"Rooting" removes a lot of Android security features, though. Instead of Apps only having the necessary permissions, apps can have ALL permissions with root and thus are a huge security vulnerability.
If you give that app root, sure. That linked post is silly; your UI layer does not need root to grant privileges. e.g. `kdesu` asks for your password and hands it to `su`. The UI portion doesn't itself need setuid/root. A keyboard could of course keylog you. Don't install random keyboards.
Being able to arbitrarily redirect networking traffic is perhaps the single greatest reason to not have superuser privs in userland. I support anybody that wants to pressure OEMs into allowing bootloader unlocks, but I also can't name a use for root that justifies the insanely expanded surface area for attackers, at least on Android.
I've used sudo before, but I find that it is really difficult to type with the safety gloves on because I keep fatfingering the password and locking myself out.
My family recently got me a new computer setup that won't require sudo and other practices considered harmful. It even does shapes, colors, and animal sounds, which is good enough for my use case.
I think that's just legacy holdover largely mitigated by some of the user account access control stuff introduced with Vista. Also, administrator isn't the same as root. That would be more like system level access which is not the default level for Windows accounts.
It feels ontologically wrong to me to constantly beg my own computer for permissions to do things. I always use root on Linux, and my Gentoo machines don't even have a non-root account. (I get great satisfaction from compiling VLC to let me run it as root as well as patching Dolphin and other apps to not complain about it.) On Windows I always use an admin account and disable all UAC prompts. I've managed to have no incidents since I started this policy a decade ago by simply not downloading malware or using 123 as my password on an open SSH port. Go figure.
The point of lowering application permission is not to prevent you from doing things. It’s to prevent the application to do things you don’t want.
That’s why people try to give apps as little permission as possible and only grant them when they are required.
Technically you are one vulnerability away from irremediably losing everything after opening a seemingly innocent file. I am actually convinced the sole reason it doesn’t happen is because it doesn’t make sense to target people doing that because they virtually don’t exist.
So you don't understand why seatbelts were invented and your evidence that they're unnecessary is that you personally haven't gotten into a car accident.
"Not downloading malware" is everyone's default stance, but no one can identify all of it.
And that's only a single vector out of many. Security flaws exist in even the best operating systems that make you vulnerable even when doing everything "right" (which you emphatically are not).
My problem with this argument is that my user data is by far the most valuable thing on my computer. Almost nothing that gets protected by “root” really matters much. What I really want is a way to protect all my user data from rogue programs, but I have no way to do that on modern computers. Any program I run with my regular user account can steal or delete all of my data already. When my data is so trivially at risk, who cares if a bad program can also wipe my OS or something? I can reinstall Linux. I can’t get my data back if someone steals it.
Check Fedora Silveblue, or Kinoite (or the Budgie edition) if you don't like neither KDE nor Gnome. Inmutable OS, it can be set to a rolling channel to get daily updates, you can rollback it from GRUB in case of disasters and, even better, everything non-desktop environment based it's installed from Flatpak and containerized.
That's why you run programs as different users. Background services like nginx or jellyfin get their own users. Have a separate `games` user if you play video games. If you're going to mess with untrustworthy code, make another user first. Don't give world permissions to your home directory.
That might help if nginx has a security vulnerability. But what about all the programs I run as a user? Nobody runs their IDE or “npm install” under separate user accounts. Nor should we have to in order to prevent a package from interacting with my filesystem outside of the project directory.
macOS does ask you if you want to allow a program to access your files in $HOME. Not sure if it's a perfect solution, but still, it's something.
As a more additive approach than just giving up and running everything as root, I think in Linux you could do the same with (a fair amount of effort and) SELinux or AppArmor.
There's a difference between choosing to wear a seatbelt and being chained to the seat by the car manufacturer, who then refuses to release you "for your own safety".
I wear seatbelts (but I'm proud of my state for being the only one not to force adults to) because a car crash is much more likely than being victim to a zero-day vulnerability.
The corporate FUD has gotten strong enough that people are getting scared of freedom. That should disturb you more than any perceived paranoia about "attackers".
Seriously, people are acting like the "do you want to give this application elevated privileges" popup is some arcane magick that we as a race can never hope to possess.
While I agree with you, without using a more granular permission paradigm I get more than a little antsy giving third-party software arbitrary access to even my standard user's privileges on Windows.
I've been using a dedicated computer for banking / finance work for a few years now. I also run some software that I consider less trustworthy on my "daily driver" Windows PC as a dedicated user, separate from my "daily driver" account.
I really need to make the jump to Qubes. I've been meaning to for years. The learning curve for their contrivances seems steep and I'm lazy.
Oh yeah, definitely, but mobile OSes do this fairly well. Windows just asks if you want to give access to everything or not, of course you're always going to click yes, especially if the program doesn't work without it.
It sure isn't. Although its competition is stuff like chmod (way less granular), and SELinux, and SELinux isn't winning any usability competitions either.
Five minutes after this popup exists, you won't be able to run any of the big "can't participate in your social life without these" apps anymore without granting them those elevated privileges.
Most users have no interest in developing the skills to handle that level of freedom responsibly. I think it should be an option, but it is unfair to say this is only corporate FUD.
for the vast majority of consumers and employees this is like using a bazooka to kill a mosquito. Unnecessary and dangerous. But for some EXPERTS (IT/Tech professionals) and hobbyists, it’s crucial to their workflow.
The same popup that asks for microphone access but now says the word root in its place, and a consumer is like “not sure what root is, maybe they meant toot!”
Ever since I remember if you wanted root on Android, you had to go out your way by flashing SuperSU, then Magisk or KernelSU; most users don't ever use that. Even more so, with few recent solutions like KernelSU or some Magisk forks you have to go out of your way again to whitelist the app before it can even ask for root - mostly for avoiding detection, but that does act as an extra layer of security.
I'm not too worried about security for normal users if we kept it that way. I just want not to have any extra roadblocks for the powerusers from the banks, Authy or McDonald's.
The problem is that the bar needs to be moved higher and higher, to a level nowadays which would be annoying to most of us who know what they are doing.
20 years ago if I started to list ip addresses to my ISP on the phone I got somebody technical immediately. This doesn’t work anymore, because people know more about this. This caused that for example I could only turn WiFi on or off on my ISP’s router and nothing else without a specific request to them, a manual restart to my router days later, and I need to use a terrible buggy software.
These kind of things unfortunately also restrict beginners, or people who without such barriers would start to tinker, and eventually learn to do these safely. Even I waited for weeks with the call, who have been configuring routers for 25 years.
I’m installing now a self hosted OwnTracks on docker. A lot of beginner started to do the same. They make rookie mistakes all the time. Let them make those mistakes.
I would have never learned what I know without the freedom of making mistakes.
Another reason why having root is important on a device that you own.