The discussion I stumbled upon, about this SSH app for Android, is really worrying. Will Google really manage to make it impossible to root your phone?
But there’s more to this, it’s more complicated. In the Big Picture, Google has every incentive to make these changes — they lead to more security, and they’re aligned with Google’s corporate goals as well.
- When talking to users, Google will emphasize control over hackers.
- When talking to stockholders, Google will emphasize control over users.
Edit: I disagree with “they lead to more security”. That’s not “security”, let’s not turn words upside-down.
iPhones are much, much more of a walled garden because Apple is an anticompetitive control freak that loves planned obsolescence. The EU is having to force them just to allow other app stores on iOS other than Apple’s, and obviously it’s impossible to install a different OS on an iPhone (and it’s becoming impossible to manually install MacOS on their desktop machines).
Meanwhile on Android phones you can install any app store you want (Play, Amazon, itch, F-Droid, etc.) or just download an APK and install it directly, like we’ve done for 30 years on PCs. Many Android phones have an unlockable bootloader so you can flash a custom build of Android or even Linux on it. Even if the stock ROM doesn’t let you acquire root access, a third-party build often will (though many banking apps will complain if you try to use them while rooted). I put GrapheneOS on my Pixel so I could deny Play Services most of the incredibly invasive permissions it wants; other ROMs exist for many popular Android phones such as CalyxOS, LineageOS, etc.
In my experience, I haven’t really needed root for anything on a recent device. Running a custom ROM takes care of most of the reasons to want root in the first place, and what’s left isn’t worth the risk, to me at least, of a malicious or compromised app having root access to the device.