Years ago, on Fridays, we would share Custom ROM Friday posts that would highlight new and exciting developments in the world of custom Android ROMs. It was great times, as it seemed like the majority of our readers at the time were deep into running custom software and accessing root...
Well, yes, breaking the security model is the whole point. The security model prevents things you might want to do, like using the hosts file as a denylist (adblocking). On the other hand, a malicious app writing the hosts file would allow an attacker to impersonate websites and services. HTTPS wouldn’t save you either since they could add malicious certificates.
Ideally, we’d have ways to open much smaller holes in the security model; an ACL could allow an app to write just the one special file or directory it actually needs rather than giving it completely unrestricted access.
I don’t want bloatware and Google services on my phone. I want to install magisk modules and use root. If a phone doesn’t allow unlocking bootloader and doesn’t have decent custom rom (or GSI) support, there’s no way I’m buying it.
When I was rooting/flashing custom ROMs I was spending a lot of time tinkering or debugging issues. I could deal with forgoing bank apps, Netflix, etc but I stopped in the end after cyanogenmod had an issue that meant emergency calls would soft reboot the phone. It made me realise my phone was an appliance not a hobby, I need to be able to rely on it and not be wondering if something won’t work because of the ROM I have installed or because it’s rooted.
LineageOS has needed exactly zero tinkering from me on the last three phones I’ve had.
I hear this all the time from people: “I used to root/flash and it was a hassle so I stopped.” And yet they still talk about it as if they’re doing it now.
What you remember is not how it currently is. Graphene and Lineage are stable ROMs. It’s not this nightmare people keep claiming it is
@deweydecibel@peter Agreed! I’ve recently been trying roms on a Pixel 7 and it’s nothing like the dark ages. Just READ the install guide, make sure your computer is configured properly, and follow the steps. I’ve ran Graphene, Calyx, and Lineage on my P7. The only problems I’ve had were related to something I didn’t do correctly. Stop, READ, rinse, and repeat. Modern rooms are fantastic and they let you regain control of your device.
Possibly, the last time I flashed an OS was 2019 and I lost a lot of features that i had on the stock rom and had a lot of battery life and lag issues.
Do they need that experience? Having had both experiences I do agree it’s much easier now. Even if your only experience is recent, if someone says they stopped because of how hard it was it’s valid to say how hard it isn’t any longer
It’s certainly easier vs getting the original rom from sammobile or so and the flashing it with odin and praying it works and you didnt download spyware from whatdoiknow pages. But phones are so highly intergrated into our lives nowadays I can’t risk it not working.
I rely on it for 2FA which is so highly important and I don’t need it bricking regardless of how stable it is.
Secondary phones are a free target for me but I won’t fuck with my daily driver.
It’s worth discussing at least. I used to be a big fan of flashing custom software, kernels, recoveries, etc.
At some point though, it started becoming more and more of a hassle to get a phone with an unlockable bootloader to work with my mobile network operator. Limited choices of I even had one.
Then all the banking and p2p apps stopped being easy to use while rooted, so we had to hide root from those apps. Then that got harder and harder.
Meanwhile the custom features that I used to want became mostly standard within Android.
At this point, I don’t really bother with rooting anymore because there’s little that I need it for but lots of hassle involved in having it. Now Google is blocking RCS messages from being delivered to rooted phones.
So if Android is now basically iOS with how much it’s locked down from modification, why not just get an iPhone with better features I care about (their cameras and photo software) and better long-term updates? What is it that Google is even aiming for with Android now? If they’re going to be hostile to users owning their own hardware, then maybe the OS should see more than a single line item change for a major version (android 14). I don’t feel like Google has made any meaningful additions to the OS in a decade+ now.
This is more or less how I feel. I haven’t rooted in years, though I have installed non-root ROMs to extend support.
Google’s SafetyNet stuff is simply unreasonable, and a shameless power-grab. I’m so tired of software and websites trying to control what I do with my own goddamn hardware and software “for my safety”.
It’s gotten to the point where the “security” features actively hamper my security, because they leave me unable to improve it. e.g. my banking app would rather I be on an unsecured wireless network than have me use a reputable VPN. Their web site would rather have me expose myself to malvertising than run an ad blocker. They’d rather have me running an outdated OS with heaps of known security vulnerabilities than run a fully patched LineageOS. They’d rather I use my carrier’s unsecured DNS than DOH. And heaven forbid I block trackers!
Nevertheless, I stick with Android because there are still lots of things I value that I still can’t do on an iPhone. No, I don’t download torrents on my phone very often, but I’ve needed to in the past and will likely need to again at some point, so I’m not going to buy a phone that doesn’t let me install benign apps just because I might use them to download things they don’t want me to download.
The whole industry is user-hostile, but Android is still less hostile than iOS.
It’s infuriating to have to split a banking app off the VPN tunnel because they deem that secure. Or that 2FA over SMS which is inherently insecure and spoofable is acceptable and REQUIRED versus an RSA key or authenticator app.
It’s pushing me into grumpy old man territory quickly. My bank swapped to some of these requirements for their app last year so now I phone in on an international VOIP number over VPN and can do all my banking. It’s absolutely insane that’s its an acceptable form of communication over my secure device in my hand, but it’s easier to call the line like an octagenerian, give them digits off of a debit card, and be able to wire money in and out and around all my accounts. I see why scammers have such an easy time.
@APassenger@GenderNeutralBro I was interested in the mobile Windows 8 back in the day. So I found and bought a used cheap Nokia phone to check it out. I ended up using it as my primary for a few months. The Nokia and Windows were both fantastic! I didn’t stay with it because there were no apps. The Windows store was a stinking infested cesspool of awful and/or malicious apps so I resold it.
Meanwhile the custom features that I used to want became mostly standard within Android.
See, I’m the opposite.
I never used to flash ROMs or root my phone until Android 11. I won’t tolerate a device that tells me what I can and can’t access in the file explorer when I was previously able to. I won’t accept an Android OS that removes features I used and puts up barriers. And there are many things LineageOS let’s me do that stock won’t. Settings that get hidden and functions that get removed.
I stopped running custom ROMs when two things came together:
I stopped buying Samsung stuff with their then-godawful UI. I still don’t like their current one, but hey, they improved a lot, I give them that.
Cyanogen self-destructed a wee bit, and it took some time for Lineage to take up many devices I had around.
Once I had dropped off, I just could not be arsed picking it up any more. Too much hassle with Netflix and shit, too much effort for ~0 gain. I just need my phone to work, it’s a tool not a religion.
I have a Pixel 7 Pro, in the U S. (and some other countries) call recording is disabled by default and sometimes it’s possible to get your phone to think it’s from a region where it isn’t, and then enable it, but I haven’t really looked into it recently. It’s also really fucked because my state in the U S. allows call recording, so I really feel Google is being lazy by restricting it countrywide.
I used to root and use a custom ROM just because I needed to have separate ringer and notification volumes. Google removed that feature over a decade ago for unexplained reasons. They finally brought it back in the latest update, so I no longer feel the need to root anymore.
The only thing I want to root for anymore is adblocking. All the other shit that I used to add, they’re part of default android now. I’m just lazy and haven’t gotten around to rooting my current phone.
Since I like my phone with a bunch of 2FA codes and banking apps working, I don’t flash my phone anymore. But I did it in my teens with my Galaxy Y and some rom (I only remember the boot up sound to be a section of a song, being extremely loud and it got me in trouble resulting in a phone confiscation) I found online to get root permissions and later on my S4 with CyanogenMod and later with LineageOS. Still have both :)
I always rooted but I stopped cuz it’s such a hassle these days. All my apps stop working and magisk is not as good as it used to be since the guy went to work for Google.
Play Integrity Fix solves that for most apps. It even worked for Google Pay last time I used it last year (but I usually don’t want Google to know my shopping habits).
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]
5. Engage respectfully: Harassment, flamebaiting, bad faith engagement, or agenda posting will result in your posts being removed. Excessive violations will result in temporary or permanent ban, depending on severity.
6. Memes are not allowed to be posts, but are allowed in the comments.
7. Posts from clickbait sources are heavily discouraged. Please de-clickbait titles if it needs to be submitted.
8. Submission statements of any length composed of your own thoughts inside the post text field are mandatory for any microblog posts, and are optional but recommended for article/image/video posts.
I stopped to root my phone when I switched to GrapheneOS and learned that root compromised the security model of android. Life is good now
Well, yes, breaking the security model is the whole point. The security model prevents things you might want to do, like using the hosts file as a denylist (adblocking). On the other hand, a malicious app writing the hosts file would allow an attacker to impersonate websites and services. HTTPS wouldn’t save you either since they could add malicious certificates.
Ideally, we’d have ways to open much smaller holes in the security model; an ACL could allow an app to write just the one special file or directory it actually needs rather than giving it completely unrestricted access.
I don’t want bloatware and Google services on my phone. I want to install magisk modules and use root. If a phone doesn’t allow unlocking bootloader and doesn’t have decent custom rom (or GSI) support, there’s no way I’m buying it.
When I was rooting/flashing custom ROMs I was spending a lot of time tinkering or debugging issues. I could deal with forgoing bank apps, Netflix, etc but I stopped in the end after cyanogenmod had an issue that meant emergency calls would soft reboot the phone. It made me realise my phone was an appliance not a hobby, I need to be able to rely on it and not be wondering if something won’t work because of the ROM I have installed or because it’s rooted.
LineageOS has needed exactly zero tinkering from me on the last three phones I’ve had.
I hear this all the time from people: “I used to root/flash and it was a hassle so I stopped.” And yet they still talk about it as if they’re doing it now.
What you remember is not how it currently is. Graphene and Lineage are stable ROMs. It’s not this nightmare people keep claiming it is
@deweydecibel @peter Agreed! I’ve recently been trying roms on a Pixel 7 and it’s nothing like the dark ages. Just READ the install guide, make sure your computer is configured properly, and follow the steps. I’ve ran Graphene, Calyx, and Lineage on my P7. The only problems I’ve had were related to something I didn’t do correctly. Stop, READ, rinse, and repeat. Modern rooms are fantastic and they let you regain control of your device.
Possibly, the last time I flashed an OS was 2019 and I lost a lot of features that i had on the stock rom and had a lot of battery life and lag issues.
People said the same thing about custom ROM stability and ease of use 10 years ago.
That’s funny considering you also wrote this elsewhere in the thread:
So you actually have no idea what you are talking about since you literally didn’t experience it…
Do they need that experience? Having had both experiences I do agree it’s much easier now. Even if your only experience is recent, if someone says they stopped because of how hard it was it’s valid to say how hard it isn’t any longer
It’s certainly easier vs getting the original rom from sammobile or so and the flashing it with odin and praying it works and you didnt download spyware from whatdoiknow pages.
But phones are so highly intergrated into our lives nowadays I can’t risk it not working.
I rely on it for 2FA which is so highly important and I don’t need it bricking regardless of how stable it is.
Secondary phones are a free target for me but I won’t fuck with my daily driver.
It’s worth discussing at least. I used to be a big fan of flashing custom software, kernels, recoveries, etc.
At some point though, it started becoming more and more of a hassle to get a phone with an unlockable bootloader to work with my mobile network operator. Limited choices of I even had one.
Then all the banking and p2p apps stopped being easy to use while rooted, so we had to hide root from those apps. Then that got harder and harder.
Meanwhile the custom features that I used to want became mostly standard within Android.
At this point, I don’t really bother with rooting anymore because there’s little that I need it for but lots of hassle involved in having it. Now Google is blocking RCS messages from being delivered to rooted phones.
So if Android is now basically iOS with how much it’s locked down from modification, why not just get an iPhone with better features I care about (their cameras and photo software) and better long-term updates? What is it that Google is even aiming for with Android now? If they’re going to be hostile to users owning their own hardware, then maybe the OS should see more than a single line item change for a major version (android 14). I don’t feel like Google has made any meaningful additions to the OS in a decade+ now.
This is more or less how I feel. I haven’t rooted in years, though I have installed non-root ROMs to extend support.
Google’s SafetyNet stuff is simply unreasonable, and a shameless power-grab. I’m so tired of software and websites trying to control what I do with my own goddamn hardware and software “for my safety”.
It’s gotten to the point where the “security” features actively hamper my security, because they leave me unable to improve it. e.g. my banking app would rather I be on an unsecured wireless network than have me use a reputable VPN. Their web site would rather have me expose myself to malvertising than run an ad blocker. They’d rather have me running an outdated OS with heaps of known security vulnerabilities than run a fully patched LineageOS. They’d rather I use my carrier’s unsecured DNS than DOH. And heaven forbid I block trackers!
Nevertheless, I stick with Android because there are still lots of things I value that I still can’t do on an iPhone. No, I don’t download torrents on my phone very often, but I’ve needed to in the past and will likely need to again at some point, so I’m not going to buy a phone that doesn’t let me install benign apps just because I might use them to download things they don’t want me to download.
The whole industry is user-hostile, but Android is still less hostile than iOS.
Perfectly well said.
It’s infuriating to have to split a banking app off the VPN tunnel because they deem that secure. Or that 2FA over SMS which is inherently insecure and spoofable is acceptable and REQUIRED versus an RSA key or authenticator app.
It’s pushing me into grumpy old man territory quickly. My bank swapped to some of these requirements for their app last year so now I phone in on an international VOIP number over VPN and can do all my banking. It’s absolutely insane that’s its an acceptable form of communication over my secure device in my hand, but it’s easier to call the line like an octagenerian, give them digits off of a debit card, and be able to wire money in and out and around all my accounts. I see why scammers have such an easy time.
@TechNerdWizard42 @GenderNeutralBro “like an octogenarian” lmao!!!
I wish Microsoft had stayed in the mobile space. That competition might have changed things for the better.
Now we have a duopoly.
@APassenger @GenderNeutralBro I was interested in the mobile Windows 8 back in the day. So I found and bought a used cheap Nokia phone to check it out. I ended up using it as my primary for a few months. The Nokia and Windows were both fantastic! I didn’t stay with it because there were no apps. The Windows store was a stinking infested cesspool of awful and/or malicious apps so I resold it.
Microsoft was not an open platform at all, they seemed to be taking more inspiration from Apple when it came to customization and openness.
Losing Palm makes me much more sad.
Something something centrists something.
To be fair, Microsoft is one of the most aggressive at checking for root on Android devices. They’re not the good guys here.
Isn’t it almost like there’s an entity with a singular motive to strip you off your agency, privacy, and control over your own property?
It’s called Greed
See, I’m the opposite.
I never used to flash ROMs or root my phone until Android 11. I won’t tolerate a device that tells me what I can and can’t access in the file explorer when I was previously able to. I won’t accept an Android OS that removes features I used and puts up barriers. And there are many things LineageOS let’s me do that stock won’t. Settings that get hidden and functions that get removed.
Why not? For AdAway, AFWall, Xposed (mainly XPrivacy), Backups, IPv6 scripts and more…
I stopped running custom ROMs when two things came together:
Once I had dropped off, I just could not be arsed picking it up any more. Too much hassle with Netflix and shit, too much effort for ~0 gain. I just need my phone to work, it’s a tool not a religion.
I’ve never had an issue with Netflix on a rooted phone.
Personally I would stop installing custom ROMs if the DAMN MANUFACTURER STOPPED SHOVING GOOGLE DOWN MY THROAT
@Hiro8811 You no likely things in throat?
Of course I don’t
I root my phone so I can record my calls. That’s about it. I do other things with root but they aren’t the reason.
Why do I want to record my calls? Because my memory is shit and it’s nice to just be and to go back to a recording lol
Which App do you use for recording?
I use skvalex’s Call Recorder. Been using it around half a decade.
I believe Androids have call recording built in. At least the Google pixels do (I’m on graphene)
I have a Pixel 7 Pro, in the U S. (and some other countries) call recording is disabled by default and sometimes it’s possible to get your phone to think it’s from a region where it isn’t, and then enable it, but I haven’t really looked into it recently. It’s also really fucked because my state in the U S. allows call recording, so I really feel Google is being lazy by restricting it countrywide.
I used to root and use a custom ROM just because I needed to have separate ringer and notification volumes. Google removed that feature over a decade ago for unexplained reasons. They finally brought it back in the latest update, so I no longer feel the need to root anymore.
The only thing I want to root for anymore is adblocking. All the other shit that I used to add, they’re part of default android now. I’m just lazy and haven’t gotten around to rooting my current phone.
I use DNS66 for a vpn-based ad blocker. Works great, no root needed. https://f-droid.org/en/packages/org.jak_linux.dns66/
Since I like my phone with a bunch of 2FA codes and banking apps working, I don’t flash my phone anymore.
But I did it in my teens with my Galaxy Y and some rom (I only remember the boot up sound to be a section of a song, being extremely loud and it got me in trouble resulting in a phone confiscation) I found online to get root permissions and later on my S4 with CyanogenMod and later with LineageOS. Still have both :)
Just because fuck you google
@AnActOfCreation With magisk you can hide root but not sure if it works for RCS?
I always rooted but I stopped cuz it’s such a hassle these days. All my apps stop working and magisk is not as good as it used to be since the guy went to work for Google.
The dev now work at google ? Ironic
@AnActOfCreation @TheEighthDoctor Oh damn. Didn’t know he got a job at Google 😂
I’m married and old and unattractive. I’m not rooting ANYONE.
I’d do it if I didn’t lose access to Google Pay, banking apps and RCS. AKA, be sent back to 2011
Play Integrity Fix solves that for most apps. It even worked for Google Pay last time I used it last year (but I usually don’t want Google to know my shopping habits).
I’m using it now and it still solves any problems you migh have.
I just installed it to test, and Google pay fails. I’m using MicroG though, maybe that’s the problem.