←back to thread

Samsung embeds IronSource spyware app on phones across WANA

(smex.org)
845 points the-anarchist | 1 comments | 21 Jun 25 03:06 UTC | HN request time: 0.283s | source
Show context
userbinator ◴[21 Jun 25 04:22 UTC] No.44334486[source]
making it nearly impossible for regular users to uninstall it without root access, which voids warranties and poses security risks

Stop parroting the corporate propaganda that put us into this stupid situation in the first place. Having root access on devices you own should be a fundamental right, as otherwise it's not ownership.

replies(12): >>44334515 #>>44334549 #>>44334577 #>>44334616 #>>44334661 #>>44334912 #>>44335283 #>>44335463 #>>44335597 #>>44336211 #>>44336257 #>>44336433 #
charcircuit ◴[21 Jun 25 04:37 UTC] No.44334549[source]
Root access is an outdated security concept from the previous century. Trying to mandate such a concept is parroting UNIX propaganda. Users can be given control of devices without them having a "root" account.
replies(4): >>44334825 #>>44334851 #>>44334883 #>>44336446 #
mrusme ◴[21 Jun 25 05:39 UTC] No.44334825[source]
How?
replies(2): >>44334848 #>>44335565 #
charcircuit ◴[21 Jun 25 07:48 UTC] No.44335565[source]
By following the principle of least privilege. Like with apps the user should only have privileges for what they are allowed to control and nothing more. So if the user should have privilege to disable apps, then the settings app could expose a way for the user to do so.

Yes, this is kind of approach of coming up with a design to security instead of going with the easy route of everything being allowed is harder to do and takes more time, but it leads to better security.

replies(2): >>44335906 #>>44336176 #
arendtio ◴[21 Jun 25 09:56 UTC] No.44336176[source]
Okay, and how am I going to give the user the right to wipe all software from the device and use a completely custom software?

I mean, we all agree that such permissions are not required during everyday operations, but there should be a way for the consumer to have control over the software being used. And I mean all aspects of the software: firmware should be updatable, the OS should be replaceable, and the security concepts within the OS should be customizable by the user as well. I have no problem with hiding such functionality and requiring users to read the documentation to find out how it can be done, but it should still be possible.

replies(1): >>44339835 #
1. charcircuit ◴[21 Jun 25 18:53 UTC] No.44339835[source]
Sure, but such a product requirement can be made to be legally required without legally requiring root access.