Conversation

I've seen so many people talking about "freedom" when talking about root detection. I do not think the fundamental problem here is a freedom issue. As stated in this previous tweet, Google's Pixel offerings are IMO the most "free" Android devices out there.

Quote Tweet

John Wu

@topjohnwu

Oct 6, 2021

You can replace the kernel. You can compile your own Android OS. On Pixels, you can even sign the images and have verified boot enforced. You can install F-Droid and only run FOSS apps. You actually DO have the freedom to run almost all software with something you can control.

Show this thread

184

John Wu

@topjohnwu

Nov 21, 2021

On the Pixel 6, the TEE OS is open source, although it's still not user replaceable *yet*. I know there are people trying to make this a reality, although I have no idea about the progress and whether this is even feasible or not.

John Wu

@topjohnwu

Nov 21, 2021

But even if you can replace everything, including TEE, the Android platform will still provide mechanisms to allow apps to know what software they are running on. And as long as apps expect to run on "Google Certified" systems, you still won't escape the "root detection" issue

101

@qpjafj2ugxjowgs

Nov 21, 2021

Replying to

@topjohnwu

same opinion. Android should provide trusted environment. but, large companies should not abuse it, unlike what they are now. and AOSP should not be Google dependent THAT much. they are taking controls away from user. revoking user access from ~/Android was huge mistake.

Replying to

and

Android and Google is now treating user defined environment 'insecure'. bare APK installation is described 'dangerous' even if there is no GApps. ZipSigner lib has removed long ago, so Play Protect marks debuggable apps as danger.

Replying to

and

while installation from Google Play has improved, there is no secure way for alternatives. managing apps are not possible in modern Android because of forced scoped storage. you will know there is no way to solve these without root.

Replying to

and

> there is no secure way for alternatives. Not the case at all and not sure what you're basing that upon. > managing apps are not possible in modern Android because of forced scoped storage. That has nothing to do with scoped storage. Again, you're misunderstanding this...

Replying to

and

Scoped storage means that apps no longer have the ability to request complete access to user files. The user has access via the system file manager and can grant access to those files/directories when apps open up the system file manager UI for it. It's not relevant to this.

Replying to

and

An app store client can download and install apps as always. Android 12 adds the ability for non-privileged apps to perform unattended updates of modern apps they've installed. Support for alternate app stores got much better and scoped storage didn't negatively impact it at all.

2:31 AM · Nov 22, 2021Twitter Web App

Replying to

and

The user can also still manually authorize an app to be a file manager for their files. It's not possible for an app to request it via a dialog on their own, but they can send the user to relevant settings menu. Play Store has rules for which apps can use this but the OS doesn't.

Replying to

and

The preferred / default storage for apps has always been their own sandboxed app storage. Scoped storage is entirely about the user's storage directory, not the per-app sandboxed storage which is unchanged. Scoped storage gives users more control over apps accessing their files.

Show replies