Android Security vs Customize-ability. What would you rather have??

[LinusTech]

I had a very interestnig meeting with Samsung's Canadian B2B division yesterday. They wanted to talk about a couple of very interesting technologies. One of them is a little bit older now, and it's called SAFE. It's basically security features that Samsung is building into the Android ecosystem, and is then releasing open source to the rest of the Android handset makers in hopes that it will achieve widespread adoption. That one was launched back in 2012 and includes things like full device encryption support.

The new one is KNOX, which segments the user space on the phone from the work space on the phone and enables many of the enterprise features on the phone (like allowing the IT department access to your phone for diagnostics, or allowing VPN connections) to be accessed only from wtihin a controlled sandbox. This is very cool stuff because BYOD is not going away (bring your own device) and people want to use a single smartphone for work and personal use.

While those two things were the purpose of the briefing from Samsung's perspective, I was actually very interested in a particular slide in the presentation deck that amounted to "Android needs to become a more unified, secure, trusted platform from an enterprise perspective". One of the things on that slide was about preventing device rooting. I asked about it and the answer was basically "Yes, we are going to be working on our devices to make them "much more difficult to root" and we are going to be working on making the platform more secure in general. We expect other hardware manufacturers to implement the same things as us in the future.

So that's what it is then, folks... What are your thoughts? Not going to bother with a poll because I'd rather you just post below this and let me know what you think...

[T.E.D]

Coming from an ipod to a smartphone, in this case the nexus 4(which is still being shipped) I'd definently prefer security over customisation.

[rohan11221]

Nope to all of it, Basically they want to turn Android into iOS and the phones into iPhones and thats a nope, What attracted me to Android is that I can root it and do all those things to make it just how I want, Rooting doesn't make it any less secure people only root their phones for custom roms anyway there is no harm.

[rainbrodash666]

on the security V.S. customize-ability aspect I would not mind if the phones were shipped in a security centered mode that limited customize-ability as to not let the genereal public screw up their phones on accident by poking around. but also have the ability to unlock the phone to a fully customizable state where tech junkies and enthusiasts can tweak to their hearts content.

[rohan11221]

There is fine security on Android saying you would prefer security over customization is like saying you'd prefer security over any of your natural rights.

[mgsstar]

I think I would want security rather than customizability. Security is important because it can help prevent apps from taking your personal information.

[Marius]

It's very simple. Once Samsung decides to lock down their phones, I will stop buying their phones. Security should not hinder customizability and vice versa. A rooted device can be just as safe as a device that isn't rooted if used appropriately. I hope that Google realizes how much customization means to an android user and wont allow this to get too far as long as software and the stock android experience is concerned. Let's not forget what happened when Motorola tried locking down boot loaders and how that turned out...

[jetbuster]

security, besides if this is gonna be open source it will be on all the custom roms anyway

[JackyLee]

I think android should work on the costomize-ability, they have a lot of things that ios doesn't have, but that means it's harder to customize it.

I am an android user, I have used adroid 2.3, 2.2, 4.0, and 4.1. I think all of them look different, and it's hard to decide which one to use. 2.3 has really good looking, but it doesn't have all the new features. 4.1 has almost all the new features, but it's really confusing (like when you delete a contact), personally I think it doesn't look good, and it take a lot a battery because it's running at 60 fps most of the time to give us a good experience, in 4.1 they allow users to change the clockspeed in the settings, but it will take forever to get there especially when it's at 200mhz, that's like having a fan controller that has to be controlled manually. 4.0 is like in between but it's not stable at all. So it's really hard for users to decide which one to use, android should let users to customize the os (without rooting?).

Android is spending to much time on widgets and features, that's what makes them not professional (so Linus doesn't want to use android?), they should focus on the costomize-ability to give users a better overall experience with the system.

[Alcatraz]

One of the first arguments to be made for Android (imo) is the the customize-ability. SAFE and KNOX definitely have their appeals, no doubt, but I if I were to choose either customize-ability or improved security, I would opt for customize-ability.

I don't want to grow up.

[LimeFire]

I like the idea of having more security, but not at the price of custom roms and rooting. Unless i can get all the features i can get via rooting stock, i dont want to lose that ability.

[EricX2]

If Samsung wants to divide their phone line into mainstream and business class, then be it, but don't lump them all together. I will never need the enterprise security features for my personal device, so why limit my ability to customize them?

Taking away root is like Windows taking away administrator. Does that really make it safer or limited? Yes and yes.

[jazzyman9182]

A big part of Android is the customization, it would be good if they could add more security but not take away features.

Rooting is a huge part of why some people buy a phone, some apps need it, and others are so much better to use on a rooted phone than an unrooted. eg. Widgetlocker - You are able to block the home button press from exiting the widgetlocker lockscreen, instead of setting it as you home launcher which launches you home screen and makes it go all glitchy when you exit an app and go to the home screen. Just check out the XDA forums and the amount of people that root and the amount of custom roms on there for the popular devices. I don't think that they will be able to get rid of rooting, they might make it harder, but there are too many rooters out there and they will always find a way.

[Octagoncow]

I just want to preface this post by saying that I don't know all the risks of rooting, so I apologize if I say something that isn't 100% true.

Although I understand the desire to have a much more secure environment for Android, I think that it should always be possible to root an Android phone if you really want to. At the time of purchase, my Droid X2 was the only dual core phone offered by Verizon which made me confident that it would get a decent amount of updates. Version 2.3 was the last update from Motorola that I received since Motorola said that the 512Mb ram wasn't sufficient to run Android version 4.x. If it weren't for rooting I wouldn't be running Android 4.1, which my phone runs just fine. I think that if manufacturers were to find a way to completely stop rooting I simply wouldn't use Android anymore since it would take away the freedom that I love so much. As Linus quoted in his post, Samsung said that they plan to make phones, "Much more difficult to root" which doesn't necessarily mean that people won't gain root access, but it more than likely will take longer than usual. ​I do find this to be an interesting opportunity for other Android smartphone manufacturers who aren't planning on locking down their phones so much. It allows manufacturers such as Sony or HTC to release some phone which don't have any problems with rooting.

I think that in an ideal world it would be nice to have Samsung release phones which have these security features to the public (since in my opinion, most people don't seem to bother rooting their phones). However, a person could order the phone directly from Samsung and get a pre-rooted phone. Like I said this is a pretty ideal world and I have no clue how easy this would actually be to implement. I understand the need for security in the work space if a phone is being used for business purposes; but, my next phone definitely won't be a Samsung brand phone if it isn't root friendly.

[MrWatch]

I understand security being a big thing among the user - I mean, who wants their personal stuff stolen? That's why we take certain precautions to stop that from happening. The only problem is, you're never safer. Sure, you're safe-er running on IOS than Android, but a determined hacker with actual knowledge of what they are doing is not going to let that much get in their way. There was a professor I had once; He introduced himself by asking the class if our laptops we were so diligently taking notes on(before any lecture was happening?) were connected to the internet. We told him yes. He then told us that those laptops don't belong to us then - they belong to him and anyone else with the type of knowledge he has. The point is, we're never going to be completely safe from attackers and malware via the internet, and though we may be a tiny bit safer on IOS, I feel that we are sacrificing a lot on the ability to customize your phone and make it your own. IOS can't change its look completely like Android can, and Android doesn't even have to be rooted. I personally run linux and, while not being the most customizable flavor(Ubuntu), still allows for miles more of customize-ability over generic operating systems. For me, it is being able to customize my phone, operating system, computer, or whatever to make it my own. I'll just be cautious with how it's handled.

[JackyLee]

I think that samsung will not allow users to root the phone is just a rumor, plus it doesn't do a lot when you root your phone, you don't even need to root it to get a newer os either. Like everyone thought that intel will not release LGA socket CPU anymore, and nothing happened, they realeased the 3960x and 3970x now. It's just a rumors, if it's true, we can just use other phones, there are a lot of campanies out there, so why samsung? I am using the galaxy s2 right now, you don't know how bad it is after using this phone.... There was a problem with the motherboard, so users can not charge their device. So samsung isn't perfect, and I hope you guys will understand that it will not effect the security after you root the phone.

[Lyons]

Android has led the pack in terms of customization since its conception. Even without root there are thousands of things that the average person could do to tailor their phone to their needs. I don't personally see security as an issue, but I'm sure for business people it may be of concern. The way I see it I'm just as likely to have a security breach on my windows computers (or even computers I use that aren't my own) as I am on my Android phone.

Samsung and other OEMs can do whatever they want, I will always be using vanilla android on whatever device I have and reap the benefits of whatever good things are put into development. Apple spends an incredible amount of time and money locking their devices down and yet they can still be jailbroken, I don't see Android OEMs getting close to making phones too difficult to root any time soon. Like I mentioned earlier, so many things can be done without root, so if you disregard root access, Android has the potential to be the best platform for security AND customization.

Gaining root access to your Android phone is a risk undertaken by the user (both security and warranty wise), not the manufacturer. Really don't see why root is such a big issue. OEMs should soley be developing security for Android within the unrooted environment, especially as that is what the majority of consumers will be dealing with.

Separately to this, I honestly think that OEMs should be putting all their time into getting their devices on the latest versions of Android. This is Androids number 1 probelem, not security.

http://www.youtube.com/watch?v=iqc7CEE0ekE

[MrMattRunner]

Customizability by far. I'm a Junior in high school, although I've been around tech for a long time and even already have a couple computer certifications (hardware and OSs). I bought an iPod touch 3g 8gb (which actually has ipod 2g hardware. You tricked me apple, good one :/ ) off of a friend a couple years ago with the intention of getting textPlus and using it as my phone since I didn't have a job and couldn't afford to pay a monthly bill. It worked awesome, served it's purpose extremely well, and I loved it. But after a few months of using it I felt there was something missing. I decided to venture into new territory and jailbreak it, and I went crazy with customizing it. I couldn't believe I hadn't done it sooner. I later got an iPhone 3G (not 3GS) and told myself I wouldn't jailbreak it so it would run faster, but I only lasted a couple days before I broke down and did it. I'm still using the same iPod today (and I'm actually typing this post on it, but I'm stuck on iOS 4.2.1 since it is an older device and I'm looking to get something newer. I love iOS, but hate apple products, so I plan on getting an android phone because the platform was basically built for customizability, and that is what sets it apart from apple products in my opinion. New jailbreaks for iOS are few and far between these days and I couldn't go without customizing my mobile device to fit my personal needs. If android drops that, then frankly it becomes dead to me.

[IdeaStormer]

Security on a smart phone much like a computer or any internet device is dependent on the user of said device not the device no matter how secure it was made, the user can always foil the best planned out safe internet device. The audience here is probably much more in the know about what they are doing on their phone (I hope) and can make the mental choice to allow or disallow features/access to apps based on having a better secure phone. Customization depends on the user as well, some are just happy setting their own ring tone and background and they feel its customized. Others want to install a different OS and different underlying options that might or might not work, they'll roll the dice as they are more knowledgeable and are willing to take the risk. Vendors/Providers limiting phones just ruins it for everyone and in the end their supposed limits are circumvented anyway so its best to work on a solid piece of hardware and leave the extra customizations to the end user.

I'd prefer Samsung would work on getting their phones to us independent of the phone plan we're on using which ever means they can. I hate providers that have select makes and model's just a PITA!

[JackyLee]

Customizability by far. I'm a Junior in high school, although I've been around tech for a long time and even already have a couple computer certifications (hardware and OSs). I bought an iPod touch 3g 8gb (which actually has ipod 2g hardware. You tricked me apple, good one :/ ) off of a friend a couple years ago with the intention of getting textPlus and using it as my phone since I didn't have a job and couldn't afford to pay a monthly bill. It worked awesome, served it's purpose extremely well, and I loved it. But after a few months of using it I felt there was something missing. I decided to venture into new territory and jailbreak it, and I went crazy with customizing it. I couldn't believe I hadn't done it sooner. I later got an iPhone 3G (not 3GS) and told myself I wouldn't jailbreak it so it would run faster, but I only lasted a couple days before I broke down and did it. I'm still using the same iPod today (and I'm actually typing this post on it, but I'm stuck on iOS 4.2.1 since it is an older device and I'm looking to get something newer. I love iOS, but hate apple products, so I plan on getting an android phone because the platform was basically built for customizability, and that is what sets it apart from apple products in my opinion. New jailbreaks for iOS are few and far between these days and I couldn't go without customizing my mobile device to fit my personal needs. If android drops that, then frankly it becomes dead to me.

I am having the same problem, it just won't update. Speaking of security, ios had a glitch in the os where you can view the users' contacts without unlocking the device or knowing the password, so that's why I don't really like ios.

[Xenhat]

Security is always a concern when it comes to mobile devices, and things like full-device encryption are nice. However, sometimes the industry likes/tends to blur the line between securing and crippling. While I want the first, I despise the latter. Since most android phones are priced around 250 to 800$, I would like to have the feeling I own the damn thing for that price.

Since Android is linux-based, I don't think the security is much of an issue, unless there's an implementation error or negligence.

I think that Android should always give the user the ability to unlock advanced features such as rooting, in-depth customization of various parameters and stop crippling smartphones. Especially since some costs the same and even more than computers, crippling is unacceptable to me.

[EYCEthebest003]

I would be happy to see more security brought into the android ecosystem. but I'm not worried about customizability. modders will always find a way to root and create working ROMs for android. Look at the galaxy s3. it was supposed to be impossible to install ROMs on because of a security feature that re-flashes the stock galaxy s3 rom. now it has one of the largest selection of ROMs to choose from because of its popularity.

[LinusTech]

One of Samsung's comments during my conversation with them is that "most" of the viruses that affect Android are targeting or starting with rooted phones. Not sure how true that is, and I should disclaim this by saying the guys I was meeting with were going off of their powerpoint deck and they are not software engineers, but it seems like that's the internal conversation being had over there...

[Vince]

I'd rather have more security than customization. If Samsung and other android hardware devs want to tear more into the iPhone market, I would push that their product is much more secure than Apple's. However, Android's customization is one of the main reasons I prefer Android over Apple, and I can't see security being pushed over the main idea behind the Android OS.

[eshbop]

One of Samsung's comments during my conversation with them is that "most" of the viruses that affect Android are targeting or starting with rooted phones. Not sure how true that is' date=' and I should disclaim this by saying the guys I was meeting with were going off of their powerpoint deck and they are not software engineers, but it seems like that's the internal conversation being had over there...[/quote']

Sure, having a rooted phone may allow a virus to go about it's business a bit easier, but that doesn't necessarily mean rooting is a causal factor. The things power users are more likely to do with their phones could well leave them more vulnerable than your everyday user eg, getting apps straight from the net, etc.