×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Steve "CyanogenMod" Kondik Contemplates The Death of Root On Android

timothy posted about a year ago | from the ways-of-knowing dept.

Android 240

c0d3g33k writes "Prompted by the addition of new security features in Android 4.3 that limit the effectiveness of elevated privileges, Steve Kondik wonders which uses really require full root. Most common activities that prompt owners to root their devices (backup/restore tools, firewall/DNS resolver management, kernel tuning), could be accomplished without exposing root, argues Kondik, by providing additional APIs and extensions to the user. This would improve security by limiting the exposure of the system to exploits. Reasonable enough, on the face of it. The title of the post, however, suggests that Kondik believes that eventually all useful activities can be designed into the system so the 'dangerous and insecure' abilities provided by root/administrator privileges aren't needed. This kind of top-down thinking seems a bit troubling because it leads to greater control of the system by the developer at the expense of the owner of the device. It's been said that the best tools are those that lend themselves to uses not anticipated by the creator. Reducing or eliminating the ability of the owner to use a device in ways that are unanticipated ultimately reduces its potential power and usefulness. Perhaps that's what is wanted to prevent an owner from using the device in ways that are inconvenient or contrary to an established business model."

Sorry! There are no comments related to the filter you selected.

If no root, no Android. FirefoxOS anyone? (-1, Flamebait)

faragon (789704) | about a year ago | (#44408463)

If Android becomes a closed dungeon, don't count with me. You, insensitive clods.

Re:If no root, no Android. FirefoxOS anyone? (5, Informative)

barlevg (2111272) | about a year ago | (#44408483)

You missed the point--he's saying that root access might one day no longer be necessary, not that it'll become impossible to root an Android device.

Re:If no root, no Android. FirefoxOS anyone? (1)

Anonymous Coward | about a year ago | (#44408513)

Yeah. So the only people who will need it will be the carriers and NSA. Got it.

Wi-Fi-only devices (4, Insightful)

tepples (727027) | about a year ago | (#44408555)

So the only people who will need it will be the carriers and NSA.

Wi-Fi carriers such as cable and DSL ISPs typically don't provide a subsidized tablet. Nor do cellular carriers outside North America and maybe Japan. So what do "carriers" necessarily have to do with rooting, especially with rooting a Wi-Fi-only device?

Re:Wi-Fi-only devices (0)

Anonymous Coward | about a year ago | (#44408925)

All carriers are equal, but some carriers are more equal than others.

Those carriers that are more equal should have their business model protected.

Re:If no root, no Android. FirefoxOS anyone? (0)

Nerdfest (867930) | about a year ago | (#44408523)

Well, good timing for Ubuntu Edge. The hardware looks great so far, and apparently it will run Android.

Re:If no root, no Android. FirefoxOS anyone? (3, Informative)

citizenr (871508) | about a year ago | (#44409171)

what hardware? there is NO HARDWARE - thats why its on igg and not kickstarter (rules prevent vaporware)

Re:If no root, no Android. FirefoxOS anyone? (5, Insightful)

Dracos (107777) | about a year ago | (#44408533)

Root will be nesessary until the carriers allow us to freely uninstall their bloatware, and other useless/quasi-hostile junk (for me, that means facebook).

Re:If no root, no Android. FirefoxOS anyone? (3, Informative)

Pioto (933065) | about a year ago | (#44408627)

Root will be nesessary until the carriers allow us to freely uninstall their bloatware, and other useless/quasi-hostile junk (for me, that means facebook).

Good news! You haven't needed root to do that for a Long Time now. You can just click the "Disable" button in the app's details page, or drag it to the trash can from the apps drawer, and it's disabled. Sure, it's taking up a few MB of space on your system image, but, "oh well." At least, this is certainly true on any Android 4.x device I've owned.

Re:If no root, no Android. FirefoxOS anyone? (-1)

Anonymous Coward | about a year ago | (#44408781)

...and slashdot's Timothy wants to eliminate the discussion, as he did before. The greedy Jew banned Ethanol-fueled, annd wants America to throw their bodies away for Israel, to throw bodies away, to start war with Iran as Israel wants them to. Go for it, Goys!

Ethanol-fueled

Re:If no root, no Android. FirefoxOS anyone? (1)

Anonymous Coward | about a year ago | (#44408795)

How in the hell is that uninstalling it? You can remove a startup entry in Windows to stop mcafee or other bloatware on an OEM machine to stop it running too. But would you like to keep it sitting around, not only taking up space but leaving the binary there for potential later execution? I think not

Re:If no root, no Android. FirefoxOS anyone? (2)

L4m3rthanyou (1015323) | about a year ago | (#44408853)

It's kind of a moot point. If the system is that badly "infected", you should probably replace the rom anyway.

On my aging Gingerbread phone, I used root to delete the OEM bloatware- Facebook, Amazon, NFL Mobile, etc. A few months later, an OTA update rolled out, and it threw a shit fit because the pre-installed crap was missing. Fortunately I had backups. Now I use Titanium Backup's "freeze" feature to disable (and prevent execution of) apps while still keeping them installed/updated.

Re:If no root, no Android. FirefoxOS anyone? (0)

Anonymous Coward | about a year ago | (#44409073)

> It's kind of a moot point. If the system is that badly "infected", you should probably replace the rom anyway.

Exactly. Which is why we still need root functionality. Phone ROMs are not likely to get less of bloatware, spyware, etc.

Re: If no root, no Android. FirefoxOS anyone? (4, Informative)

corychristison (951993) | about a year ago | (#44409271)

You don't need root to image a new ROM. You need an UNLOCKED BOOTLOADER. Two completely different things.

Re:If no root, no Android. FirefoxOS anyone? (5, Informative)

Anonymous Coward | about a year ago | (#44409011)

Good news! You haven't needed root to do that for a Long Time now. You can just click the "Disable" button in the app's details page, or drag it to the trash can from the apps drawer, and it's disabled.

Bad news! You can only disable apps that your carrier has decided that they want to allow you to disable.

Re: If no root, no Android. FirefoxOS anyone? (2)

corychristison (951993) | about a year ago | (#44409311)

Don't "buy" your phone subsidized through your carrier? I just bought two Nexus 4's right from Google and switched carriers. No contract _and_ got a 10% discount on my bill each month by bringing my own device.

To be clear I live in Canada, and just switched to Telus.

Disabled does not mean forgotten (1)

thegarbz (1787294) | about a year ago | (#44409331)

Disabled does not mean forgotten. I had heaps of apps disabled on my phone. Yet once or twice a week I would get a Google Play notification to update [insert disabled and unused app].

I would be happy if they were just taking up space on my phone but as it is they annoyed me every other day.

Re:If no root, no Android. FirefoxOS anyone? (1)

aztracker1 (702135) | about a year ago | (#44408823)

For me, the killer feature for rooting early on was wifi tethering.. in my G1 it was necessary to root for a lot of functionality... my N4, I haven't felt the need to root at all, and it includes tethering (though I tether to my laptop via bluetooth, the same rules apply)

Nexus (1)

Anonymous Coward | about a year ago | (#44409189)

Root will be nesessary until the carriers allow us to freely uninstall their bloatware, and other useless/quasi-hostile junk (for me, that means facebook).

Or you could try supporting the concept of non-carrier devices by purchasing Nexus devices at "full price".

That's the #1 item on the list (1)

raymorris (2726007) | about a year ago | (#44409369)

That seems to be the #1 item on his list of "things that need APIs before root is unnecessary.

Re:If no root, no Android. FirefoxOS anyone? (5, Informative)

dc29A (636871) | about a year ago | (#44408601)

I don't care if I don't root my phone until I can write to the hosts file.

Re:If no root, no Android. FirefoxOS anyone? (1)

edit0r (1167911) | about a year ago | (#44408631)

I don't care if I don't root my phone until I can write to the hosts file.

Exactly! the first half-dozen entries in my 600k hosts file are the various Facebook addresses.

Re:If no root, no Android. FirefoxOS anyone? (4, Interesting)

icebike (68054) | about a year ago | (#44408603)

You missed the point--he's saying that root access might one day no longer be necessary, not that it'll become impossible to root an Android device.

Exactly.
The reason people root phones is to get around arbitrary restrictions imposed by the carriers or the manufacturers.
Remove those restrictions, by providing APIs that allow users to do every legal thing, and virtually all reason to root disappear.

When you can remove bloatware, change carriers, bypass carrier restrictions, change the UI, and maybe even change the OS, all without requiring root, what would be the point of rooting?

There will still be those who will root simply because they can. These are the same kids that always ran their Linux machines at root because they were so 133t.

Re:If no root, no Android. FirefoxOS anyone? (4, Informative)

Pioto (933065) | about a year ago | (#44408647)

You missed the point--he's saying that root access might one day no longer be necessary, not that it'll become impossible to root an Android device.

Yes, this. You shouldn't root your device "just because you can", which seems to be the mentality some people have. It greatly increases your attack surface for security vulnerabilities. I'm certain that the ability to root will stick around "forever", but for most people having a well thought out API which allows separation of privileges is going to lead to better results.

Re:If no root, no Android. FirefoxOS anyone? (2)

aztracker1 (702135) | about a year ago | (#44408847)

What bugs me, is the likes of Twitter and Pandora asking for every privilege under the sun. I'm sticking with a prior version of twitter for that reason.. it will suck when I have to change out phones again. I don't use most games for the same reasons... it's wrong on so many levels. I wish I could remove privileges from installed apps, like you can with facebook "apps" (setting their posts to only visible to you, etc)... at least then you could work around the crap/spyware.

Re:If no root, no Android. FirefoxOS anyone? (2)

gnoshi (314933) | about a year ago | (#44408929)

Check out XPrivacy [github.com] . Of course, it requires the Xposed Framework [xda-developers.com] to be installed. Which requires root.
Or, of course, the Privacy Guard on the new CyanogenMod 10.1 builds, but which requires CyanogenMod.
Or OpenPDroid, but that requires patching your rom.

Re: If no root, no Android. FirefoxOS anyone? (0)

Anonymous Coward | about a year ago | (#44409327)

Android 4.3 and Permission Manager. Problem solved.

https://play.google.com/store/apps/details?id=com.appaholics.applauncher

Re:If no root, no Android. FirefoxOS anyone? (2)

dinfinity (2300094) | about a year ago | (#44408953)

It greatly increases your attack surface for security vulnerabilities.

As far as I understand, 'rooting your Android phone' generally allows elevation to root privileges, access to which is handled by an SU-application. That means that if you never allow anything to have root privileges, you face no increased risk at all.

Re:If no root, no Android. FirefoxOS anyone? (0)

Pioto (933065) | about a year ago | (#44409147)

Yes, but then you haven't *really* rooted it, have you? Once you do, though, and have ANYTHING running as root that wouldn't otherwise be; that's where the increased risk comes from.

on purpose, or the system, or a rogue app (1)

raymorris (2726007) | about a year ago | (#44409387)

If nobody and NOTHING ever calls sudo, yeah.
Don't assume that all calls to sudo are you doing it on purpose. The risk is that malware could use sudo.

By way of comparison, Windows is somewhat similarly "secure unless you allow something to have elevated privileges". Compare that with a write-once DVD live system, where there is no such thing as altering the system.

Re:If no root, no Android. FirefoxOS anyone? (0)

Anonymous Coward | about a year ago | (#44409155)

Yeah...well I'd rather have root access all the same, despite his assurances and Google's. I feel more comfortable having power over my PC, not the other way around.

Re:If no root, no Android. FirefoxOS anyone? (1)

fuzzyfuzzyfungus (1223518) | about a year ago | (#44409225)

You missed the point--he's saying that root access might one day no longer be necessary, not that it'll become impossible to root an Android device.

It sounds like Android is busy reinventing the wheel. "Root", in ye-olde-user-account-whose-powers-are-above-all-others-and-limitless, is something that (at least optionally), UNIXlikes have been picking away at (precisely because it is a big, gaping, unbelievably-non-granular, security problem) for years. You've got your conceptually simple mechanisms like OpenBSD security levels (once you elevate, suitably marked files are immutable, period, until the system is brought down) and your fairly-seriously-hairy; but powerful, mechanisms like SELinux and TrustedBSD.

I certainly wouldn't trust any plan where some other, no doubt benevolent, entity would take up rootly duties so that I needn't worry my little head about them; but the capabilities of a classic Linux root are really a pretty awkward fit with Android's own set of access controls and security concerns.

Re:If no root, no Android. FirefoxOS anyone? (1)

maccodemonkey (1438585) | about a year ago | (#44409379)

You missed the point--he's saying that root access might one day no longer be necessary, not that it'll become impossible to root an Android device.

Well, it sounds like he's saying a bit of both...

"Prompted by the addition of new security features in Android 4.3 that limit the effectiveness of elevated privileges..."

Obviously it doesn't sound like root is dead right now, but it does seem Google is taking measures that could lead one to think they might lock it down more completely in the future.

Controller (1)

Anonymous Coward | about a year ago | (#44408469)

The only reason why I've really needed to root is to use my Dualshock 3 controller via Bluetooth. And I think that if only for that, rooting being gone and with it the ability to use the controller in such a way, would be a real let down..

Re:Controller (2)

Nerdfest (867930) | about a year ago | (#44408537)

The first thing I noticed when upgrading to 4.3 was that my ad-blocker that works by altering the hosts file no longer works. That's one thing I'm sure Google would love to see people stop doing. I'm sure it's fixable with some new SELinux rules, but I haven't looked into it yet.

You said hosts file. Are you trying to summon him? (1)

tepples (727027) | about a year ago | (#44408605)

The first thing I noticed when upgrading to 4.3 was that my ad-blocker that works by altering the hosts file no longer works.

So Google is blocking one sort of APK, namely use of the hosts file as a crude DNS blacklist. Does this means we're soon going to lose another sort of APK, namely loading applications from unknown sources? Or am I clanging [wikipedia.org] again?

Re:Controller (1)

CastrTroy (595695) | about a year ago | (#44408779)

I can't believe that ad networks haven't figured this stuff out yet. Instead of serving up ads using a domain name, just serve them up by pointing to an IP address. Sure you could start blocking whole addresses, but then you risk blocking a useful service as well, especially if you plan on blocking Google's ads. Or you could proxy them through a script on the actual website so you can't tell the difference between the actual content from the webpage and the ads shown on the web page. It would be pretty easy for the ad network to provide a script in the common web programming languages that could proxy the ads to the user. I guess that there's still not enough people blocking ads for this to be worth their time. I'm sure it's coming though.

Re:Controller (1)

thejynxed (831517) | about a year ago | (#44408893)

The problem is, end users are not always completely stupid. They start doing it all via script, users will find what scripts, and block them from loading, especially if any proxy servers are involved.

Joystick API (1)

tepples (727027) | about a year ago | (#44408577)

According to how I understand the summary, Google or an Android distributor would be responsible for "providing additional APIs and extensions to the user", such as adding Dual Shock 3 support to Android's existing joystick API.

stop phone carriers / oems from slowing down updat (3, Insightful)

Joe_Dragon (2206452) | about a year ago | (#44408473)

stop phone carriers / oems from slowing down updates and force loading software that can't be removed.

also force unlocked sims on all android phones.

CDMA2000 (2)

tepples (727027) | about a year ago | (#44408583)

also force unlocked sims on all android phones.

How would that work on a CDMA2000 network, which doesn't use a SIM in the first place?

Re:CDMA2000 (1)

LiENUS (207736) | about a year ago | (#44408951)

CDMA2000 is on its way out even vzw and sprint are moving to gsm with LTE. At this point you can only do data and only in areas with lte service but eventually lte service will provide voice and will be pretty ubiquitous.

Re:CDMA2000 (0)

Anonymous Coward | about a year ago | (#44409033)

I see this being parroted all the time and it simply isn't true, nor was it ever true in the first place. CDMA IS-95 as initially deployed in the US didn't support subscriber modules because carriers wanted an easy way to track device activations/sales and allow for device blacklisting if phones were lost/stolen. In China and Korea/Japan, where the majority of CDMA R&D was actually conducted without carrier interference, the CDMA2000 extension allowed carriers to deploy subscriber module support under the R-UIM standard [wikipedia.org] , which was deployed by Chinese carrier China Unicom, Japanese carrier KDDI and Southeast Asian carriers. When the CDMA2000 extension was deployed by Verizon and Sprint in the US, along with smaller CDMA carriers from 2002-2005, all of them decided not to enable R-UIM subscriber module support and extended the exhausted ESN serial number system with the MEID system [wikipedia.org] instead, because it was thought that going to the R-UIM setup would be more expensive to deploy and maintain, a misconception quickly disproven with the growth of GSM in the mid-2000's in the US.

Re:CDMA2000 (0)

Anonymous Coward | about a year ago | (#44409161)

You needed to explore the pages linked from R-UIM [wikipedia.org] . If you had you would have found CSIM [wikipedia.org] which was the extension of R-UIM for CDMA2000. I've read they're used pretty frequently in Asia, but I doubt Sprint or Verizon would issue one even if you had a phone with support.

This is a bit tragic since the circuitry to support CDMA is "almost free" nowadays since it is a fraction of the size and power of the LTE circuitry. I write tragic since CDMA can pack many more devices into the same bandwidth since CDMA phones don't need to transmit when there is silence, unlike GSM where the phone must transmit (or at least have the timeslice allocated) all the time during a phone call. My impression is LTE is actually far more similar to CDMA than GSM.

ObXKCD (5, Funny)

Anonymous Coward | about a year ago | (#44408477)

All applicable XKCD [xkcd.com] should just be in tags at top of Slashdot stories.

Re:ObXKCD (0)

Zontar The Mindless (9002) | about a year ago | (#44408529)

Some knothead has sunk the parent with an Overrated mod despite that fact that it's pretty much on target.

Re:ObXKCD (0)

Anonymous Coward | about a year ago | (#44409077)

Fixed it. Silly wabbit.

Fairly Obvious (4, Insightful)

Nemyst (1383049) | about a year ago | (#44408481)

The issue is that those new APIs and extensions are NEVER provided because the hardware manufacturers and software providers don't want to provide them. Providing deeper access to the software and hardware means you can do more things, including circumvent protections and such. They'd rather make it as hard as possible to do this, and rooting is harder than using a sanctioned app.

In an ideal world, we'd have all the functionality we need straight up and "rooting" wouldn't even exist as a term.

Re:Fairly Obvious (1)

Anonymous Coward | about a year ago | (#44408809)

Your argument is wrong. Protection against unauthorised activity (like accessing the unprotected data from a DRM protected music or video file you have purchased) does NOT require locking down computers built in 2013. DRM protection, for instance, is now build into the hardware itself, and the APIs merely activate and control this functionality. With the hardware supporting 'protected path', no possible user code running at any privilege level can 'hack' into the data stream.

You are still living in the age where, because there were no effective 'locks', you had to try to hide the door behind which the goodies could be found. Now, the locks are 'fool-proof', so you can happily allow the user to know which 'door' protects the goodies, and allow the user to 'knock' all he/she wishes.

The lock-down we are really talking about is the inability to run games/apps not pre-approved by Google or one of its partners. Or the inability to switch off/remove unwanted software services. Or the inability to install another shell. Or the inability to use the device as a target for software development.

Current APIs that hardware peeps don't seem to want to offer (say, like hardware JPG encode/decode) often reflect the crappy state of hardware drivers, and the fact that outside VERY limited use, the drivers are full of bugs. So with JPG, say, only a very limited part of the usual JPG standard actually works in hardware. To be honest, we would be far better of with such functionality moved to, say, OpenGL 4.0. Proprietary APIs aren't usual worth the effort, and anyway every Android device would require special code to access the unique hardware found within.

Re:Fairly Obvious (1)

cppmonkey (615733) | about a year ago | (#44408883)

It is fairly obvious that it is in Google's best interest to provide these API's and to an extent they have. Apple makes a killing in the phone world not because their phones are locked down but because they are free of bloat. Heck if I could install a better browser and music player I'd be quite happy with iOS but I can't because it is locked down. Similarly my experience with Android is that I can't remove the Verizon crap and the HTC/Samsung crap so while Android is nice in an emulator (if really depressingly dark) it does not work in the real world without root because I need to substitute stock vanilla android to get the simple easier (Google you have a lot of work to do here...) to use interface that lets me just use my phone.

android (-1, Offtopic)

blackks (2999637) | about a year ago | (#44408485)

Re:android (2)

Skapare (16644) | about a year ago | (#44408561)

Warning: SPAM link in parent.

Re:android (1)

icebike (68054) | about a year ago | (#44408615)

be gone spammer.

In my opinion (5, Insightful)

drolli (522659) | about a year ago | (#44408491)

Most things which required me to root my phone should be preinstalled

-backup
-firewall
-disable any service *which i do not need*

Your forgot ... (5, Insightful)

Skapare (16644) | about a year ago | (#44408569)

-remove any app *which i do not want*

Re:Your forgot ... (0)

Anonymous Coward | about a year ago | (#44408937)

Facebook being first and foremost. I made the extremely bad lapse in judgment of ever letting them on my mobile phone, and they've managed to embed themselves in as a system app that even the "Root App Delete" apps can't remove without a whole set of things I need to do in order to root the phone.

It's just a phone. I don't care to nor have the time to invest a lot in tinkering with its particular hoops to root it. Better would be for Facebook to avoid such privilege escalation as a simple App Market application, but now unless I want to decline their EULA every single time I use my phone, I'll have to do whatever is necessary to force them off.

And never make that sort of mistake with any Facebook parasite-app again.

Re:In my opinion (1)

icebike (68054) | about a year ago | (#44408663)

None of those are issues for me.

All I want is to remove pre-installed bloatware so that I have more of what I want.

I've never had a backup issue because there are apps for that, and everything is in the cloud anyway.

Recurring fee (2)

tepples (727027) | about a year ago | (#44408731)

I've never had a backup issue because there are apps for that

Some existing "apps for that" require root to backup or restore because they try to back up private data that belongs to another application.

and everything is in the cloud anyway

If you have more than a couple GB of data to back up, cloud backup becomes an expensive recurring fee compared to backing up to local physical media.

Bad summary (5, Insightful)

swillden (191260) | about a year ago | (#44408493)

He's not talking about root going away, he's talking about reducing the need for it, in order to have much of the freedom provided by a rooted phone without the associated security risks. Whether or not root is available is a separate, and orthogonal question, and he clearly never wants to lose the ability to root, just the need.

Re:Bad summary (5, Interesting)

bmo (77928) | about a year ago | (#44408599)

This.

Just like Linus' justifiable rant about having to be root in SuSE to set up a printer.

There are legitimate reasons why an end user should need Root/Administrator, but they should be as few as possible. Microsoft has seen the light and has tried to beat developers over the head with UAC to make them see the light. (a game needing admin to run? seriously?)

--
BMO

Re:Bad summary (2)

c0d3g33k (102699) | about a year ago | (#44408651)

He's not talking about root going away, he's talking about reducing the need for it

Submitter here. I'm probably a little thick, clearly Kondik meant something more subtle by naming his post "The Death of Root" than I was able to discern. Shame on me for taking that as a suggestion of where his thoughts might be turning.

Reminds me of linux without a root prompt (2)

hibiki_r (649814) | about a year ago | (#44408519)

There's a certain well known Linux distro that starts with a disabled su command, because root prompts are evil. You can, however, use sudo, to run one command at a time.

Like, for instance, sudo bash.

You can provide a single API to let your user do what he wants. it's called admin access.

Re:Reminds me of linux without a root prompt (0)

Anonymous Coward | about a year ago | (#44408579)

Debian also lets you choose your user as a pseudo-root by not entering a passwd in the root menu in the main installer.

Stop bashing Ubuntu. :-)

Re:Reminds me of linux without a root prompt (0)

Anonymous Coward | about a year ago | (#44408609)

Just use "sudo su" instead..

Re:Reminds me of linux without a root prompt (2, Informative)

Anonymous Coward | about a year ago | (#44408743)

Just use "sudo su" instead..

No no no no no no no no no no no no no no no! If you need to drop into a root shell use "sudo -i".

Re: Reminds me of linux without a root prompt (1)

Anonymous Coward | about a year ago | (#44408943)

I've always done "sudo -s"... would -i be better?

Re: Reminds me of linux without a root prompt (0)

Anonymous Coward | about a year ago | (#44409103)

You're all wrong. It's sudo su -.

Everybody knows that.

Re:Reminds me of linux without a root prompt (1)

maccodemonkey (1438585) | about a year ago | (#44409389)

You can, however, use sudo, to run one command at a time.

Errr, I use sudo -s all the time to run as many commands as I want as root. I usually use it only because I don't want to actually have to enable a root user on my machine.

The good thing about Steve Kondik (-1)

Anonymous Coward | about a year ago | (#44408525)

The good thing about Steve Kondik is that he's not a faggot. He's never put his erect penis inside another man's anus. Just because of that Steve Kondik is a manly man and deserves everyone's respect.

Faggots must die.

Re: The good thing about Steve Kondik (-1)

Anonymous Coward | about a year ago | (#44408547)

You are an ASSHOLE of epic proportions. Please kill yourself.

Re: The good thing about Steve Kondik (-1)

Anonymous Coward | about a year ago | (#44408757)

No, my asshole is actually very tight because it has never been penetrated by an erect penis.

Re: The good thing about Steve Kondik (-1)

Anonymous Coward | about a year ago | (#44408845)

Don't worry. When I find you, I will kick you so violently in your arse with my boot that your head will fit inside (where it belongs). Now fuck off, STFU and GTFO. And never come back you dickhead.

Re:The good thing about Steve Kondik (0)

Anonymous Coward | about a year ago | (#44408553)

I only did it once. Your anus was too loose.

Listen very very carefully (0)

Anonymous Coward | about a year ago | (#44408531)

IT'S **MY** GODDAMN MOTHERFUCKING DEVICE, ***NOT*** YOURS.

Yes, I'm yelling, and now I have to type a whole bunch of lower case stuff so the lame lameness filter lets me post this, but you get the idea.

No root = developer headaches (2)

Sla$hPot (1189603) | about a year ago | (#44408565)

With no option to root your devices. How are you going to test both new and old Android versions on specific devices?
The thing is that the phone providers forces updates when new Android versions are available.
Owners with the same device model might be updated at different times.
Without root, you won't be able to perform a full test without having duplicate models, from different phone providers.
And you won't be able to test before its..too late.
Hopefully someone have been thinking about this.

Re:No root = developer headaches (1)

tepples (727027) | about a year ago | (#44408623)

You could always test on a few hardware versions representative of the range of devices you're targeting, including one stuck on 2.x, along with the official emulator.

Re:No root = developer headaches (1)

Sla$hPot (1189603) | about a year ago | (#44408739)

Assuming that different versions behave the same and that you have the money, time and luck to acquire them. That is going to be difficult.
Emulation is never going to cut it, unless what you are doing is very simple. Forget about web apps. Browsers very allot between Android versions.

Nexus: Collect all four (1)

tepples (727027) | about a year ago | (#44408799)

You can build a representative sample from a used Nexus One, Nexus S, Galaxy Nexus, and Nexus 4 for fairly cheap. Or you can take advantage of the device diversity of your team of beta testers who brought their own devices.

Re:No root = developer headaches (0)

Anonymous Coward | about a year ago | (#44408635)

Ok, let me try:

I'm going to rant and rant and make it obvious to everyone that not only did I not RTFA, I didn't understand a single word of TFS!!!

Because TFS!!!! says nothing about REMOVING root, only that root may no longer be NECESSARY!!!

YES I AM CLUELESS

Sla$hpot

Re:No root = developer headaches (2)

Sla$hPot (1189603) | about a year ago | (#44408765)

And an AC :)

Re:No root = developer headaches (2)

Tr3vin (1220548) | about a year ago | (#44408701)

As an Android developer I can tell you that switching versions on a device is not provided by root access. Root gives you access to all of the system while the phone is running. Getting a different version running requires an unlocked bootloader. For example, on my Nexus devices I first do a "fastboot oem unlock" to unlock the bootloader, then I can use fastboot to send any version of the OS I want to the device. It gets tricky on more locked down devices, but the same basic idea still applies. You need to get past the bootloader to get a different OS running.

Re:No root = developer headaches (1)

Sla$hPot (1189603) | about a year ago | (#44408749)

>I can tell you that switching versions on a device is not provided by root access

Without SU or root you can do nothing with new or old roms. Sorry.

Re:No root = developer headaches (1)

Tr3vin (1220548) | about a year ago | (#44408825)

Since when does flashing a new image actually require root? We have several devices at work that are used for testing. None of them are rooted and yet we can upgrade / downgrade because the bootloaders are unlocked.

Re:No root = developer headaches (0)

Anonymous Coward | about a year ago | (#44408939)

Without superuser privileges an unlocked bootloader is useless.
Try to upgrade a popular device like the HTC Sensation XL to JB.
Tell me when you are done.

Re:No root = developer headaches (1)

Kufat (563166) | about a year ago | (#44408941)

"Root" is something you have or do not have within Android. ROMs aren't flashed from within Android, they're flashed from either recovery or the bootloader. (Usually recovery.)
GP is correct, you're misunderstanding either the terminology or the roles played by the OS/bootloader/recovery.

Re:No root = developer headaches (0)

Anonymous Coward | about a year ago | (#44408999)

Well i have several devices that don't have SU.
Since i can not root the device i can not update the devices with SU.
Thus i can't do much in recovery mode. No image updates.

Re:No root = developer headaches (0)

Anonymous Coward | about a year ago | (#44409081)

Why? I thought android didn't have a fragmentation problem!

SE/Linux (and SE/Android) (5, Interesting)

lkcl (517947) | about a year ago | (#44408613)

there's an extremely common mistake made which needs to be pointed out: the clue is in the phrase "This kind of top-down thinking". the fundamental assumption is that there is a concept of "more privilege is required than before" to achieve privileged tasks. people imagine that security is hierarchical - that the further towards "the top" you get, the more access you are permitted. this is simply NOT TRUE. the classic example is "root", which is a drastic binary oversimplification which is simply very convenient.

so, people invent new security systems, but they invent them without actual proper thought towards design, and they invent them thinking that this "top down" hierarchical approach is the only way. thus, new APIs have to be invented.

there is another way: it's called SE/Linux (and there's a variant called SE/Android). SE/Linux follows the FLASK model, which basically says that based on the current context, the current application, that a new executable is given a COMPLETELY new security context, where the new privileges have to be explicitly given. the most important implication of this model is: it absolutely does not matter how "powerful" you were in the previous context - the one that fires up the new executable; the new one is literally a completely and utterly separate security context.

to give an example: take a 5 Star General, and send him to a security base. when he gets there, standard security procedure: they take away his passport and all his credentials, and they give him a security pass (a new context). that security pass has a pre-prepared set of restricted corridors and rooms that the 5 Star General can go to. he can go to the conference room, and the bathroom. if he tries to leave without returning the security pass, he has no passport, and no papers.

this incredibly powerful security model - FLASK basically fits on top of an OS *without* interfering with it. it's particularly fascinating because it can watch which programs exec() other programs, and it can watch what APIs those programs use.... *without* needing to actually modify those programs.

basically what i'm saying is that the problem that cyanogen is trying to solve already has a way in which it can be solved, if the SE/Android team haven't already solved it. and that's because, under SE/Linux and SE/Android, you can operate both the normal "root access" system *in parallel* with SE/Linux. all you need to do is create a FLASK security context which restricts access to only those applications that *should* be accessing the restricted APIs. you don't need to modify the applications, nor do anything special to the underlying OS.

Reading Comprehension! (1)

lesuth (2998957) | about a year ago | (#44408639)

Is Steve Kondik saying he wants to remove those features or remove the need for elevated privileges of those features? I read his article as the latter and that means an increase to the ability of the owner to use a device in ways that are unanticipated.

Re:Reading Comprehension! (1)

c0d3g33k (102699) | about a year ago | (#44408783)

Steve Kondik said what he said - we shouldn't put words into his mouth. You're talking about my speculation about what this kind of approach ultimately means.

You're missing the big picture. In order to design API's or extensions that remove the need for elevated privileges for certain use cases, you need to know what those uses cases are. So you can, you know, design for them. This is the antithesis of unanticipated.

The point of administrator privileges on a system you own isn't to facilitate a set of standard activities agreed upon in advance by a group that decides those activities are worth supporting. The point of administrator privileges on a system is to allow you, the administrator, to use the system as you see fit, for the needs you deem worthy. Being limited to activities someone else deemed worthy enough to design, implement, test and deploy APIs and extensions isn't really compatible with this notion.

The reason Kondik can make such a proposal is that Android as a young platform lacks some capabilities that administrators or owners take for granted on other platforms. Naturally people would address the low hanging fruit first to bring their Android systems up to par with their other systems. The low hanging fruit is what Kondik and most people responding his post are talking about. Those things should probably be part of any mature computing platform these days, so why not add them?

But.

Once the low hanging fruit has been picked, I predict that people will turn to other things they want their little pocket computers/communicators to do so that they are more useful to them. At some point those activities won't be amenable to some sort of homogenous API that suits everyone. The things people want to do will be specific to their purposes. There won't be an API or extension to enable their new idea, so they will be limited in what they can do.

That's what I mean by using a device in ways that are unanticipated.

Re:Reading Comprehension! (1)

lesuth (2998957) | about a year ago | (#44409279)

I do not miss big pictures. Steve Kondik's words about anything "... could be accomplished without exposing root" on these devices empowers the owner/user with more options, not limiting their activities by the foresight of someone else. The only way to believe in limits is to assume Kondik said he would provide limits in an API, despite stating his interest in abolishing the root requirement, which he did not. If we push Kondik's words to the extreme, would there be a need for root? Would the owner/user be more empowered or more limited by a completely open system where every aspect of the device is available via the API? Does opening up the device via an API breed more or less control by the developer? Low-hanging fruit is naturally to be addressed first, but most developers (from my experience) act in earnest with less limits on root capabilities.

When root is no longer needed.. (0)

Anonymous Coward | about a year ago | (#44408659)

..will be when the end user can take *full* control of their own hardware without it.

Till then, FUCK THEIR NON_EXISTENT UPDATES and THEIR rules.

Manufacturers leave the gap where root is required, not the users.

Re:When root is no longer needed.. (1)

tepples (727027) | about a year ago | (#44408703)

If given the mutually exclusive options of A. full control of their own hardware or B. access to major studio movies, what will most home users choose?

AdBlockPlus (1)

ronmon (95471) | about a year ago | (#44408711)

Enough said.

Steve "CyanogenMod" Kondik (2)

SixGunMojo (177687) | about a year ago | (#44408713)

Am I the only one irritated by this? It should be Steve "Cyanogen" Kondik, CyanogenMod is the ROM. FFS

Re:Steve "CyanogenMod" Kondik (1)

c0d3g33k (102699) | about a year ago | (#44408801)

My bad. Sorry. You are fully justfied in being irritated. I was in a hurry and given the amount of poorly explained stories, I didn't just want to throw "Steve Kondik" out there and expect people to recognize the name. So I picked his pet project, rather than his nick.

I don't need to 'root' my copy of XP to use it (1)

Anonymous Coward | about a year ago | (#44408751)

If Google plays fair with Android, who in their right mind would even worry about 'rooting' it. But this 'lock down' s**t that restricts what the user can do with their own device has to go.

Microsoft's fame and fortune resulted from Microsoft ending the 'lock down' situation that was universal with 'big tin' computing solutions from earlier times. Of course Microsoft didn't invent this freedom- but Microsoft surely proved it to be a sustainable and very profitable business model - giving the world a universal computing platform that met the needs of users and developers of all types.

If Google cannot break its habit of supporting 'lock down' on some devices, it should fork Android into 1984-Android, and OPEN-Android, so dirty hardware manufactures can opt for a locked down platform, and every other manufacturer can act like all those companies that built/build PCs that run Windows. The truth is that Google HAS effectively created these two versions of Android- it just won't publicly admit this fact for political reasons.

PS the open source community idiots do not help at all. Whining about so-called 'binary blobs', which are the 'drivers' we so happily install on Windows PCs, is completely counter-productive. Android does not have, and will never have 'open source' hardware, so why should we care when the manufacturers of hardware GPU or Audio blocks connect their proprietary driver software to their proprietary hardware? Do you not know just how crap open-source drivers prove to be, when a manufacturer provides enough technical info to allow such to be created?

Google stands at the edge of a precipice. A proper free open Android can easily become the world's replacement for XP/Windows 7 on general PC devices (this time using ARM, of course). But if Google stumbles (as it has with almost all of its initiatives that are not its search engine and related services) it will attempt to crudely monetise Android, and by doing so fall down the usual pit of total failure. The dreadful Google Glass and Chromecast are both warnings about Google's current wrong-headed thinking. Google is NOT offering services that simple run on Android. Google is perverting Android into the most crippled locked-down form simply to create devices to function ONLY to run its services. And by doing so, Google states it has absolute control over the nature of any app written for those services.

Just look how Google said "no adult uses for Google Glass". That's like a f**king camera company selling you a camera, and then telling you you better not use it to photograph people naked. But again, if Google really wants to do this, it can still fork Android, as I said earlier, and offer 1984-Android and OPEN-Android side-by-side to the hardware people, allowing it to have its cake and eat it too.

If Google plays fair with Android (1)

nurb432 (527695) | about a year ago | (#44408963)

I don't think its a Google problem, its the carriers.

It's needed to remove all the junk pre-installed (1)

bobjr94 (1120555) | about a year ago | (#44408787)

At least on Windows, it's fairly easy to remove all the preloaded programs. On my last phone (sidekick 4G) had so much preloaded junk and so little ram, it was constantly getting stuck for 10-15 seconds while loading / unloading swap files after exiting apps. I rooted it, got rid of about 10 useless apps and it solved all the phones problems. If they somehow lock down the android phones and remove root access, they need to also require all preloaded apps be removable.

To install linux. (1)

Robert Frazier (17363) | about a year ago | (#44409317)

I have linux installed on my Asus Fonepad side by side with Android, allowing me to turn my phone/tablet into a nifty little netbook (using a bluetooth keybord). I like having a full LaTeX installation available, if I want to do some writing. It isn't clear to me that I could do this without root (especially if I want to run services on privileged ports). If I can't do this with Android 4.3, I will have to rethink upgrading to it, when it becomes available.

Best wishes,
Bob

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?