This argument is a tautology. "Power users" are just a synonym for people who want stuff not in the default. To the extent that the default installation lacks desired features (wifi hotspots are a good example) we are all "power users".
But yes: gaming, browsing and texting don't require it. And a big portion of the user base never leaves that box.
The issue is more about where on the functionality vs usability/support costs graph you draw the line. If there's a desirable feature that also has significant drawbacks (maybe accidentally racking up heavy data charges because you unintentionally created a public unsecured WiFi WAP, or shitty battery life, or something) then it might get the chop just because it costs (too much) money to support, rather than because the general public don't want or need it.
I think the most practical solution, given that people are always going to want to push the limits of the devices, is to permit, but disclaim responsibility/liability where possible. "By accessing the root features of this phone, you're no longer eligible for $x direct support, and you're aware of $bignum ways in which this could be a Bad Idea"
The problem with that is too many people are going to put on their disclaimer-blinders, and click straight through anything that isn't Making Their Damn Internet/Facebook/Game Work, and call you anyway when it screws up. Maybe a certain barrier to entry does have some merit after all...
I'm sorry, but the "expensive support" argument is a red herring. Is there any example anywhere of an otherwise-successful product (in any realm) whose profitability was impacted by users hacking/modifying/diddling the hardware?
Carriers and platform vendors (but not, in general, hardware manufacturers) don't want users running unauthorized code because they don't want to lose access to revenue streams therein; and by extension that they fear the loss of control means they will lose access to any future revenue streams.
I wonder how Apple did this math? I look at this way: Microsoft pushed tier-1 support, at least, to the resellers, right? I buy a Windows laptop and do Bad Things via the admin account, what do I do? Go back to where I bought it, or I call the Geek Squad.
In the case of Apple products, I'd take my shiny laptop back to the Apple store, and they'll deal with it (generally). So is that support cost baked into the already-high cost of Apple hardware+software?
That said, your argument is probably a good one, too--the carriers and platform vendors really do like lock-in, so they would likely do whatever they could to turn off root access.
Apple is a content provider. They get a cut of iTunes downloads. So they aren't a pure hardware manufacturer. Samsung frankly doesn't care if you root their phones once they leave the factory, but Apple loses money when you jailbreak an iPhone and start dropping torrent-sourced videos on it.
But the default Android installation does have wifi hotspot features! If it's not on your phone, you're either running a very old version of Android, or your manufacturer or carrier choose not to enable the feature.
I know; obviously I meant that it doesn't work (either at all, or without a very expensive carrier upgrade). Rooted phones can simply install a wifi hotspot app from the market; that's probably the single biggest driver of phone rooting.
Yes, there are issues about carrier licensing. Let's not get into that. I'm simply talking about why people root their phones.
Sure, but to respond to the question in the headline, helping people cheat their carrier out of expensive plan upgrades is probably not actually a brilliant business move for Google.
A relatively low percentage of users * the total number of people who buy smartphones = a heck of a lot of users. If they manage to pull those people away from other companies (and such a future would do that), it's a big win.
I'm not sure that it's established that people will actually buy smartphones for that reason.
Take webOS which you could put into dev mode (essentially rooting) by entering the Konami code (upupdowndownleftrightleftrightbastart ).
Didn't seem to do them a bit of good. So easy rooting may be a desirable feature but doesn't seem to sufficient feature to ignore other more important features.
This is interesting, since CyanogenMod devs recently removed default "root" access. You can still enable it if you want, but if you don't really need it, it's a gratuitous security hole. Discussion: https://news.ycombinator.com/item?id=3716104
Why is that? You don't need root to pirate games. The only thing it does is marginally improve security for apps like Netflix.
It wouldn't have to be rooted by default. The ideal solution would be a USB tether + dev tool connection required to turn this on, so unsuspecting users aren't compromised by malicious apps.
i rooted my EVO 4G the day it came out and agree that root should not be gained only via exploit.
however, i'm not sure i see how giving a choice of easy root to the end user would de-incentivize the development of malicious exploits which seek to gain it through other non-interactive means which bypass the officially provided method - there will always be incentive to do this, though i agree than it may take much more dedication and time to develop since there is not a huge community after it. on the flip side of the coin, these 0-day exploits likely would not be publicly disclosed as they are today for the sake of giving freedom to the end users.
If you rooted your EVO on day 0, then you probably used some of my Unrevoked work. :)
I can say with absolute certainty that we've held previously back active, root-level exploits in the OS or supporting Android libraries that we've found to a later date, solely to ensure that users continue to have access to root.
yes it was unrevoked :) then unrevoked4ever for s-off.
holding back exploits is always a two edged sword in the walled garden created by carrier subsidies. it's a never-ending balancing act of security concerns and device freedom. capitalism will never provide us with both - a stallman-level open ecosystem and the low prices we pay to be bent over backwards by vendor lock-in.
I don't use root for much, but there are several programs that I find indispensable that require them, including TitaniumBackup, and Virtual Button Bar.
I would like to to see Android get a well known, official way to get root, a way to install authorized root/setuid programs, AND a multiuser model of operation.
Samsung: Here's our new line of cell phones we would love for you to carry.
AT&T: Looks nice. We'd like this one to look more iPhone-like.
Samsung: No problem. Our designers are very talented. One new feature of these devices is root access for any advanced users who want to customize their phones.
Apple already did this disruption. I don't understand why other companies can't either.
Is it just because Apple is the only company ballsy enough to walk away when a carrier says no? (And they bring the iPhone to the table, but 5 years ago that wasn't necessarily such a good thing)
I would imagine that Verizon regrets walking away from being the original exclusive iPhone carrier. AT&T surely made a lot of money on that deal, despite Apple's unprecedented demands.
Not a great example. Samsung phones all (AFAIK, though I'm sure exceptions must exist) have a bootloader that allows unauthenticated booting and reflashing to arbitrary code. "Rooting" a phone with Odin/Heimdall is generally straightforward. They're easily the most open of the Android hardware vendors.
That's a very america-centric view of things. Europeans who buy phones for a couple of 100 euros instead of investing in a life long relationship with a provider sees things differently.
well it's kind of an official feature on Nexus phones, there's a script to unlock it on the phone, you just gotta execute it. So what more exactly do you want? Besides that I don't even know why a normal user would want root access, even I only use it on a dev phone to quickly flash another ROM to test my App in different Android OS versions. For people wanting to get rid of branding etc., they should just stop buying carrier customized crap. You can get vanilla devices at Amazon, or just get an iPhone or Nexus, it's not that hard. If they aren't capable of doing some basic research before purchasing a product, I don't think giving them root access to their phone would end well.
"Besides that I don't even know why a normal user would want root access"
When I mention wi-fi tethering and explain how it works people's eyes light straight up whether they are a "normal" user or not. Some phones come with that feature enabled out of the box but most require root.
You don't need root for Wi-Fi tethering on Android... unless your carrier has disabled that feature. In which case they seem unlikely candidates for allowing unlocked phones let alone root access.
I might be missing something (I haven't developed for android or rooted my phone), but isn't this essentially what HTC permits with their 'unlock your bootloader' tool (http://www.htcdev.com/bootloader/)?
Or does Android require some additional breaking in order to achieve the equivalent of init=/bin/sh?
It shouldn't be rooted by default, but something like what CyanogenMod 9 promises: the ability to turn it on and off in settings. It can be off by default.
I'd imagine the main issue is that they'd have to say goodbye to any content deals they may want to make. As I understand it, lack of limitations on the method of access is usually what studios et al hate about these deals, and for Google to officially support it would piss off a looot of potential partners.
37 comments
[ 2.9 ms ] story [ 87.5 ms ] threadPower users do. Most do not. That alone is the reason Google will never make it a priority.
But yes: gaming, browsing and texting don't require it. And a big portion of the user base never leaves that box.
I think the most practical solution, given that people are always going to want to push the limits of the devices, is to permit, but disclaim responsibility/liability where possible. "By accessing the root features of this phone, you're no longer eligible for $x direct support, and you're aware of $bignum ways in which this could be a Bad Idea"
The problem with that is too many people are going to put on their disclaimer-blinders, and click straight through anything that isn't Making Their Damn Internet/Facebook/Game Work, and call you anyway when it screws up. Maybe a certain barrier to entry does have some merit after all...
Carriers and platform vendors (but not, in general, hardware manufacturers) don't want users running unauthorized code because they don't want to lose access to revenue streams therein; and by extension that they fear the loss of control means they will lose access to any future revenue streams.
In the case of Apple products, I'd take my shiny laptop back to the Apple store, and they'll deal with it (generally). So is that support cost baked into the already-high cost of Apple hardware+software?
That said, your argument is probably a good one, too--the carriers and platform vendors really do like lock-in, so they would likely do whatever they could to turn off root access.
Yes, there are issues about carrier licensing. Let's not get into that. I'm simply talking about why people root their phones.
Take webOS which you could put into dev mode (essentially rooting) by entering the Konami code (upupdowndownleftrightleftrightbastart ).
Didn't seem to do them a bit of good. So easy rooting may be a desirable feature but doesn't seem to sufficient feature to ignore other more important features.
It wouldn't have to be rooted by default. The ideal solution would be a USB tether + dev tool connection required to turn this on, so unsuspecting users aren't compromised by malicious apps.
however, i'm not sure i see how giving a choice of easy root to the end user would de-incentivize the development of malicious exploits which seek to gain it through other non-interactive means which bypass the officially provided method - there will always be incentive to do this, though i agree than it may take much more dedication and time to develop since there is not a huge community after it. on the flip side of the coin, these 0-day exploits likely would not be publicly disclosed as they are today for the sake of giving freedom to the end users.
I can say with absolute certainty that we've held previously back active, root-level exploits in the OS or supporting Android libraries that we've found to a later date, solely to ensure that users continue to have access to root.
holding back exploits is always a two edged sword in the walled garden created by carrier subsidies. it's a never-ending balancing act of security concerns and device freedom. capitalism will never provide us with both - a stallman-level open ecosystem and the low prices we pay to be bent over backwards by vendor lock-in.
I would like to to see Android get a well known, official way to get root, a way to install authorized root/setuid programs, AND a multiuser model of operation.
AT&T: Looks nice. We'd like this one to look more iPhone-like.
Samsung: No problem. Our designers are very talented. One new feature of these devices is root access for any advanced users who want to customize their phones.
AT&T: We don't think that's a good idea.
Samsung: You got it. Root access is gone.
Change will require a (major) disruption.
Is it just because Apple is the only company ballsy enough to walk away when a carrier says no? (And they bring the iPhone to the table, but 5 years ago that wasn't necessarily such a good thing)
I think far fewer Americans would own smartphones if they had to pay the full, unsubsidized cost up front.
When I mention wi-fi tethering and explain how it works people's eyes light straight up whether they are a "normal" user or not. Some phones come with that feature enabled out of the box but most require root.
Or does Android require some additional breaking in order to achieve the equivalent of init=/bin/sh?