Androids sandboxing is far from bulletproof
Comment on Did we win?
OrganicMustard@lemmy.world 3 weeks agoAndroid runs apps sandboxed, so no app can access what you write in another like your banking app, or the unencrypted packages it sends.
Anivia@feddit.org 2 weeks ago
OrganicMustard@lemmy.world 2 weeks ago
That one isn’t an issue with the sandboxing but with the networking system. Secure browsers have that in consideration and are not vulnerable to meta’s tracking.
Pika@sh.itjust.works 3 weeks ago
Yea the argument stated works better for rooted environments than rootless environments or sideloading.
In a non-root scenario, you would need to specify a few permissions to give a keylogger that amount of access. I think that a big issue is people not understanding that there is a difference between a rooted device or root installed app, and a sideloaded application.
Just because you have a non-google device or a rooted device != you have a compromised device. Applications aren’t going to magically install running as root, every rom worth their salt keeps it a clear isolation between the layers, and some roms don’t even allow you to use the root environment after installing it.