Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The idea that the ability to easily root your own phone is going to make you more secure is laughable.


There's two competing threat models here. The first is that some shady government agency is going to take your phone and try and break into it. This is an issue if you're actually going up against a government in some form. The second is that the phone itself sends stuff across the internet that you don't want sent. Rooting your phone may hinder the first but it's necessary for the second.


Being able to root the device is pretty important for security research. It's much harder to do an in-depth analysis of a system without root access.

Apple products have had plenty of bugs leading to security issues, and I'd rather make it easier for researchers to discover these.


Security researchers aren't exactly Apple's target audience, just saying.

Possibly compromising security for everybody just so 0.05% of the users can be happy is not a realistic expectation.


Exactly. A much better idea would be to have "security researcher" phones that Apple could sell to such, which would be rooted and tracked.


How could you verify that these phones run the same setup as regular phones?

The only way to make companies fix bugs which may be difficult to find, expensive to fix, and potentially embarrassing is to make it easy to locate exploits on real hardware. Otherwise the only people with the resources to do this are government-backed entities like NSO Group, Vupen, etc, who somehow always ensure that exploits get into the hands of repressive governments.


It would literally be the same phone with the same software, but rooted.


Every iOS device gets cracked relatively quickly, there's nothing stopping security researchers from doing their work.

For the vast majority of users this isn't a concern or even a good idea.


Agreed, which is why I shouldn't have to. Give me root of of the box. Print the root password on a card in the packaging. Yes I can undo all the privacy measures if I make mistakes but that is on me.


> Print the root password on a card in the packaging.

So security isn’t a concern to you at all, huh? Or are you just really bad at understanding security?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: