- TitaniumBackup
- ability to monitor battery consumption
- some dpi evasion apps (they sometimes work where no vpn gets through)
- packet capture
- Macrodroid
- view wifi passwords
- edit gps.conf, wifi configs, add custom root certs, change default font, etc
- ssl cert unpinner
- call recording
- install Youtube Vanced over original one
- allow screenshots from any app
- forbid quick tiles access from lock screen (holy crap, why not all roms have this option??)
- block custom wakelocks
- allow app versions downgrade without uninstalling them
Unlike most people, I pay attention to and carefully configure permissions for my apps when I install them. Only to have Google tear down all that hard work a few months later :-S.
Others also feel this pain:
https://support.google.com/android/thread/159501058/how-do-i...
Not sure why the stock app hasn't got a Disable checkbox for that feature, wondering if there's a LineageOS-friendly equivalent that does.
I don't know how to turn this misfeature off. Lineage just has a generic slider on a per-app basis, but it still requires revisiting each apps' settings page.
It should be possible with lsposed, but I haven't found such a module.
I learned the hard way after the fact...
By using that unrooted custom ROM, it's not like root doesn't exist anymore, you just don't have it. The people who built the ROM have root, not you. They own your phone. It's their phone, not yours.
Having access to a root shell isn't bad, or dangerous, or a security risk. Not having means not having ownership of the device.
Have zero cloud dependence. Nobody has my data but me. I pay nothing and give up nothing.
My phone is a linux box. I can ssh to it any time I want to get a shell. It has a permanent reverse ssh shell and OpenVPN connection out to my other systems. And no, this has almost no impact on power usage (if done correctly).
Real filesystem access without restrictions. This allows for full rsync backups and restores of any app and any data on the phone. I built a script that lets me easily backup and restore individual apps and even move/copy apps between Android devices. I also sync a variety of files on a regular basis (music, pictures, ebooks,...)
tcpdump to capture packets. I actually do this every couple of weeks/months, but it's not something I do regularly.
Call recording that actually works is impossible without root. skvalex is the best.
Adblocking, Bouncer, real screenshots in any app, real firewalling, disabling Doze and other stupid power savings that breaks shit, and a lot more.
[1] https://github.com/karlicoss/HPI#readme
[2] https://beepb00p.xyz/pkm-search.html#personal_information
On stock Android 12+ (LineageOS 19+), superuser access is necessary even to customize the default color scheme. (Except on Google Pixel devices, which have the UI for this built-in: but that's proprietary, not part of AOSP.)
The most common use cases would be easily installing and updating apps from third-party stores (such as F-Droid through their Privileged Extension) [1] and ad blocking.
1. https://f-droid.org/packages/org.fdroid.fdroid.privileged/
then F-Droid will already be installed with system extensions and you won't need root.
You're right of course. You don't need actual superuser access to the live system to make it work (only through recovery). And, as is the case with LineageOS for MicroG, it can already be integrated into the custom OS.
Thing is, when you start doing such things, the next step is often "rooting" the device anyway, so that you can hide what is considered being "rooted" (which can be as little as running any custom OS) from APKs with "root detection" that otherwise refuse to run.
* Reverse engineering, mostly to satisfy my own curiosity, but also to verify that the few third party apps I install don't do scummy things behind my back. I mostly use frida [1] for this and if I want to change the behavior of something permanently, I make a module for LSPosed [2].
* Get rid of Android's awful app links feature [3]. I despise Android >=12's behavior of always opening deep links in "official" apps (eg. Youtube) by default. To open those links in third party apps by default, the user has to go into Android's settings for the app and manually whitelist domains. This module forces Android to treat every domain as "unverified", which restores the old behavior of prompting the user which app to use when opening a link.
* Call recording [4]. (Or playing audio into a phone call to rickroll friends... [5])
* Raw access to app data, mostly for extracting information from apps with no export functionality.
That said, I don't like increasing the attack surface of my devices, so I do a few things to mitigate that a little bit. I wrote some scripts to sign the Android OTA update images, apply the Magisk boot image patches, and sign the images with a custom key [6]. This way, I can keep the benefits of Android's verified boot with a locked bootloader while rooted. I also don't allow any third party apps root access. My (hacky) local fork of Magisk only allows executing `su` if the app is signed by my own key or with a password if executing via `adb`. My LSPosed build only allows modules signed by my own key as well.
[2] https://github.com/LSPosed/LSPosed
[3] https://github.com/Henry-ZHR/KillDomainVerification
[4] https://github.com/chenxiaolong/BCR
Actually owning the device I paid for, for one. Most people nowadays are glad to pay for a device only to be told how they can and can't use it, but not all of us.
My battery is over 5 years old and still holds a charge like it's brand new.
Backups!
[1] https://automagic4android.com/ Just noticed it's no longer maintained. One can use the more popular Tasker. Shame, though - Automagic could do everything Tasker did and was much easier to use.
https://play.google.com/store/apps/details?id=net.dinglisch....
I think the AM4A developer just decided to give up fighting with Google's constant locking down features and functionality.
To extend its life and usefulness I've began integrating B4A (b4x.com) with AM4A. I can call one from the other and xfer data between them using intents.
Also, you might need ADB, but there's ways to get rid of the bloatware without root: https://www.xda-developers.com/disable-system-app-bloatware-...
If you want to control it yourself maybe consider a pi-hole or similar?
Since am rooted anyways, it is my preferred method of installing Revanced Youtube [0], forcing auto-updates [1][2] for apps the way Google Playstore does it plus other miscellaneous fixes. It's also how I install microG[3].
Root has far too many other benefits to cover in one sitting but one of my favorites include being able to use an old app called DriveDroid to turn your Android into a bootable USB device capable of running live operating system ISOs.
[0] https://github.com/j-hc/revanced-magisk-module
[1] https://github.com/entr0pia/Fdroid-Priv
[2] https://gitlab.com/AuroraOSS/AuroraServices - This one isn't exactly self-updating but makes updating apps a one-click affair.
How's the access to hardware - does this mean I can essentially trial what 'daily driving' a Linux phone would be like without actually buying one/carrying two devices? E.g. can you designate Termux to handle phone calls/texts?
My provider (and employer) kicked the 3T off the wireless network because it was not "4G compatible", though it very much is. The Pixel 5 was discounted for purchase, so I got a new phone in a hurry and never rooted it.
I really miss the pure red night color mode that required root, and with Magisk it finally became reasonably easy to cloak from bank apps and such. Now my phone's configured and I'm just too lazy to root it and start over, and I'm also happy so far with Google's security updates.
I'm also aware of the intense monitoring and collection, especially as I see advertisement tied to verbal conversations that happened in proximity to the phone. I'm halfway through Surveillance Capitalism and it makes me want to get a flip phone and pull the battery when idle. I hate to admit it, but I just don't have the energy to keep up a pure Google-free Android any longer.
Another reason is XPrivacy Lua. Nothing beats it from privacy point.
- App Manager[1] has a powerful feature that lets you disable trackers in every single app on the device. (Menu > 1-Click Ops > Block/unblock trackers)
- Neo Backup[2] is the most comprehensive backup app on Android, with automatic scheduling. It lets you back up and restore anything you want, including app data that the developer labeled "no_backup".
- Install and upgrade apps from third-party app stores without needing to manually confirm each installation. Extremely useful for Aurora Store[3] and Neo Store.[4]
- Universal SafetyNet Fix,[5] combined with MagiskHide Props Config[6] and Magisk,[7] allows you to spoof SafetyNet on your device to improve compatibility with apps that check for it, including some banking apps, commerce apps, and games.
> trusting Magisk, going without Clockwork Mod on many platforms, eschewing security updates
I have no problem trusting Magisk[7] as a free and open source Android rooting solution.
ClockworkMod Recovery has been discontinued for years. The most advanced Android recovery is TWRP,[8] and TWRP is not needed to root the device with Magisk.
I don't know what you mean by "eschewing security updates" since rooting Android does not prevent you from receiving security updates.
[1] App Manager: https://github.com/MuntashirAkon/AppManager
[2] Neo Backup: https://github.com/NeoApplications/Neo-Backup
[3] Aurora Store: https://f-droid.org/en/packages/com.aurora.store/
[4] Neo Store: https://github.com/NeoApplications/Neo-Store
[5] Universal SafetyNet Fix: https://github.com/kdrag0n/safetynet-fix
[6] MagiskHide Props Config: https://github.com/Magisk-Modules-Repo/MagiskHidePropsConf
[7] Magisk: https://github.com/topjohnwu/Magisk
[8] TWRP: https://twrp.me/
Funny, since I read your post, I realize that I actually meant TWRP - I don't think I ever actually used Clockwork!
In any case, the simplicity of escaping any bootloops afforded using TWRP really necessitated its use - if you chose to risk your device's sanity with xposed/magisk scripts...
This reason seems kind of silly, since your phone will already pass SafetyNet out of the box. You only need that to keep passing it after you root.
If you relock the bootloader with a third-party OS, won't you still fail SafetyNet since the signing key won't be the one that Google blessed for that phone?
I know that CalyxOS spoofs the device signature to pass SafetyNet by default,[2] though it does not spoof the bootloader lock status. (It does support relocking, but only if the device is not rooted.) For LineageOS and all other Android-based OSes that I'm aware of, MagiskHide Props Config is the easiest way to spoof both the device signature and the bootloader lock status to pass SafetyNet.
[1] https://github.com/cnrd/MagiskHide-Props-Config#spoofing-dev...
[2] https://calyxos.org/news/2022/05/07/location-safetynet-fix/
It has begun to seem like an unnecessary risk, with the appearance of Android policies necessitating VPN Hotspot make manipulations to nftables, (https://play.google.com/store/apps/details?id=be.mygod.vpnho...), trusting Magisk, going without Clockwork Mod on many platforms, eschewing security updates.
What benefits are you guys reaping from taking root, these days?