeitgeist's doing.

Re:If no root, no Android. FirefoxOS anyone?

[jc42]

You missed the point--he's saying that root access might one day no longer be necessary, ...

Actually, people have been claiming since the early days of unix (back in the 1970s) that root never has been "necessary". I've read a number of discussions triggered by such claims. They all reduce to the same conclusion: Yes, in a well-run computing environment, in which all vendors and users understood all the security issues and agreed on their solutions -- and implemented them all correctly -- the root id wouldn't be necessary. But we never have been anywhere near close to such an ideal. And until then, root is needed to cleanly fix the permission messes that our current practices so often produce.

I've been, uh, "discussing" an example of this on a web server where I'm the maintainer of one of the web sites. The site is actually replicated on my home machine and on another remote machine. I make changes on my home machine, then rsync the three machines when a change is working to my satisfaction. On the two remote machines, rsync has always produced a lot of bogus permission errors (while correctly copying the files). The reason is that some of the files are created by the web server, and are thus owned by the web server's id, not by mine. The code can enable world read/write permissions for everything, so the rsyncs all work. But due to the mismatch in ownership, rsync complains that it can't fix the permissions.

This is a problem for one important reason: Whenever the software gives such floods of bogus error messages, they bury the actual error messages, and teaches the users to ignore error messages (since all of them that you see are so bogus ;-). This isn't an ideal situation, if you want people to correctly spot problems and fix them.

It turns out that I can "fix" many of these problems if I spot them early enough. None of my login ids can fix them, since the logins don't match between the 3 machines and I don't have admin access to the others. But on my own machine, I can often use "sudo" to adjust permissions so that rsync won't produce so many bogus error messages. But I haven't stumbled across a way to fix them all.

I have occasionally persuaded (nicely ;-) an admin on one of the other machines to use a similar sudo to give me control of my own files, but they usually consider this a bother, and don't do it. I need to stay on good working terms with them, so I don't push it.

Anyway, I'd agree that root isn't, stricktly speaking, "necessary" right now. But it's often the least time-wasting solutions to all the annoying permission problems that typical machine setups produce. On a well-done server machine, owners of a web site would have group "www" permission, and could fix most such problems, but I don't think I've ever worked on a server that's run that way (except the servers that I run myself ;-). And so on.

I have an Android phone that at random times gives me what look like permission errors. I've investigated, but so far haven't found a solution other than rooting the gadget. I haven't actually done that, so once again, the machine's "security" setup is teaching me to ignore error messages, since they're usually sinkholes of time that I can't do anything about.

(I've never kept anything important on my phone for more than an hour or so, and treat it all as "transient" stuff that can disappear any second. I've occasionally worked on some apps, but tend to minimize testing on the phone itself due to the confusion of all the permission problems. Maybe this'll change some day. Or maybe I'll just stick with developing "apps" that run inside the browser, and continue with the mess that that "OS" is. ;-)

Re: If no root, no Android. FirefoxOS anyone?

[corychristison]

Here in Saskatchewan, the best Promotional Plan is $60/mo for unlimited nationwide calling, unlimited text, 5GB of monthly data, caller ID, voice mail, etc.

Re: If no root, no Android. FirefoxOS anyone?

[corychristison]

My comment was in response to this comment.

Re:If no root, no Android. FirefoxOS anyone?

[bbsalem]

Would that be just disabling a root login, or the ability to do sudo? In Linux land you get root if your system is in recovery mode, but there is no root with a login shell. Is this the same in Android?

Re: If no root, no Android. FirefoxOS anyone?

[Miamicanes]

Unfortunately, in America, GETTING your bootloader unlocked almost always requires root. At least, if you want a phone that has a microSD slot, can take extended batteries, and isn't last year's hardware in a new package. Google seems determined to arbitrarily bork and cripple all their new hardware in the holy name of all that is Cloud, which leaves us in the real-world position of having to deal with bootloaders that are at least protected by the equivalent of a skeleton key hidden under a doormat that says "Monsters are under here".

It's sad, but I'm starting to feel about as non-enthusiastic about new releases of Android as I've been about new releases of Windows for the past few years... like every new release is two steps forward, and seven steps diagonally backwards towards left or right. If the new version of Google Maps is any indication of the direction Google plans to take Android, I might be living on some fork of CM10.x for a really, REALLY long time.

Re: If no root, no Android. FirefoxOS anyone?

[Miamicanes]

Don't forget the ability to use flash drives via USB OTG to make up for the often-intentional omission of a microSD slot. It's like it's not bad enough that they have to gimp the phone and take away the one part likely to survive anything short of hellfire and brimstone (a microSD card is one of the few things LEFT that someone with some wire, an Arduino, and a soldering iron can try doing his own guerrilla data-recovery on if the card itself gets crushed or mangled. Just *try* mounting a crushed, waterlogged, and destroyed Android phone that can't boot as a USB flashdrive to copy your data off of it. With a microSD card, you might actually succeed, even if you have to do it one bit at a time via SPI and reconstruct the filesystem offline.

My wireless provider is myself

[tepples]

providing APIs and extensions to the user for whatever the wireless provider thinks the user needs

I own a Netgear AP and rent a modem from Comcast. So who is my Nexus 7 tablet's wireless provider?

Re: If no root, no Android. FirefoxOS anyone?

[GigaplexNZ]

Funny you should mention that: my microSD card in my S4 just had a catastrophic file system corruption (after months of files mysteriously vanishing infrequently while in my old HTC).

Re: If no root, no Android. FirefoxOS anyone?

[Miamicanes]

By any chance, did you buy it on eBay? Or from anybody besides a store like Best Buy or OfficeMax? If you did, there's a VERY good chance that it actually has half the capacity it claims to have, does transparent data compression to conceal it, lies about its free space, and simply overwrites the oldest sectors with newer data if you end up totally filling it up. My dad learned the hard way that allegedly-Sandisk flash cards from China with prices that are "too good to be true" probably are, and almost lost a quarter of his vacation photos as a result. This is VERY common with cards that don't have tightly-controlled supply chains

Re: If no root, no Android. FirefoxOS anyone?

[GigaplexNZ]

No. It was a 32GB card that I've had for a little over 2 years, it's been at near-full capacity for most of that time, and it's only started to have issues over the past 6 months.

Re:If no root, no Android. FirefoxOS anyone?

[Stephan+Lehmke]

Well they say on the funding page "We've been through a long creative process, from early concepts and sketches to 3D wireframes and a variety of test handsets. It's all led us to the beautiful Ubuntu Edge prototype that you see throughout this page." So you think they're lying?

Re:If no root, no Android. FirefoxOS anyone?

The site doesn't actually say what a Jolla *is*. Some sort of compact tablet?

https://en.wikipedia.org/wiki/Jolla_%28mobile_phone%29

Re:If no root, no Android. FirefoxOS anyone?

[GNious]

Ah, sorry - was thinking all of /. had heard of it ;)

Jolla is basically the break-away group from Nokia, who took the N9/N900 software with them and created a new company and new phones.
(overly simplicated)

Probably not going to be a big hit, or displace any of the big mobile OSes, but it is an interesting piece of kit, and ticks a lot of geek-boxes.

Re:If no root, no Android. FirefoxOS anyone?

[citizenr]

that phone they demo UI on is a 2 year old hardware - one of ubuntu people on YT replied about it and then promptly deleted my comment about that UI dropping frames :)

Re: If no root, no Android. FirefoxOS anyone?

[Chris+Hodges]

Indeed it was, I was adding the comment that avoiding the carrier doesn't always get rid of the bloat, though it sounds like it helped you.

Re: If no root, no Android. FirefoxOS anyone?

Nope. There are many apps on my phone for which the "disable" option is greyed out.