Back in the day - rooting Android phones and installing custom ROMs were such a big part of Android. I remember so well using titanium backup and Greenify and Cyanogenmod and the list goes on.

Is it still necessary to root in 2023 though?

I have been on vanilla Android without root access for the past couple of years and at this point most root features have made it into the vanilla Android OS. What are your thoughts?

  • spacebot3000@lemmy.world
    link
    fedilink
    English
    arrow-up
    65
    ·
    1 year ago

    I’ve been a flashaholic since the CWM days, but I haven’t rooted since probably 2017 or so. Back in the day, rooting was practically necessary for a good UX, but Android’s matured enough now that I haven’t had the need for a few years.

    • GenderNeutralBro@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      11
      ·
      1 year ago

      Same. I still try to buy phones with ROM support in case something goes sideways, but I haven’t used a custom ROM on my daily phone since 2016 or 2017 — and if I were to flash a custom ROM today, I still likely wouldn’t root it. Things typically work well enough that jumping through hoops to un-break SafetyNet for banking and mobile payments and even some games is too much trouble.

      • Zebov@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        For what it’s worth, fixing safetynet is like a module or two and a couple reboots.

    • Aasikki@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      10
      ·
      1 year ago

      Ah, good old clockwork mod. Back when installing a custom rom was simple. Unlock boot loader, flash custom recovery, use recovery to install rom and wipe, done! None of this a/b partition and “you have to be on this specific version of stock rom to Flash this” crap. Those were the days.

  • Zak@lemmy.world
    link
    fedilink
    English
    arrow-up
    50
    ·
    1 year ago

    Necessary is a matter of perspective, and what it is you need your device to do. Mine is that if you don’t have root (or equivalent) on a computer, you don’t really own it. That’s a philosophical point more than a practical one - I’d want root even if I didn’t currently have a use for it.

    Practically, here are some things I use root for in 2023:

    • Advanced charge controller - limit battery charge to extend service life. Some devices have a built-in option now, but it’s usually only a single switch for 85%. I usually set it to 60%.
    • Backup of apps with their data (Neo Backup), to install onto another device or after a factory reset - I don’t think there’s a way to do anything like this without root.
    • Mounting remote devices for access by arbitrary apps using EasySSHFS - I don’t think there’s a good equivalent.
    • Accessing exfat format external drives, like the SD cards in my camera using MiXPlorer’s built-in filesystem drivers. Android is an asshole for not supporting more filesystems. It’s Linux; the support already exists.
    • Hosts file ad blocking - DNS ad blocking is a viable alternative now.

    If something blocks me from using it with root, I’ll give it a 1-star review on Google Play and probably not use it even if I can get around the blocking. If my bank starts using more effective blocking, I will probably change banks.

    • SolidGrue@lemmy.world
      link
      fedilink
      English
      arrow-up
      22
      ·
      1 year ago

      I buy my phones outright, so that’s MY equipment. I root it because I own it, full stop.

      If a ROM or App tells me I can’t be rooted then, like you, I won’t use it. I have options.

      Also, I’m the one paying for my data plan and I refuse to have ads leech on my rates. I will go WAY out of my way to suppress advertisers intruding on my browsing. That’s pretty much the extent of my cyber-activism, but it’s a hard line.

    • Promethilaus@lemm.ee
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Don’t use root but I do use custom rom safety net and play API work no banking app problems no Google play problems and advanced charge controller is built into my rom it even has that Google photo spoof built in it’s not feature rich but it’s clean, fast and I have removed most of the Google bullshit I am satisfied

  • mistermonday@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    32
    ·
    1 year ago

    I used to root my phone, run custom ROMs and tweaks, the whole thing. Was basically forced to keep stock when I got a galaxy S8, and now I haven’t rooted even with my past few pixels, it doesn’t feel useful anymore. I might root my pixel 5 in the future as I plan to keep it for a long time, but right now I’m stock

    • The Giant Korean@lemmy.world
      link
      fedilink
      English
      arrow-up
      16
      ·
      1 year ago

      I stopped rooting when I got my first Pixel. It didn’t feel necessary any more. Most of the things I rooted my phone for were just there now.

  • Psythik@lemm.ee
    link
    fedilink
    English
    arrow-up
    31
    ·
    1 year ago

    Haven’t rooted in years. Don’t really need to anymore.

    Plus root breaks my banking app and I need that.

    • Zebov@lemmy.world
      link
      fedilink
      English
      arrow-up
      12
      ·
      1 year ago

      I’ve never had a phone that hasn’t been rooted and also have always been able to use every app. Google pay might get pissy occasionally, but every banking app has always worked.

  • Engywuck@lemm.ee
    link
    fedilink
    English
    arrow-up
    20
    ·
    1 year ago

    Necessary for what? If you want to block ads system-wide, you can use the Private DNS feature. But to fiddle with system partition/install Xposed stuff you definitely need root

    • mineapple@feddit.de
      link
      fedilink
      English
      arrow-up
      12
      ·
      1 year ago

      What? There is a module for that called SafetyNetFix. I am fully rooted and can usw any App I want.

      • HidingCat@kbin.social
        link
        fedilink
        arrow-up
        4
        ·
        1 year ago

        You’re basically playing cat and mouse with these fixes; I don’t want to be stuck without access to apps for a day or two, and what I gain isn’t that great anyway.

        • mineapple@feddit.de
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          If that is your mindset, you’re definitely better without root. My phone is rooted for three years now and never had any issue. I never had an app fail with my methods to hide Magisk. I even got GPay and contactless payment working when I still had Google services installed. Without them, it is impossible unfortunately.

          • HidingCat@kbin.social
            link
            fedilink
            arrow-up
            2
            ·
            1 year ago

            I ran a Lineage OS on a Mi 5 for 2.5 years, there were definitely some days when my banking app would fail and then Magisk would come up with a fix a few days later. Given the prevalance of digital systems I’m not wanting to go without.

            Feel like I’m being attacked for not wanting to root, in a thread asking people whether they root or not. This feels like people being asked if they believe in Jesus and those who say no are swamped by believers who then chastisise them.

    • Zebov@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      What does it break? I’ve always had a rooted phone and outside of Google pay, have never had anything not work.

      Fixing safetynet is just another magisk module (or two, it’s been so long I don’t remember anymore).

    • pacjo@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      Have you tried KernelSU? Also if you’re careful with magisk you can get SafetyNet to work, even Play Integrity API (but only Basic and Device integrity as Strong requires locked bootloader (or a really bad implementation of security mechanisms as seen here))

      • HidingCat@kbin.social
        link
        fedilink
        arrow-up
        3
        ·
        1 year ago

        As said above, don’t want to be stuck without access to payment apps and ID apps even for a day or two. Risk not worth the reward.

        • pacjo@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          That’s your decision. I experience no issues with my setup, but you do what you want.

      • matt4542@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        KernelSU? Hadn’t heard of that one before.

        Do you get proper compliancy with the Integrity API?

        • pacjo@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          1 year ago

          KernelSU? Hadn’t heard of that one before.

          It’s relatively new, few months old at most and started as a joke.

          Do you get proper compliancy with the Integrity API?

          Screenshot_20230804-134241_Play Integrity API Checker

          Feel free to ask more questions if you need. For me getting to this point was quite an experience, so I’d be happy to help.

          • MigratingtoLemmy@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            I’m very interested! Which device is this and how did you get to this stage? I believe GKI only really exists for devices running kernel version 5.10 and over. My device is running 5.4 so I can’t use this. I hope that in a couple of years KernelSU will become mainstream and I can reap the benefits of SafetyNet without having to deal with Magisk + Zygisk + LSPosed and a bunch of other stuff.

    • phamanhvu01@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      Yes this. Pesronally this is like 75% for me considering how reliant I am on online banking nowadays.

  • ahornsirup@kbin.social
    link
    fedilink
    arrow-up
    20
    ·
    edit-2
    1 year ago

    I haven’t felt a need to root a phone in years. These days you will get a usable UI and UX with basically all major brands and adblock can be done without root, so it’s just not worth the hassle trying to hide the fact that you’re rooted from banking apps etc. At least as far as I’m concerned, I’m sure that some people still see a benefit in rooting.

    Edit: I actually just thought of a reason: updates once the phone is past its official support window but otherwise still functional (though you don’t technically need root for that, just an unlocked bootloader, the new ROM doesn’t need to be rooted either strictly speaking). I’d just buy a new phone, but that really just means I’m a part of the e-waste problem.

  • pacjo@lemmy.world
    link
    fedilink
    English
    arrow-up
    20
    ·
    edit-2
    1 year ago

    Essential? no.

    Worth it? maybe.

    Nice to have control of your own device? absolutely.

    I have two devices, primary with root (through Magisk as KernelSU still has some issues for me) and secondary without root. Anytime I have to do something more demanding on the unrooted device I really wish I had root. Local terminal access, ability to disable some annoying “features” (verified app links) and multiple other things I use daily make it worth it for me.

    EDIT: I saw mentions of custom roms in other comments. I have a custom rom installed (AOSP based). If I was on a stock rom (or god forbid something like MIUI) root would be a must for me.

    • sheogorath@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 year ago

      Since the proliferation of mobile banking that doesn’t even work if you have your phone rooted and the manufactures getting more hostile towards custom ROM developer I practically have stopped modding my phone altogether. I used to be a guy who flashes ROM couple times a day. However now, especially I’m working remotely, I find myself on my phone even less. My phone has become basically only used for texting, banking, and Uber Eats.

      • pacjo@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        edit-2
        1 year ago

        There’s something interesting about mobile banking. I constantly see stories of issues with it on non-stock / unmodified software. The funny thing is that I have never had any issues personally. Until recently my banking app worked even without Magisk’s Denylist (and the most picky app was McDonald’s). Now (since few months) I have to add it to Denylist, but that’s the only requirement, no SafetyNet, no Play Integrity, nothing.

        • nyoooom@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          I guess some banking apps are less annoying about phone payment, but a lot of them are.

  • prejudicedribs@lemmy.world
    link
    fedilink
    English
    arrow-up
    18
    ·
    1 year ago

    I been on custom ROMs for years without root. But recently, root has moved from magisk to kernelsu, which is a kernel based root solution. Much better than magisk in terms of avoiding detection and required no extra install if your kernel already supports kernelsu. I’ve started using root features again thanks to kernelsu

    • And009@lemmynsfw.com
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      What kind of benefits are we talking here… System wide adblock? What kind of security would I be losing, last time I used a custom rom (don’t remember if it was rooted) i lost access to a few payment platforms

      • Laice@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        Payment platform didnt work due it detecting root. I guess this is now “fixed”?

        • protput@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          ·
          1 year ago

          Many of them detect unlocked bootloaders. Even when your phone isn’t rooted, you need an unlocked bootloader in order to use a custom rom. The fact that they refuse to work on unlocked bootloaders is insane.

          • Uhayabusa@lemmy.world
            link
            fedilink
            English
            arrow-up
            3
            ·
            1 year ago

            kernelSu doesn’t require you to install or flash anything to get root access if your kernel supports it just install KernelSU app and done you’ll just have to give permission within Kernelsu app apps won’t be able to request or detect root (like we used to get a popup to grant or refuse root access)it also supports magisk modules

  • ctrl@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    14
    ·
    1 year ago

    I still root my phone for system-wide adblock, call recorder and Xposed modules I have been using since Jelly Bean.

        • Illiterate Domine@infosec.pub
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          I’m using the BCR magisk module for recording on a Pixel 7. BCR seems to be pretty universal, but some dialers (OnePlus dialer is one) have recording disabled via config and can be reenabled with adb.

  • matt4542@lemmy.world
    link
    fedilink
    English
    arrow-up
    11
    ·
    1 year ago

    I purchased my first Android phone at 13, the Motorola Droid. In less than a month, it was rooted running a custom rom. I rom hopped weekly, tried all sorts of hacks and modifications, and eventually started releasing my own (very crappy) custom roms. I did this all the way through until I had the G6.

    I eventually started getting phones where I can unlock the bootloader, and for a bit I would root such as my Essential phone or my Pixel 3a or 4a 5G but since the Pixel 6 I haven’t had any reason for perpetual root. I unlock my bootloader, and I root when needed and remove magisk when no longer needed. The cat and mouse game of trying to bypass detection alone makes it a pain when I have banking, work apps, etc that all validate hardware attestation.

  • j4k3@lemmy.world
    link
    fedilink
    English
    arrow-up
    10
    ·
    1 year ago

    The big thing now is Graphene OS on the Pixels. It is a custom ROM that works exactly like an OEM. The reason this works is because the Pixels ship with the same type of cryptographic hardware security chip as modern computers with TPM/secure boot. This chip makes it possible to create a verified chain of trust in the device so that Graphene can do over the air updates to the device. The ROM is configured with root disabled and the full Android 3 party lockdown user space for regular operations. You still have root through developer mode and USB if you need it. I’ve done custom ROMs for many years in the past, but nothing compares to the Graphene experience. As far as I am concerned, Graphene’s list of supported devices is the entire list of available phones I will consider purchasing.