Unleash the potential of your phone: Rooting your device does not void its warranty

0x815@feddit.de to Technology@beehaw.org – 128 points –
Unleash the potential of your phone: Rooting your device does not void its warranty - FSFE
fsfe.org
31

When you buy something you should have the right to repair it and modify it.

Currently, everything is basically a renters agreement, where you pay for something you have zero rights to modify or opt out of.

Few problems:

  1. Safteynet (play integrity) and root detection

There are magisk tweaks to help combat this but its a annoying game of cat and mouse. Some apps like chase have particularly annoying root detection to deal with. Also regaring safteynet once google fully enforces hardware attestation passing safteynet with tweaks will be borderline impossible (most tweaks try to spoof older phones that don't support safteynet hardware attestation).

  1. Widevine

Many streaming services (Netflix, Hulu, Disney, etc) will downgrade your video quality to 480p-540p due to L3 from unlocking the bootloader (a step thats usually required before you can root).

  1. Physical security (potential risk)

Unlocking the bootloader is the first step to allowing for rooting and custom roms. One pro/con is when you unlock the bootloader you are partially at risk to a evil maid attack (some one with physical acess to your phone can compromise it). While difficult to do automatically (and probably very very rare) some one could hypothetically place a malicious bootloader that could steel data. The risk of this is mostly low but does exist.

once google fully enforces hardware attestation passing safteynet with tweaks will be borderline impossible

Never gonna happen. Full hardware attestation would give Google all the cards and too much power over manufacturers. Samsung is the largest Android manufacturer and they're making people jump though hoops to unlock bootloader precisely because they don't want to end up with full attestation.

Samsung and Google have been locked into a power struggle for many years now and they're both careful about keeping the armistice. Samsung maintains a set of apps that mimic Google's, ready to go in case Google ever pulls a Huawei and kicks them off Play.

These are not really genuine concerns imo, and to the extent that they are - they should be recognised as shortcomings of an increasingly inflexible ecosystem.

  1. It's very easy to avoid root detection these days, and if you are rooting your phone, chances are you have also disabled the playstore app altogether so play protect is no longer a concern. I just use F-Droid and Aurora these days to reduce what can be associated with me or any of my accounts.

  2. Who the hell is watching shows on their phone so much that a reduction to SD is going to bother them on a 6 inch screen?

  3. If I can get my hands on your phone physically, there's very little you can do to keep me out regardless of if the bootloader is unlocked or not.

Pixel phones are arguably the worst for rooting. (I own one) In order to get the phone to pass properly you pretty much have to go custom on the ROM.

I'm running a stock firmware, and I get all sorts of problems as a result of rooting the device, and not installing a CFW.

I have 2 apps, that won't work (google pay and a credit score check/lock appand Microsoft intune - which my work partially uses)

Edit and did I mention? The LSPosed zygisk module causes so much instability I can't use it.

  1. I have yet to see a problematic app that deny list can't handle

  2. Stremio /s to be fair I have never bothered about this in my phone, as I have a Nvidia Shield TV, and honestly any current setup box (official) would do the job, there are perks of using a movie of course... But I can use Netflix here only that I have never bothered to check out the quality, I wouldn't be surprised if a module for this existed to be honest.

  3. I bet most people are interested in scamming those dudes that compulsively tap in game ads to fetch their crypto BS apps or whatever, it is a similar scenario of why hackers target Windows and not Linux users... Granted every device is at risk once it connects to the Internet.

1 more...

Strange that the focus point of this article is rooting, you can modify your device to install custom firmware etc without needing root exploits anymore!

Depends on the phone, many come with locked bootloaders

Many can be easily unlocked

But few can be relocked.

?? If you unlock BL by fastboot method, it's trivial to re-lock it.

The only non-reversible method is usually via manufacturer unlock portal.

Even when using another OS? Been trying to find info on relocking my /e/ OS install on my 1+7P and haven't had any love luck.

Cursory glance at XDA tells me that OnePlus devices need an unlock token for that device to re-lock the bootloader but you would have to roll back to the original factory firmware to do so.

https://forum.xda-developers.com/t/relock-bootloader.4412627/

Sucks that vendors can keep such a tight control on what you can do with your device. Would be nice to have the possibility to safeguard your device with any OS of your choice.

IMHO Android is not very free without root... I roll my eyes every time I see the need of adb commands when it is just way easier to slap in Magisk and have full control.

I come from iOS and I used to jailbreak the heck out of my devices, rooting is very similar to JB (but better).

Depends what you want to do, really. I've got a proper PC for serious tinkering, my phone has all my private data on so I'd rather have the security that comes with blocking root access.

I mean, literally replacing your device's firmware sounds like a step above rooting, even if it's arguably easier to do.

Exactly, so why is rooting even mentioned?

I've owned an android phone for over 10 years and have rooted most of them. To be honest, in that time I've rarely come across something that I've wanted to do but been unable to do without rooting. Generally anything I want to do also isn't possible through rooting either. Same with custom ROMs, recently it seems you end up losing features rather than gaining them.

I would trade every half-assed Google feature update for a hosts based adblock capability.

That's the sole reason that I root every device that I own.

And NO. A PiHole is not, repeat NOT a silver bullet. Nor is a local VPN with custom DNS.

On a rooted phone you can fully control app permissions and feed them fake data for the denied permissions.

You can't do that without root. On a locked iphone you control only a tiny fraction of permissions and it will let the app know so it can refuse working.

Agreed and sometimes the amount of work trying to find some random radio file to flash because 5G stops working.. it's not worth the headache anynore

I used to root all my phones a decade ago. Now I just don't see a point to it.

Same. I still do custom roms when my device runs out of support, but no longer because it's cool to have a custom Rom. There's hardly one that I find exciting nowadays.

security??

...doesn't have anything to do with warranty violation

You can do things to improve security with root access. Better yet, with boot loader access you can make your phone much much more secure with graphene os

I don't know if flashing a random ROM from xda because there's no official builds available for my phone is considered a security improvement

Stock support for my device is A12 🤡

And A14 is on its way!