Not only have I written about this before on related forums, but also have I talked and partially written about the AVBRoot Project and others which bring root access closer to the Android security model.
Your project sounds great, but it only addresses one part of the issue. But verified boot is far from the only security concept broken by root. Android uses the principal of least privilege (which makes a lot of sense, it’s actually used by a lot software). With root, a user-installed app runs with higher privileges than most parts of the entire operating system.
My block ads Magisk module:
Bruh you don’t need root for this man. Just set up NextDNS with the Private DNS feature in Android, or use AdAway if you have a free Vpn slot.
There’s other reasons to use Magisk for this instead, like not having a VPN slot free or wanting to use another DNS Server
Sure, but rooting your phone fundamentally destroys the security model https://madaidans-insecurities.github.io/android.html#rooting
I know.
Not only have I written about this before on related forums, but also have I talked and partially written about the AVBRoot Project and others which bring root access closer to the Android security model.
Your project sounds great, but it only addresses one part of the issue. But verified boot is far from the only security concept broken by root. Android uses the principal of least privilege (which makes a lot of sense, it’s actually used by a lot software). With root, a user-installed app runs with higher privileges than most parts of the entire operating system.