Why i think Fairphone OS should drop root and pre-install Google Apps

Probably,

to make sure everybody can at least try to speak a common language, when i speak of “pre-rooted”, or should be “un-rooted” by default, i refer to no su program being installed. That small program is required for apps to gain elevated system rights, ie. they can do more and modify the system to a larger extend compared to “normal” apps. This is comparable to the “Administrator” rights/account on Windows or the “root” account on linux or running commands with “sudo” on Ubuntu/Mac OS X. I am not talking of “rooting” device as explained by @keesj above.

An unlocked boot loader (which the FP2 might have) would make it possible to install such a “su” program relatively easy and that way use apps that would otherwise not function. We shall not call that process (of install su) rooting as @keesj explains above.

I argued that I think while the having root, ie. having a functional su program installed, is pretty useful for some users, the majority of not so tech-savy users does not really use it. The elevated rights to modify integral parts of Android apps gain trough su can pose an additional risk, i completely follow the reasoning of FP2 above in this aspect. I think it is better if users actively install that su program. so they know what they are doing. Additionally, some apps will not run if they detect the su program on your Android, another reason to make it optional.

I am happy that Fairphone will probably implement this change for the FP2, because I hope that will improve the experience of less technical interested users. Let’s hope it is possible to keep the bootloader unlocked or provide easy means to unlock the boot loader, so that everybody wanting to install su can do so.

Let’s see how thinks play out regarding Google apps ans support/means to build Android yourself for the FP2. @keesj, @anon12454812 : I can only recommend you to take a look at what Sony does with AOSP for Xperia . I think that is very great effort.

To get this discussion more constructive and back to topic, what do you all think something like AOSP for Fairphone? This has been part 3 of my original post since the beginning and i think that is something worth talking about .

I disagree. What Sony does is not much different from what other companies, who don’t offer the option to unlock, do. Other companies lock their phones via technology (locked bootloader, no “work-around”). Sony locks theirs via contractual means: you lose your warranty. Given the number of locked phones for which an “exploit” exists, Sony’s approach is probably even the more “air tight” one.

To me, FP2 not having root (su) by default is a pity. But given an unlocked bootloader it really is little more than an annoyance. I can easily add it myself if needed / wanted. However, that only holds if my FP2 is still covered by its warranty after I have “rooted” it. Otherwise Fairphone is no different from Sony, securing / locking the phone via contract instead of technology. And that would hardly be fair, since (like I mentioned in another topic), it is quite dishonest to ask people (your customers) to be fair (to you, the people who build your phone, the environment), unless you are being fair to then (your customers) in return.

I updated Fairleaks with the new information.

It is not about the unlocking tool. It’s not at all about unlocking, please read some of the earlier posts. It is about providing good tools and drivers etc to build Android for the Xperia devices directly from official Google sources and installing the builds on the devices. My point was also not related to warranty. Please see the link posted above

Actually i am quite confused by that? Can you put that into other words?

ben, you were explicitely suggesting Sony’s efforts (wrt AOSP support, yes) be considered as a model for Fairphone to base its own efforts on.

Insofar as this refers to Sony’s efforts in publishing full source and additional, required tooling, yes I agree with you. This is to be applauded. And as we all know, this was already on Fairphone’s agenda with the FP1, though that didn’t materialise for various reasons.

However, my point is this: if you refer to Sony as a “role-model” worth following, then it we’d have to consider the whole of Sony’s actions. On the one hand, they are quite open, publishing sources etc, like you mentioned. But on the other hand, they are closed as well: the price for the “freedom” to install something different from the default Sony OS image, is that you lose your warranty.

So while I would certainly like it if, for the FP2, Fairphone were to “make good” on their promise (already started with FP1) of providing an “open” phone, I would certainly take issue with Fairphone modelling their behaviour on Sony’s w.r.t. warranty policy. Since I cannot help but regard that policy as dishonest, i.e. the opposite of fair.

My two cents on this:

CC: @keesj, @Ben, @HackAR
I couldn’t tell a user to just install a root browser without root…

While I agree that a lot of posts of @HackAR are intoned in a way which is killing off any discussion, I would not want you to quit the discussion. While I don’t like the aggressive attitude in this thread, it is still important.

As far as I understand it, FP (which you represent here) made the decision not to deliver the FP2 with out-of-the-box (optional) SU rights. I don’t need to tell you that it’s frustrating for people who regularly use apps which request SU.

Among the which demand SU are three which are particularly important to me: XPrivacy, TitaniumBackup, and AdFree. I assume you know that of these, only TitaniumBackup is available via the GooglePlay store. Especially XPrivacy is a perfect example why root access is not only liberating, but also educational. Without it, I would not even know that some of my apps try to collect location data. I have friends and colleagues with Fairphones which don’t use XPrivacy, despite my effort to convince them, but even they use, e.g., TitaniumBackup.

To be able to use them, I had to enable general root access when I got my FP, I had to allow to install apps from other sources [which I can untick], and I had to allow each app SU rights [wich I could do on a case-by-case basis, or permanently]. I had to jump through hoops - and now, you tell us that you don’t trust users to be warned by all this hoola-hooping. This does not convince me.

If you offer this option, I would, of course use it. So would others.
I would basically have to if I want to use a proper backup solution. The one which came with FP is rubbish, and pushing everything to ‘the cloud’ is not an option. I tell everyone on this forum to make a proper backup before sending their phone in to support, and they need SU rights for that.

What I don’t grasp is what the difference actually is. As I said, when my FP arrived, I had to allow root access to FP OS - I assume, by the way, that this is also needed for to the “Peace of Mind” app, which as far as I understand needs SU rights to work. It did not come “pre-rooted”, but I had to allow root access.

So what is the actual difference now?
That I have to jump through just another hoop?

What this means for support is not fully clear from what you wrote. I fully understand that you cannot deliver software support for problems I create myself, e.g. by using apps which require root. People who expect this cannot be helped, in many ways, and support openly should say so. We, as a community, try to help each other in those cases - check, e.g., my thread on trouble relating to Google Cloud Messaging I am experiencing currently. I expect that everybody who has a problem with his or her FP checks back with the community. And I expect from support that after I tried everything (including to reset my FP), I can ask them and do not get standard email responses like "have you tried turning it off and on again. Regardless if my phone is rooted or not. I want people, not support drones. I think FP can deliver this. Even with root access enabled.

I bought the FP because I wanted to support your efforts to deliver a “fairer” phone, fully aware that it is not possible to produce one in the current circumstances. However, root access was a big part of the appeal, and I would not like to miss it. If the FP would not have had dual SIM and root access, I would not have bought it. Also, pre-installed GApps would have deterred me: Fairphone was about choices.

Don’t take that away from us.
You would be much less awesome.

[quote=“humorkritik, post:101, topic:5582”]
While I agree that a lot of posts of @HackAR are intoned in a way which is killing off any discussion
[/quote]I’m sorry. If people make wrong choices (imho) based on people who don’t care, I tend to get angry. More so if I’m affected in any way.

Peace of mind does need root? Did not notice that! Are you sure?
I think the difference with “jumping trought another hoop” is fundamental: It requires to install su manually and make the decision you wan’t the extra features as well as the extra risks. To me, that is quite a difference.

Besides, Apps that do not run with root would be running then on the Fairphone.

I completely understand. But i have the impression you are absolutly able to install su yourself. Image Fairphone provided a tutorial how to do that, explaining what SU means, what the pros and cons are and how to install. Would’nt that be good compromise. I think it would, with the added benefit of educating interested users how to tinker around with their phone, what su is actually and how part of android security system works. It would allow them better to understand compared to the situation currently on the FP1.

This is exactly the reason why i always repeated here that i wouldn’t want Fairphone to take away the possibility to have superuser access, but rather change the default on the delivered devices. I know many security dialogs you have to click away on good old Windows for example and how people ended to give Adminstrator rights to almost every program whatsoever, including games, or even started running their accounts as Adminstrator – fundamentally breaking the security system of windows.

It would be very easy for example, for a malicious app to trick users, who actually might not even have heard of “rooting” and superuser into allowing root. This is a very big risk you simply do not have on phones without su.

Dear @HackAR, i don’t know if you think of me as “somebody who does not care”, but i actually do, I care alot about privacy as well as open source and even more about fair production and sustainability. It’s just that we do not agree how to best reach this goals.

Peace of Mind+ does; and it does not much else than the original PoM: it can turn off basically all radios. So I assume allowing FP OS root does (probably among other stuff) exactly that: allowing root to PoM.

Sourcecode for both here and here.

This is my first smartphone. It is my first own device running an -ix kind of system. I am still learning. I messed up every now and then. So, whoami? I think, therefore I am root. Or if you want the German version: Ich bin /root. Ich darf das. Because the Fairphone came that way.

Fairphone actively supported tinkering. Even if they provide a tutorial for rooting the device (and I doubt they will, I rather assume it would be up to us to do that), up to now @keesj’s comments seem to translate to a disclaimer on top of everyting: “do not expect any service from us after this”. This is the same attitude other manufacturers show. This is not what Fairphone stood for.

I, for one, stand by something which was an original claim made by Fairphone as well:
If you can’t open it, you don’t own it.
This includes: if it’s not rooted, it’s not yours.

I also think your Windows-analogy of users klicking away every warning is wrong and does not get better by repetition. It’s a different thing. It might have been like this on XP. But since Win7, you get asked for admin privileges in a different way, basically forcing you to focus on the warning - much like on Android. You surely noticed that it’s much more unlikely that a program gets admin rights like this. Tricking someone in acknowledge admin/root rights for a game is difficult. There will always be user errors, but it’s not the job of Fairphone (or Apple, or Google, or Microsoft) to put the users on a leash. I don’t want a walled garden. Tearing down walls, disrupting, is something Fairphone started with. Going back one step is unnecessary.

To end on a lighter note: I did not try this, but I bet it needs groot rights.

Actually, that is an interpretation of the claim. And one i would not agree to. 1.) The openness shows in Fairphone providing detailed instructions how to physically opening and repairing your device, 2.) The Fairphone uses an unlocked bootloader and will probably continue to do so, see above. That allows you to install other OSes as well as superuser access. And 3.) “It says if you can’ open it”. If you wan’t to translate that into root access, you are still able to open it, you simply have to install su yourself. That is hardly not beeing able to open it, it’s rather having to open it compared to being open on delivery, to stay with your interpretation.

It do not understand why so many people argue as if the right to open their device (software-wise) would be taken away from them. It is simply not the case. I hate this repetition, but it is not about not being allowed to install supersu or whatever. It is just that some would prefer the Fairphone not coming with root per default. It therefore would require one additional step to groot your Fairphone. What’s the big deal?

I think the main misunderstanding is due to the fear of “if you root you won’t be supported” question; I don’t see any statement like this from Fairphone but maybe they should be more clear on that point, because I interpreted their point of view regarding negating the support of heavily modified systems (like those on which XPosed framework is installed) more like “we don’t have enough resources to answer questions from everyone with every kind of system mods” instead of “we will support only users which don’t root, so don’t modify their system too much”.

[quote=“keesj, post:38, topic:5582”]
[…]we will not “add” root in […] supported installations
[/quote]=> rooted phone = unsupported installation = no support.

Yes but the question is what kind of support you are looking for.
If you run into problems because of some apps that use root acces (like: I installed Xposed+GravityBox, now the Quick Access Menu is gone)then Fairphone obviously isn’t obligated to help you. With such problems come to the Forum.
The question is: If e.g. you have GPS/Navigation problems, try some solutions found on the forum, one of them including GravityBox, the problems persist and you decide it must be a problem of your specific device and contact support: Will they refuse to help you because you - at a time - had GravityBox installed on your device?

That was exactly what I meant I think Fairphone should clarify this in order to avoid speculations and worries…(given that I don’t expect to be supported if I root my phone and start to play with system files )

This:

This is not what Fairphone stood for.

It never was. But if you tell people they they’ll loose support if the device is rooted, it’s a different story!

It would be like Apple saying you’re not allowed to jailbreak all over, in a slightly different way. Fairphone should encourage people to play with their device, and not try to be superprotective.

Back when the crowdfunding campaing was startet, while the Hacker community might not have been impressed with the hardware, and certainly not with the OS version trouble, they were very positive towards the device, precisely because it would come rooted. I’m not doing astroturfing here - I foresee another step away from a part of the the original customer / peer group.

I imagine if @anon90052001 would present the steps towards FP2 at the ChaosCommunicationCongress, and mention FP drops root out-of-the-box to protect customers from giving apps to much access, he would get some very critical questions. And I imagine the same would also be true for the the discussion list of le quadratur du net, and so on.
(Adding @anon90052001 here because this might be his area of expertise as community/social media manager.)

This is very extensive shortening @HackAR. I understand there is some clarfifcation need here. @anon90052001 and @keesj will probably supply that soon. One misunderstanding comes from what “rooted” actually means.

Meanwhile, see Keesj above:

So there is no statement that installing “root” makes you lose support or even warranty, just that they cannot promise support if you install Xposed or otherwise heavily modify your system. I still miss the clarification what you understand from “support” from those of you saying this step would move away the Fairphone 2 so much from the original idea.

Actually not. If the FP2 indeed comes unlocked, you can hardly speak of FP to be “superprotective”.

Yes, probably, but the answers to these questions make sense in my point of view. The same people still buy MacBooks and iPhones and everything. I know the Hacker might be supportive to the Fairphone. But to be realistic: Installing a su.zip in recovery is certainly no big deal, nothing anybody could realy care about so much. Certainly not if the driver/kernel/etc situation get’s really better with the FP2. Because that, in my point of view, is something really important. I find it interesting that there is so much opposition to such a small change. Something that can actually be nothing more than a small annoyance.

It is as easy as that: If under “support” you understand help getting all the parts, software/hardware, working together as supposed on delivery of your phone, you cannot expect to modify your system deeply with Xposed and still get help if Gmail stops working. And i actually think we agree on that one? So what “support” are you afraid of loosing?

[quote=“ben, post:112, topic:5582”]
just that they cannot promise support if you install Xposed or otherwise heavily modify your system
[/quote]And that would be an extension of what they’ve said But I hope you’re right, as that’s what I’ve been promoting in here.

It is a big deal. It transports a philosophy against openness. These people like to use the term cognitive dissonance when talking about themselves buying Apple products, because the want the hardware which forced them to hack them. This is a big deal, and no mistake.

By the way, I forgot to mention one app which needs SU which I use so routinely that I even forgot about it. It’s called Orbot, and it protects my privacy in unencrypted public WiFi, to some extent.

I repeat: it is a big deal to drop root.