> Bank apps not running on phones where security has been compromised seems entirely reasonable.
I have root access on my laptop and I log in to my bank's website just fine. Making apps not run on rooted phones is just perpetuating the cycle of forcing users to comply with the restrictions placed upon them by Apple and Google. Root access != less secure. It means control over the device you paid for and own.
I don't think the root permission ban is for the website. In most cases it's about how your phone + the bank's app has become the new hardware token / key generator. Before smartphones I could log on to the bank's website but any transaction will have to be authenticated using a hardware token (presumed secure). That's moved into an app now.
...and you're probably less safe as a result. In the 90s and early 2000s, running as root (admin) was the Windows default for home computers, and that's why we had such a malware and spyware problem then. It wasn't until UAC limited user and app permissions on purpose and Windows Defender became standard that it began to get better.
Root access for you means you have control, sure. But it often does mean you're less safe too, depending on your OS's security model and what other apps can run as you. That's why limited sudo and other "root ish, but only in small doses" models were made. And that's assuming you know what you're doing.
For Jane Grandma, root of any sort means power she'll never need and a footgun to lose her life savings with. It's a good thing mobile phones protect ordinary users from themselves. Most people don't need root access any more than they need the ability to reprogram the ECU on their car.
Besides, on a rooted phone, I thought there were already ways to fool an app into thinking it's not rooted...? Or did they change that?
Only if I grant them root, which I'd only do to a very small number of open source apps
I instead have to use my desktop web browser, and desktop operating systems have a far worse security model than Android. No special permissions are generally needed to capture the screen, capture/inject keystrokes, or open .mozilla/whatever/cookies.sqlite
So my phone is still the significantly more secure environment. The fact that I have the ability to grant root does not make it "compromised"
But that's exactly the point. The bank doesn't know what you've granted root. It doesn't know if you're a security researcher, or somebody installing pirated apps with spyware.
The bank can't enforce that on desktop web browsers, but at least it can on mobile.
Hot take: rooted phones are inherently less secure. That does not include GrapheneOS btw, since you don't have root privileges on an official build of GrapheneOS.
I'm much less worried a hypothetical attack where I accidentally give sudo access to a malicious app than I am about the well-established ongoing attacks where Google violates the entire population's privacy, or the regular stream of malware that makes it into the official app store.
Not that long ago it was considered a problem to have a rootkit on your machine [1]. Nowadays it's getting hard to acquire a device that hasn't been rootkitted at the factory.
There's always a root account, the only issue is who has access to it.
So... phones where a corporation has root are more secure that phones where the owner has root, you say? Secure for whom? For the user? Seems obviously wrong. It's more secure for someone else to have power over you?
Again, you're just a few words from "Freedom is slavery".
> So... phones where a corporation has root are more secure that phones where the owner has root, you say?
You're putting words in my mouth that I explicitly rejected when I said "that does not include GrapheneOS".
Just to prevent the follow up "well actually GrapheneOS is an organization": they don't have any kind of root access to GrapheneOS phones. The only thing they can do is push system updates, which you can (1) reject and (2) verify if they are the same updates being pushed to all users, to avoid targeted attacks.
> Secure for whom? For the user? Seems obviously wrong. It's more secure for someone else to have power over you?
Yes, secure for the user. Sure, power users that very carefully review any system mods they install with root powers would have the same level of security as with a non-rooted phone.
But most people won't read the source code of root apps/extensions they install.
It's easier to tempt mobile phone users to install "cosmetic improvement/customization whatevers" that happen to require elevated privileges, than desktop Linux users.
It's well known that many Android apps bundle near-malware that slurps all data possible, and will ask for root privileges if that is detected.
The fact is that mobile phones tend to contain more sensitive data than desktop computers (and are thus significantly more secure by default than Linux/Windows computers). Contacts, private messages, photos, etc. It's a more valuable target, so more effort is put in developing malware for phones.
> Hot take: rooted phones are inherently less secure.
My computer is rooted, making it inherently less secure than my phone, yet I have no trouble accessing my bank website. What threat is a bank protecting against by disallowing app usage on a rooted phone?
When I access my bank from my computer, I need to authenticate using a secure token, where my options are an RSA-style dedicated device or a secure (non-rooted) smartphone.
* computers have always been "rootable", so the banks can't do anything about that
* phones work with "apps", which are viewed as more dangerous than websites. So they came up with the concept of app curation (monitoring large appstores for lookalikes and viruses), and by rooting/sideloading you are violating that model.
* Repackaging a legit app into a malicious lookalike is relatively easy on Android, but harder to distribute if you combat rooting/sideloading.
* if your phone is rooted the bank may be concerned that you could be more susceptible to installing dangerous things, including apps that intercept your 2fa.
You can argue whether these points held up over time (or whether they make things more secure), but that seems to be why they do it. It costs them relatively little to try to combat rooting but potentially liable for losses if people get phished/hacked so...
