Personal account, doesn’t post much right now.
@zaktakespictures for photography (mostly birds)
@zakreviews for flashlight stuff

  • 0 Posts
  • 1 Comment
Joined 4 years ago
Cake day: May 22nd, 2022
  • Zak@social.goodanser.comtoAndroid@lemdro.idNo banking apps on your custom ROM? This new initiative could help.
    111·
    3 days ago

    It breaks their sandboxing model, which limits the impact of malicious/compromised apps.

    To be clear, I’m not arguing against root here. I daily a rooted phone, and I believe if it’s impossible to get root on something, it isn’t really yours. You can get root on GrapheneOS; they just discourage it because they’re strongly focused on security.

    They’re right. If a bug in AdAway, which needs root to write /etc/hosts caused it to fetch and execute malicious code, the malware could do anything I can do to my device. The scenario is plausible; it routinely fetches blocklists, and I imagine a sophisticated enough attacker could compromise the delivery mechanism.

    I don’t worry about that scenario because it’s unlikely that kind of attacker will target me. GrapheneOS is meant for people who do have to worry about that kind of thing.

    @Onomatopoeia @Zak@lemmy.world