Rooting and privacy on Android
-
Hi,
The general consensus amongst the Android community is that rooting is detrimental to privacy. In a sense, I agree with them since privilege escalation because of human error becomes a much bigger threat if the user has root access.
Android has a big privacy problem encapsulated in one word: "baseband". Your modem and other hardware running in your device don't run FOSS firmware and are likely actively malicious towards your privacy.
I am a Linux user, and I understand that concepts do not necessarily transfer well between the two. With that in mind:
- If I wanted to be absolutely certain that sensistive hardware like Camera, Microphone and Modem were truly off, would shutting them off as root hold any real significance?
- I do not know what the equivalent of Intel ME is called in the Android space, but I doubt that a highly complex OS is running beneath general Android as we know it. I think it's just the firmware of the individual device that we need to worry about.
- Is it possible to replace the bootloader on some Android devices/prevent it from loading unwanted firmware?
With Google taking Android behind closed doors, I suspect we will start seeing some suspicious snippets of code here and there with questionable purpose, but which might be missed by FOSS volunteers because of the sheer volume of work that is. I'm thinking of ways we can try to evade this blatant grab of our personal data.
- If I wanted to be absolutely certain that sensistive hardware like Camera, Microphone and Modem were truly off, would shutting them off as root hold any real significance?
-
Hi,
The general consensus amongst the Android community is that rooting is detrimental to privacy. In a sense, I agree with them since privilege escalation because of human error becomes a much bigger threat if the user has root access.
Android has a big privacy problem encapsulated in one word: "baseband". Your modem and other hardware running in your device don't run FOSS firmware and are likely actively malicious towards your privacy.
I am a Linux user, and I understand that concepts do not necessarily transfer well between the two. With that in mind:
- If I wanted to be absolutely certain that sensistive hardware like Camera, Microphone and Modem were truly off, would shutting them off as root hold any real significance?
- I do not know what the equivalent of Intel ME is called in the Android space, but I doubt that a highly complex OS is running beneath general Android as we know it. I think it's just the firmware of the individual device that we need to worry about.
- Is it possible to replace the bootloader on some Android devices/prevent it from loading unwanted firmware?
With Google taking Android behind closed doors, I suspect we will start seeing some suspicious snippets of code here and there with questionable purpose, but which might be missed by FOSS volunteers because of the sheer volume of work that is. I'm thinking of ways we can try to evade this blatant grab of our personal data.
Google has pretty much always been a prick, but recently they've been showing just how bug a prick they can be, with ramping up company acquisition, destruction and closure, ad obsession, censorship and other anti consumer moves. I believe rooting is essential to privacy, because Google. The less power conglomerates and corporations have the better.
- If I wanted to be absolutely certain that sensistive hardware like Camera, Microphone and Modem were truly off, would shutting them off as root hold any real significance?
-
System shared this topic on
-
Hi,
The general consensus amongst the Android community is that rooting is detrimental to privacy. In a sense, I agree with them since privilege escalation because of human error becomes a much bigger threat if the user has root access.
Android has a big privacy problem encapsulated in one word: "baseband". Your modem and other hardware running in your device don't run FOSS firmware and are likely actively malicious towards your privacy.
I am a Linux user, and I understand that concepts do not necessarily transfer well between the two. With that in mind:
- If I wanted to be absolutely certain that sensistive hardware like Camera, Microphone and Modem were truly off, would shutting them off as root hold any real significance?
- I do not know what the equivalent of Intel ME is called in the Android space, but I doubt that a highly complex OS is running beneath general Android as we know it. I think it's just the firmware of the individual device that we need to worry about.
- Is it possible to replace the bootloader on some Android devices/prevent it from loading unwanted firmware?
With Google taking Android behind closed doors, I suspect we will start seeing some suspicious snippets of code here and there with questionable purpose, but which might be missed by FOSS volunteers because of the sheer volume of work that is. I'm thinking of ways we can try to evade this blatant grab of our personal data.
it is not at all detrimental to privacy. it may be to security. different things.
of course, until you install something that uses root and mines data. but there are plenty of tools working with root that don't do that.
- If I wanted to be absolutely certain that sensistive hardware like Camera, Microphone and Modem were truly off, would shutting them off as root hold any real significance?
-
it is not at all detrimental to privacy. it may be to security. different things.
of course, until you install something that uses root and mines data. but there are plenty of tools working with root that don't do that.
Thank you. This was exactly the response I was looking for.
-
Is it possible to set a password for sudo on Android? I've never seen anyone talk about it.
-
Sucks that I can't control sensors with root. Sensors are my biggest fear on all phones.
-
Ah yeah, ARM TrustZone. I had forgotten about that.
-
afaik the modem often relies on a linux based system
Well, shit.
-
-
Thank you. This was exactly the response I was looking for.
-
Is it possible to set a password for sudo on Android? I've never seen anyone talk about it.
-
Sucks that I can't control sensors with root. Sensors are my biggest fear on all phones.
-
Ah yeah, ARM TrustZone. I had forgotten about that.
-
afaik the modem often relies on a linux based system
Well, shit.
Is it possible to set a password for sudo on Android? I've never seen anyone talk about it.
on android you don't use sudo, or if it is possible, it is not the usual way. usually there is an app that controls access, and when something wants to start a new program with the
sucommand (switch user), the app pops up a prompt about whether you want to allow it. this prompt can be terribly insecure or not (or rather the "backend" of it really).the most common root solution nowadays is Magisk. it only modifies the bootloader. it is open source. if you look up how it works, its like a sophisticated malware, but handing control to you
Sucks that I can't control sensors with root. Sensors are my biggest fear on all phones.
you can't for the modem. but for other apps, you can, if that's worth anything. to me it does, because some sensors are not gated by a permission (gyroscope, compass, magnetometer, proximity sensor, light sensor)
what android version do you have? on newer ones there's a developer setting to allow to have a "sensors off" quick settings tile
Well, shit.
if you don't need the modem, you may be able to safely wipe the partition holding its firmware. but look it up if it is safe for your phone! it should be, but who knows. also, make a backup! not 1, but 3!! it holds identifiers like the IMEI, and if you lose that.. you can't really just think up a new one, or the carrier may ban you and another poor soul
-
-
Hi,
The general consensus amongst the Android community is that rooting is detrimental to privacy. In a sense, I agree with them since privilege escalation because of human error becomes a much bigger threat if the user has root access.
Android has a big privacy problem encapsulated in one word: "baseband". Your modem and other hardware running in your device don't run FOSS firmware and are likely actively malicious towards your privacy.
I am a Linux user, and I understand that concepts do not necessarily transfer well between the two. With that in mind:
- If I wanted to be absolutely certain that sensistive hardware like Camera, Microphone and Modem were truly off, would shutting them off as root hold any real significance?
- I do not know what the equivalent of Intel ME is called in the Android space, but I doubt that a highly complex OS is running beneath general Android as we know it. I think it's just the firmware of the individual device that we need to worry about.
- Is it possible to replace the bootloader on some Android devices/prevent it from loading unwanted firmware?
With Google taking Android behind closed doors, I suspect we will start seeing some suspicious snippets of code here and there with questionable purpose, but which might be missed by FOSS volunteers because of the sheer volume of work that is. I'm thinking of ways we can try to evade this blatant grab of our personal data.
If you want to run full Foss system then there is pinephone with Linux OS and physical switches to turn off camera and microphone and other stuff. But it is still in very very early stage and it may increase your privacy but it will definitely reduce your security.
I understand camera and microphone access to malicious actor could be a valuable. But if you think your phone's camera is compromised you have bigger problems.
That being said, graphene OS is considered by far the most secure android OS. It has features to turn off camera, mic, sensors. But more importantly it has a lot of additional security features making it harder for anyone to break in.
And that using Graphene is or any other is doesn't directly make you secure.Yes I can agree to assume baseband and all the other proprietary firmware is running a malicious code. But they can't use it to do mass surveillance, because if they do someone will detect it sooner or later. And also this is not the right tool for mass surveillance. 99% people will and have already downloaded apps that track almost everything they do.
And if your threat model requires you to be safe from malicious firmware, then maybe smart phones aren't for you.
- If I wanted to be absolutely certain that sensistive hardware like Camera, Microphone and Modem were truly off, would shutting them off as root hold any real significance?
-
Hi,
The general consensus amongst the Android community is that rooting is detrimental to privacy. In a sense, I agree with them since privilege escalation because of human error becomes a much bigger threat if the user has root access.
Android has a big privacy problem encapsulated in one word: "baseband". Your modem and other hardware running in your device don't run FOSS firmware and are likely actively malicious towards your privacy.
I am a Linux user, and I understand that concepts do not necessarily transfer well between the two. With that in mind:
- If I wanted to be absolutely certain that sensistive hardware like Camera, Microphone and Modem were truly off, would shutting them off as root hold any real significance?
- I do not know what the equivalent of Intel ME is called in the Android space, but I doubt that a highly complex OS is running beneath general Android as we know it. I think it's just the firmware of the individual device that we need to worry about.
- Is it possible to replace the bootloader on some Android devices/prevent it from loading unwanted firmware?
With Google taking Android behind closed doors, I suspect we will start seeing some suspicious snippets of code here and there with questionable purpose, but which might be missed by FOSS volunteers because of the sheer volume of work that is. I'm thinking of ways we can try to evade this blatant grab of our personal data.
The general consensus amongst the Android community is that rooting is detrimental to privacy. In a sense, I agree with them since privilege escalation because of human error becomes a much bigger threat if the user has root access.
No, that's BS. It entirely depends on your "threat model" just like security.
Namely if you go full OSHW/FLOSS and yet you volunteer your data on Facebook.com (or whatever that website is called today) then you have no privacy. It's not a technical problem, it's a behavior problem.
If your threat model is about government hiring dedicated staff to know what you are up to, or that the infrastructure you rely is can't be trusted, then rooting is the last of your problems.
I'm not saying you shouldn't worry but I don't see the relevance of rooting Android in that situation. Root or not does not somehow change how your modem behaves, you're still at the mercy of the drivers.
I recommend you check projects like Precursor (at https://precursor.dev/ redirecting to the CrowdSupply page) which try to tackle, if I understood correctly, the kind of worry you have, namely actually understand the entire stack.
That being said, even in such context, you still rely on some infrastructure to relay messages to others so you need that and the recipients to also respect your privacy. If not (which would be a fair assumption) then at least you must understand the cryptographic primitives you rely on... and if you don't (which most people don't, me included despite my interest in the mathematics behind that, in particular one-way functions) then you have to some trust in the public research in the domain.
So... I do have a Precursor, tinker with it, PinePhone and PinePhone Pro, had an iOS phone until recently, switched to (rooted) /e/OS and my personal position is that while interacting with others (and a mobile is 100% about that) one has to make pragmatic about their choices.
- If I wanted to be absolutely certain that sensistive hardware like Camera, Microphone and Modem were truly off, would shutting them off as root hold any real significance?
-
The general consensus amongst the Android community is that rooting is detrimental to privacy. In a sense, I agree with them since privilege escalation because of human error becomes a much bigger threat if the user has root access.
No, that's BS. It entirely depends on your "threat model" just like security.
Namely if you go full OSHW/FLOSS and yet you volunteer your data on Facebook.com (or whatever that website is called today) then you have no privacy. It's not a technical problem, it's a behavior problem.
If your threat model is about government hiring dedicated staff to know what you are up to, or that the infrastructure you rely is can't be trusted, then rooting is the last of your problems.
I'm not saying you shouldn't worry but I don't see the relevance of rooting Android in that situation. Root or not does not somehow change how your modem behaves, you're still at the mercy of the drivers.
I recommend you check projects like Precursor (at https://precursor.dev/ redirecting to the CrowdSupply page) which try to tackle, if I understood correctly, the kind of worry you have, namely actually understand the entire stack.
That being said, even in such context, you still rely on some infrastructure to relay messages to others so you need that and the recipients to also respect your privacy. If not (which would be a fair assumption) then at least you must understand the cryptographic primitives you rely on... and if you don't (which most people don't, me included despite my interest in the mathematics behind that, in particular one-way functions) then you have to some trust in the public research in the domain.
So... I do have a Precursor, tinker with it, PinePhone and PinePhone Pro, had an iOS phone until recently, switched to (rooted) /e/OS and my personal position is that while interacting with others (and a mobile is 100% about that) one has to make pragmatic about their choices.
That's some crazy stuff ! Being able to completely change/repair every part is something every smartphone should be capable off...
We are in a buy/throw away generation amidst a big climate change issue/rare ore depletion... That's depressing.
-
System shared this topic on
