j4k3 , 4 hours ago

::: spoiler Google packages the Linux kernel for Android and provides it to manufacturers. All that is missing are all of the kernel modules that make all of the hardware work. These kernel modules are proprietary blobs. They are different for every device and may be different for the carrier specific revisions of every model.

If you try to update the kernel, to something like mainline, the changes present in the mainline kernel are not compatible with the old modules and will break stuff. The source code of these modules must be present when compiling the new kernel.

This is the intended behavior and design. It is theft of ownership using this mechanism.

However, it is not just this simple. Android is designed to allow idiot users that do not have a clue about operating systems, security, networking, or radio communications. Android makes this possible in a unique way, and is a great way to learn about how to secure a Linux system properly.

When the manufacturer finishes configuring the device kernel modules, the final step is to remove absolutely every way of adding a binary package to the device. This means they remove the su, sudo, wget, curl, git, Python, etc.

The entire Linux base is only present to run the Android user space. This is like a single Linux application. Nothing else is running in Linux like a .deb or .rpm.

So how does the competent configuration magic happen? - nobody asked.

This is the important detail to understand; the application developer is given the same user space permissions and access as the end user of the device. Android apps are not some static executable program you run on your device. These are entire user profiles that coexist with you at all times. This is how the application can operate securely without any intelligent configuration required by the end user.

SELinux is used to sandbox the various Linux directories so that apps are limited in their access to each other.

The code for Android apps is often garbage. It has to do with the enormous number of devices, configurations, exceptions, aging, and just bad code. Android handles this by just steamrolling through. It can largely get away with this because there is no way for the app to modify the kernel and compromise the system, or for the user to do so for that matter. This is why you can’t have root on Android and adding root is absolutely insane and will wreck your device.

You are not admin. Most of the privacy aspects are a joke to make you feel better. THIS is why everyone wants you to use their app. Apps are users that are always with you, and very intimately. These are your soulmates; your digital life partners — far more intimately connected than any human partner. In a sense, Google and Android are the pimp, and you are the product.

If you have a full kernel, you must have the administrative binary, or at least the package key for access to the bootloader. If a mobile device existed fully open source on mainline, you shift the burden of configuration onto the user.

There are also many aspects of Android that are more advanced than the mainline Linux kernel. Things like asymmetrical CPU schedulers, or how I glossed over the way there are 3 types of users. The way the modem interacts with the SOC is another enormous mystery to me and a giant can of beans. The simple ways that typical Linux distros are configured are nowhere near sufficient for a mobile device. Fedora is one of the only distros that even comes with SELinux but it is set permissive and unconfigured out of the box. Most people never really get into understanding NFTables and networking, preferring to have lax setups using ad block where others do it for them. You would need to know all of these systems intimately if you want full control and for mobile networks to allow connections, or payment systems or banking apps to function. That is simply unrealistic to expect for the general public. In truth, for a typical Linux user, something like OpenWRT is hard. Android in its true complexity is next level beyond this.

Still, it is not full proof. The Linux kernel has around one bug for every 1k lines of code. That means there are tens of thousands of bugs. These are found and patched constantly. However, kernels on Android are almost always ancient, and static/unchanging. This is the reason custom ROMs have existed all of this time. When a bug is found, that exploit is the way into the kernel and an administrative root binary can be added. The only exception (that I know of) is Graphene OS. The Pixel has the same type of Trusted Protection Module (TPM) as your computer uses for UEFI Secure Boot. This device enables Graphene OS to sign and load a separate encrypted operating system without cracking the kernel like a typical ROM.

In an ideal world, governments would protect the unalienable human right of ownership autonomy. This is a cornerstone of citizenship, and therefore democracy itself. Ownership is simple to regulate by requiring that all hardware sold must be fully documented with every piece of the toolchain used to configure the hardware made publicly available immediately upon public offering. This would not change Android as it is now, but would make it possible for the community to take full ownership over their devices and take away absolute control from Google/manufacturers with planned obsolescence.