• j4k3@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    3 months ago
    The reason the Linux kernel on Android does not have root and it is so challenging to hack the devices for the first time is because of how the user space is made.

    The entire premise of a device where the user is not required to understand graduate level computer science, networking, and operating systems, is based upon a simple principal. The mobile operating system is designed so that the app developer is essentially a user with the same privileges as the user. In practice, they are at the same access level but have far more knowledge about what that means and what they can do with it.

    The reason the root binary packages like su or sudo are not present is so that the app developer can not intentionally (or accidentally) take over the device completely. When the hardware manufacturer is done setting up the device’s OS, they log out with a script that removes all administrative access and any packages that can be used to import a new kernel binary like wget git or curl.

    The app developer is using a sandbox that is something like your user space sandbox. Within that app sandbox they have access to all kinds of stuff needed to configure almost any service, network, hardware access, or library they need in order to make their stuff work. This is what is being abused for data mining stalkerware.

    With Android, all applications are loaded into memory on boot. The excuse given is faster boot up of applications. In practice, this is a small fraction if a second difference with no bearing on your persistent mental level of comprehension. These apps are like users all traveling along with you in the background 24/7. Indeed, the integrated battery is a hacking exploit to maintain continuous operations of the stalkerware and promote users never fully power cycling their devices so that these apps remain uninterrupted.

    It is not about the calculator. It is about the stalkerware, which is ultimately ownership over a part of your digital person with the intent to manipulate, aka digital slavery. Search engines are not deterministic. There are only two relevant web crawlers and all search engines use these either directly or indirectly. This is the primary choke point where you can be easily manipulated with information, especially when combined with YouTube’s link to one of these crawlers. This is not banner ads, this is political opinions, foreign policy, and manipulation of information down to the individual scale. It is theft of autonomy. It is an attack on the third pillar of democracy - press/freedom of information. It always has been since the dawn of the free stalkerware internet.

    The fix is simple. The kernel modules and documentation for all hardware sold commercially must be open source. Anything less is ultimately theft of ownership, neo feudalism, and will lead to the end of democracy.

    THAT is the true weight of this tiny little message and annoyance. It is a much bigger issue than it first appears to be.