If you dare turn off Play Protect for example, you will be asked to turn it on every time you install or update anything. Never mind that you said no the last thousand times it asked.
Tech companies love doing this. Apple does the same, so does Microsoft.
If you know some choice isn't right for you (now or forever), the company is feeling extra beautiful today, and you're in luck, you'll get a "Do this now, or I'll remind you later" choice. But then sometimes they just decide that "This is how things are now".
I've had this happen in every environment except Linux, where I get to shoot myself in the foot whenever I want, and sometimes a bit more.
> I am happy my iPhone doesn't allow Meta to say "to use WhatsApp, you must install the MetaStore®, give it root and install it from there". I would not be happy with those restrictions on my desktop.
You fix that by making root access inconvenient enough that companies can't rely on the average random user having it enabled.
For example force you to wipe the device to unlock it as another person said in another comment. Or make it so that if you don't unlock it within 7 days of the device purchase and first boot, you cannot unlock it anymore.
> You fix that by making root access inconvenient enough that companies can't rely on the average random user having it enabled.
AI TikTok voice “Hey guys, if you just bought a new iPhone, make sure you remove Apple’s restriction locks so they can’t control what you install. Just follow these easy steps, but make sure you do it as soon as possible, since you’ll have to set up your phone again!”
With the comments filled with people talking about how terrible Apple is for locking down their phones, everyone’s an idiot for buying such a locked down phone so they better at least unlock the bootloader, etc.
This is not a far-fetched scenario based on some videos I’ve seen sent to me by friends.
Don't forget in the video to tell them that it will allow them to install apps that get them more performance, better battery life, better cell signal, etc.
I agree useful rooting should be easier, but it's definitely possible and not super hard to hide rooting.
I'm typing this on a rooted phone where all (banking) apps work just fine. All it takes is downloading an app (magisk) and add apps to a list that need to have rooting hidden.
> it's definitely possible and not super hard to hide rooting.
Worth noting that this could change with every update. It's an unstable situation right now, which is undesirable.
For that reason, e.g. the GrapheneOS team isn't employing measures to fake compliance at all. They'd really like to get SafetyNet compliance for their operating system (you need that to get Google Pay/Wallet to work), but funamentally can't get it. Right now, they could just fake it, but that's not guaranteed to work reliably, forever (and doing so would probably threaten their official BasicIntegrity compliance).
Magisk only works because Google still supports devices that don't support hardware attestation. Very soon you won't be able to fool Play Integrity without hacking the TEE
> We don't just need root access, we need undetectable root access.
At some point the argument morphs from 'I should be able to do whatever I want with my device' to 'I should be able to access your service/device with whatever I want'.
The fact that Google allows this shows that
1. Apple could do it with zero security impact on anyone who doesn't opt in
2. They could keep any service-based profit source intact
But they still would never do it. Because it's not only service based profit they want to protect. They want to restrict customers from running competitor's software on their hardware, to ensure they get their cut.
> At some point the argument morphs from 'I should be able to do whatever I want with my device' to 'I should be able to access your service/device with whatever I want'.
I'm not demanding to be able to log in to your service/device and replace IIS with Apache on it. I'm just demanding to be able to access it as a normal user with Firefox instead of Chrome.
A few years ago everyone that had ever used a computer knew what a file and a folder was and could move a document to an USB drive.
Thanks to the efforts of Google to "simplify" smartphones the average young person now couldn't find and double-click a downloaded file if their life depended on it.
In the US, a manual car is considered an anti-theft device. In Europe, basically everyone that isn't obscenely rich has driven a manual car at some point.
Back then user base of computers was a lot smaller.
However Whatsapp/signal show how e2e can be done in a user-compatible way. By default it simply exchanges keys and shows a warning when key is changed and those who need/want can verify identity.
So the rest are actually OK with Whatsapp/Signal having the opportunity to see their messages? I would submit that most are not even aware of the issue...
The identity thing is basically the usability issue for E2EE messaging. If you don't solve that then you have not actually increased usability in a meaningful way. The PGP community understood this and did things like organize key signing parties. When is the last time anyone did anything like that for any popular E2EE capable instant messenger?
Currently, no. But once (undetectable) OS modification is no longer possible, making the undecrypted media unreadable is just a few API restrictions away.
In Android phones for example you cannot screenshot banking apps. And if you root (modify the OS of) your phone, banking apps refuse to work.
However, for the question at hand, that's irrelevant: a better (for DRM) solution exists today, and they're already using it.
I'm not saying that the TPM is incapable of being abused by manufacturers and OS authors, but the FSF really weakens their argument when they predicate it on something that's not actually true. Ex falso quodlibet (you may prove anything if you rely on a falsehood).
Encrypted monitors can be countered by a high quality video camera mounted on a tripod behind your chair or on a wall or ceiling
Expensive, yes, but at that point you're already spending real money on a second computer with a GPU to do computer vision on the game video stream, so...
- AI answers are much easier and faster to produce thus it's going to produce a lot more wrong answers by sheer volume.
- AI answers are grammatically correct and verbose so it looks like the poster put effort into it which deceives people into thinking the answers is more trustworthy than it is.
Barring trolls, humans (for the most part) only answer if they think they're right, and the more effort put into the answer the more likely they don't get it wrong.
If you dare turn off Play Protect for example, you will be asked to turn it on every time you install or update anything. Never mind that you said no the last thousand times it asked.