• RobotToaster@mander.xyzOP
    link
    fedilink
    English
    arrow-up
    73
    arrow-down
    1
    ·
    8 months ago

    We really need to move away from the idea that a user having control over his/her device is insecure.

    I can use online banking and paypal with windows logged in as administrator or GNU/Linux logged in as root[0], why shouldn’t I be able to use google wallet pay wallet with root?

    [0] yes I know you shouldn’t log in as root, but that doesn’t change that you can do it.

    • Yurgenst@lemmy.world
      link
      fedilink
      English
      arrow-up
      26
      arrow-down
      3
      ·
      8 months ago

      “why shouldn’t I be able to use google wallet pay wallet with root?” Because little innocent Google won’t be able to build their advertising profile of you. Can’t have that!

    • Wes_Dev@lemmy.ml
      link
      fedilink
      English
      arrow-up
      18
      ·
      8 months ago

      No my friend, our overloads have decided that you shouldn’t have control over your desktop either.

      • x6a61686e@lemmy.world
        link
        fedilink
        English
        arrow-up
        9
        arrow-down
        1
        ·
        8 months ago

        Tried installing the most recent WhatsApp update but it’s failing. I think a virus is blocking the update, better try again with secure browsing off…

      • dejected_warp_core@lemmy.world
        link
        fedilink
        English
        arrow-up
        7
        arrow-down
        1
        ·
        8 months ago

        I must be missing something. How would Google be at all liable for restoring funds stolen by software that they themselves didn’t furnish, on a device that’s out of their control?

        • ForgotAboutDre@lemmy.world
          link
          fedilink
          English
          arrow-up
          6
          ·
          8 months ago

          A judge may not see it that way. They may perceive it as Google failing to provide adequate protections to their users.

          If user installed the app created by Google and did not share any login credentials. It’s easy to claim Google is liable.

          The equivalent would be a bank leaving the back door to their vault open. An intruder going in and removing your funds. Despite following all the banks instructions, the bank has not replaced the funds.

          The banks is responsible for people gaining unauthorised access to your account. Especially when you don’t share your login credentials with anyone (even unknowingly). If they can’t protect against root access attacks then, they shouldn’t permit use of their app on those devices.

          Apps have convenience features, especially related to easy sign in. Their website logins don’t have these features. They require the user to enter passwords, challenge codes, card reader etc. If someone gets access to a password manager, the user is at fault. The bank likely stated you shouldn’t write down or record your password.

    • Programmer Belch@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      8
      ·
      8 months ago

      Does rooting your device make you the root user or just gives you access to superuser utilities?

      In linux systems the root user shouldn’t be used for daily use, you just make an user account with permission to use sudo, doas or su.

      • u/lukmly013 💾 (lemmy.sdf.org)@lemmy.sdf.org
        link
        fedilink
        English
        arrow-up
        14
        arrow-down
        1
        ·
        8 months ago

        If you root your phone, at least with most tools, you don’t become the root user. Apps that use root access have to request it, and you’ll have to allow it in the root tool you flashed.

        Example pop-up from SuperSU:

        • Programmer Belch@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          6
          ·
          8 months ago

          So google is lying about rooted devices, they seem as secure as an OEM letting an user sideload apps or google themselves letting malware apps inside their store

    • umbrella@lemmy.ml
      link
      fedilink
      English
      arrow-up
      4
      ·
      edit-2
      8 months ago

      how would an unrooted but old, deprecated version of android be any better than an updated custom rom?

      those things baffle me, they just want to take away control dont they?