It means it cannot be secretly "rooted by someone close to you", or any one else for that matter.
If you grab your phone one day, and it is completely wiped, you will notice this right away. At this point, you can investigate -- this can be as simple as looking at screen during the boot; or non-trivial key combo, as Samsung requires [0]. If indicator shows non-tripped, you can be sure the phone is not rooted.
I agree that this is more complex than Apple, but in practice, it never happens -- I had a few phones slowly fail on me, and they never spontaneously self-wiped. So if your non-technical relative wants to get Android phone, just tell them: "Phone suddenly forgetting every single account is VERY BAD and a sign of EVIL HACKERS. If this happens, call me right right away from a landline, do not use this phone at all". And they will be as secure as if they had Apple.
I used to regularly backup and restore an Android phone after rooting it, because I was updating carrier files and testing out different releases. I’m sure that the capability to take a backup and restore it is available to spyware software developers. If I have competent software in-hand to use the root access to copy over non-HSM internals, then this argument is void.
And for non-technical folks, the same spyware devices that police use to make perfect replicas could just as easily restore them with a spyware infection.
They’d lose HSM-stored things like fingerprints and NFC payment tokens, but people shrug off things like that and just go set it up again or enter their passwords when a pop up appears.
If this Knox throws up an unavoidable, non-technical warning in that scenario, that openly cautions them not to enter any passwords and to take their phone to the authorities, then I will happily accept that things are better than I expected for Android today.
Huh. The last time I tried to take a normal backup and restore it, it got less than half the apps. I absolutely depend on Titanium Backup and without it I have to reinstall everything.
