this post was submitted on 04 Apr 2024
1020 points (98.8% liked)

linuxmemes

21302 readers
1201 users here now

Hint: :q!


Sister communities:


Community rules (click to expand)

1. Follow the site-wide rules

2. Be civil
  • Understand the difference between a joke and an insult.
  • Do not harrass or attack members of the community for any reason.
  • Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
  • Bigotry will not be tolerated.
  • These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.
  • 3. Post Linux-related content
  • Including Unix and BSD.
  • Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.
  • No porn. Even if you watch it on a Linux machine.
  • 4. No recent reposts
  • Everybody uses Arch btw, can't quit Vim, and wants to interject for a moment. You can stop now.
  •  

    Please report posts and comments that break these rules!


    Important: never execute code or follow advice that you don't understand or can't verify, especially here. The word of the day is credibility. This is a meme community -- even the most helpful comments might just be shitposts that can damage your system. Be aware, be smart, don't fork-bomb your computer.

    founded 1 year ago
    MODERATORS
     
    you are viewing a single comment's thread
    view the rest of the comments
    [–] markstos 0 points 7 months ago (1 children)

    The word “potentially” was critical in the parent’s comment. A banking app cannot be assured that other apps are prevented from accessing its data when the phone is rooted.

    [–] cley_faye 2 points 7 months ago (1 children)

    So? If I, the customer, want to access my banking info, on my phone, with whatever means I want, I should be able to. As I said, it's not like every app gets root access, if I, as the owner of the device, explicitly gave root access to something, it's for a reason.

    And the main point that a rooted phone can basically hide itself from any app remains; these "detections" are trivially bypassed in the exact situation they're supposed to detect.

    [–] markstos -1 points 7 months ago (1 children)

    And if you don’t want to wear a mask on your face during a pandemic, you should be able to? Not everything is about you.

    Banks practice defense in depth as other security practitioners do. Not every defense will stop every attack, so a layered, overlapping approach is used.

    [–] cley_faye 1 points 7 months ago

    You really are missing the point that if the device is rooted there is nothing an app can do to protect itself. Defense in depth is layering (sometimes overlapping) solutions that do something. Detecting root and saying "nuh-uh" is not doing anything.