Diminished User Privileges on Mobile Devices

If we look back at old visions of future technology devices, we can see that people dreamed of transparent surfaces, clean design, and so on. Well, clean design be has become a reality. Especially with the Apple’s approach to the their devices. Apple has always worked to make their devices look cleaner and in other words, simpler. This simplicity can be achieved by removing features, making the UI similar to the everyday routine’s standards (as they call UX) and can even be done by making their device more bulky even though they can make it much thinner. Because it fits better in your hand, you know.

So Apple is leading the trend of simplicity in their devices. However, there was one caveat that they all chose to overlook. The way they simplify makes the devices less useful for advanced users. An advanced user might want to have kernel-level permissions on their device so that they can, for example, discover the flow of the device. Or you might just want to split-screen your applications. Yeah, Apple even removed the multi-window feature from their mobile devices, it’s crazy.

Luckily we have other manufacturers like Samsung who don’t remove advanced features but make them a side feature. Apple’s limitation of their products has always been a fact since the departure of Steve Jobs. Nowadays the CEO of Apple is their old sales manager. That’s something to laugh about.

But as an Apple user, you would say, if you don’t like Apple, don’t use Apple, right? That’s a rude answer, but you’re right and we don’t live in a fantasy world. But even if I don’t use Apple, they are the market leader with their devices. But they also normalize the restriction of users over the market. Back then, it was normal to open your phone with a screwdriver, do what you want, and screw it back up. Now you have to use the original compartments to fix your device, otherwise it will be detected that you are using an after-market. Also, you can’t replace your battery by simply removing the back cover, because they made it glued to the rest of the phone. I’m okay with all these changes, just like I’m okay with not changing my battery every once in a while. However, my concern is something else. It’s at the software level.

They are limiting what you can access in the software. Unfortunately, mobile devices have never been as open as a computer about what is going on in the background. They screwed up a little bit on Android because there is something called the Android API and almost all applications use it when they want to communicate with the device. So you can just listen, override, etc. through the Android API to find out what an application is doing on your device. It’s even more efficient than computers. But Apple has no such luxury. It’s completely different to analyze an application on it.

Android has a more tolerable control access for the user. They let literally let you install your own operating system on to your device if the manufacturer allows you to unlock the bootloader. But I think what we need is a manufacturer that basically gives you root privileges on a mobile device that you own. They can also provide that device with a device-specific management application, like a call flow monitoring application, task manager, etc. Basically, root access should be normal for mobile devices. It can’t be applied to all devices because we have game consoles that operate by security over obscurity. But at least it doesn’t make sense to have very few permissions on mobile devices. Sometimes they feel like a toy instead of a device. It would have been a lot more than that. They also feel like apparatus from Big Brothers!

Since most people don’t do advanced things on their mobile, small-screen, portable devices, their involvement has been in ways that don’t involve giving the user root privileges. It would be a big change for some, but the majority don’t care.

Another problem is that since no corporate entity is holding the development of root applications and methods on Android, while a thousand engineers are working to make Android more secure and corporate, it’s getting harder to compete with. For example, since topjohnwu, the developer of Magisk root app, hired by Google, basically the owner of Android operating system; He started to remove useful features from the app, such as built-in safetynet check, better concealment etc.. Concealment is for applications that have problems with root. Also the development of LSPosed has been stopped for the moment. It was the application that continued the XPosed application, which is capable of overriding functions on an application. When development of these critical low-level applications stops, they’re not only overshadowed by the new updates, but also become insecure to use. It drives me crazy to think that I don’t grant conditional access privileges to obsolete applications. Not because I want to, but because it’s the only way. These are the applications that are on their turf.

So basically, these root applications are also difficult to maintain. We don’t have people who are going to dedicate their lives to maintaining these software, while we have enough people who are going to do stupid things instead. And why would anyone want to develop such an application? You can only get reputation and a bunch of nerds who are fans of you in the best way.

I hope to possibly see new applications that support the root/jailbreaking scene and better maintenance. The way LSPosed is archived makes a difference. There is still a group that wants to have full control over their mobile devices. That’s because they know their device data is encrypted and they want to be able to recover their data if, for example, the device is dead. This is done by using low-level privileges and disabling encryption. There are people who want to change the user interface on their device, even though manufacturers allow a lot of customization these days. Also, some people don’t mind the restrictions on taking screenshots of some applications and want to take screenshots of whatever they want. There is a lot of use for root privileges, even in 2024. After all, it’s your device. Restrictions should know their limits.