16 comments

[ 1.6 ms ] story [ 19.9 ms ] thread
It's been so annoying lately to have to fucking open up the console every few weeks and fix security attestation so I can pay with my rooted phone. I wish they'd fucking stop, just let me live my life and have a functioning computer in my pocket. Why can't we have nice things? I just want control over the device I paid for.
I don't think people realize rooted phones are an actual hazard to 99.95% of people who don't care but don't realize their phone is in an unsafe state. The point is to make a rooted phone hard to use so normal people won't screw themselves over because they got a rooted phone from Facebook marketplace and it was full of hidden malware sending all of their bank logins to someone else.
There are ways to solve this without killing off the ability to root phones if this was really about users' safety.

You could for example make it so that phones could only be unlocked within a few days of the purchase (first boot) date, and put a scary warning on it. That'd put a stop to 99% of people being tricked into unlocking it.

You could also put a scary warning on boot that allowed anyone to tell it was rooted to stop people selling them while rooted.

The point of blocking rooted phones isn't "security", it's to maintain control of the user experience.

it is more than to simply maintain control over user experience; it also has to do with the adtech fingerprint id... all the "free" services are provided by their ability to track you and offer those ads
There is absolutely no justification, including any part of this. You can apply this argument to unregulated breathing.

The only reason people don't know what to do with any potentially dangerous thing is when they are artificially prevented from exposure and learning the appropriate common sense the same way they have to for everything else in the world like nail clippers. You don't eat them and you don't cut your actual finger off, because somewhere along the way you played with one or if you are particularly dimwitted, someone showed you and you memorized a rule. The danger of a phone is no differrent than the danger of any other computer, or a toaster oven, or fucking breathing outside of a padded cell.

This line of argument is exceedingly offensive and should be ridiculed without a hint of mercy or acknowledgement.

There is no justification to validate that a client is in a secure unmodified state? Just to be clear you have to be dimwitted to think the danger of your computer being compromised is anywhere near that of your phone. Its a data gold mine.
And a simple match can literally kill everyone in the house.
Cool, let me know when my nail clipper can drain my bank account without me knowing or without recourse like someone with complete hidden access to a rooted phone could and does easily.
I don't think that's correct, so I propose to keep you bound in a dark room for your own safety.

That came out creepier than I'd like, but idk how to rephrase it right now.

(comment deleted)
Wait isn’t RCS the “open” thing everybody was whining about Apple not supporting and rending their garments over how Apple was not allowing third parties to use the iMessage protocol and network?

I hope they complain similarly about Google in this case :$

You just know the “boo hoo why can’t I use iMessage on android” crowd won’t show up to comment on this.

Although with behaviour like this, it’s easy to see why they’d want iMessage support, because clearly Google can’t be trusted to deliver certain services.

If the security model of RCS falls apart when the client is run with elevated privileges not to mention a client that is intentionally malicious they should bin the entire thing and start over since it’s clearly garbage.
This is off the wall wild. I generally defend a lot of Google's behaviors especially around the web & what I see as commitment to platform & standards. This just does so much to savage my feelings for the company. I didn't think my first post on the topic here was that out of line, that crazy, but I used stronger words & got flagged, and boy does this get at me in an awful way.

It feels like such a terrible indicator of the state of the world. The hackerly spirit is under attack once more in the War Against General Purpose Computing & here (as elsewhere with the Safety net effort) Google is one of the leading companies doing the dirtiest to the world, to anyone else's chances or ability to understand & affect change. They are emblematic Black Iron Prison keepers, and it so sad to see from a company that I believe often is so contributive & so helps us to advance & create robust standards.

I was excited for innovation & change to come to text messaging, to not need to have everyone figure out how else to text everyone else each time we want to interact. But if Google's going for a trifecta of shooting themselves, their users and RCS down like this, all with this one bullet, it's back to there being no sensible clear options.

And what's with the opening line carrying so much water for Google?

> Google is cracking down on rooted Android devices,

Cracking down? Excuse you? You crack down on offenders. People advancing how they use their devices beyond what's provided aren't a pest. The vanguard of human intent, our capacity to improve ourselves, ought be cherishes and celebrated, especially on a site with the word hacker in the title.