Question Why do companies fight Android (P6P) rooted while not Windows OS?

Search This thread

rester555

Senior Member
Oct 27, 2010
569
262
Google Pixel 6 Pro
Need some feedback from the community. What the title says. I can download Hulu on Windows 11/10 (desktop computer with unlocked processor and root permissions of the OS) and watch everything through my account but with Android P6P rooted, it's a PAIN IN THE ASS to watch hulu through the app.

I just don't understand the logic here. Can someone explain the difference?
 

stelmilt

New member
Aug 5, 2019
4
1
Redmi 7A
Redmi Note 8
Need some feedback from the community. What the title says. I can download Hulu on Windows 11/10 (desktop computer with unlocked processor and root permissions of the OS) and watch everything through my account but with Android P6P rooted, it's a PAIN IN THE ASS to watch hulu through the app.

I just don't understand the logic here. Can someone explain the difference?
They are different things. I am not an expert but I know that android is linux based and windows isn't. There are different techniques used to display things, get root access, use the internet/apps etc. Also, the processor comes unlocked and it is meant to be that way unlike the phone which comes locked.
 
  • Like
Reactions: rester555

rester555

Senior Member
Oct 27, 2010
569
262
Google Pixel 6 Pro
They are different things. I am not an expert but I know that android is linux based and windows isn't. There are different techniques used to display things, get root access, use the internet/apps etc. Also, the processor comes unlocked and it is meant to be that way unlike the phone which comes locked.
Fair point, my computer comes with an unlocked processor, but the phone comes with an unlockable bootloader, but that's a pretty weak argument with over the top restrictions from these vendors. It seems like they all have a vision in the future and that's everything behind a server wall in the future I bet and you are just a dumb terminal with a data pipe.
 
  • Like
Reactions: stelmilt

rester555

Senior Member
Oct 27, 2010
569
262
Google Pixel 6 Pro
I guess another side point is how do you check which level of widevine you have? If memory serves me, on A13 if you don't have the proper level apps don't show movies like Hulu. Has this been solved for A13 on P6P?
 
  • Like
Reactions: stelmilt

roirraW "edor" ehT

Forum Moderator
Staff member
Yep, Windows is a very different animal. Even with UAC (User Account Control) that has existed since Windows Vista, the main account of a Windows PC is still an Admin and effectively has root control. You can store Word documents in the Windows\System32\Drivers subfolder if you want. This kind of thing happens by accident all the time. It's pretty crazy, really.

I think even "Standard" (non-Admin) Windows accounts have far greater permissions than they would for some aspects they would on a Linux-based device. I think Standard users can still store things in the wrong places, but probably not as many wrong places, and they can't access other users' folders.

In the end, streaming services operating on a Windows PC have to operate without as strict conditions because the computer is already "rooted" as it comes from the manufacturer.
 

96carboard

Senior Member
Jul 17, 2018
882
530
Need some feedback from the community. What the title says. I can download Hulu on Windows 11/10 (desktop computer with unlocked processor and root permissions of the OS) and watch everything through my account but with Android P6P rooted, it's a PAIN IN THE ASS to watch hulu through the app.

I just don't understand the logic here. Can someone explain the difference?

There is ZERO difference, except EXPECTATION.
Because the software vendor CANNOT expect any desktop/laptop to not provide elevated privileges on demand, but STUPID FRIKKIN GOOBLE built it with these fundamental restrictions in as expectation.
 
  • Like
Reactions: Aqq123

burned-donut

Member
May 1, 2022
6
4
tl;dr; because android and Linux are open source

Whenever the app is starting either in windows or android, the only thing it can reach out it's an operating system. The app has almost no privileges over the OS while the OS has ALL over the app. Since the app wants to work with its own data that shouldn't be leaked, the app somehow must ensure it can trust the highly privileged OS before it brings the data into it. How an app can ensure? Well, with certain assumptions it can.

Windows is a proprietary OS with proprietary drivers. All drivers and critical binaries in the OS are passing Microsoft's signing to ensure they aren't modified and their developers are known. OS and drivers are all binaries which makes them hard to be modified or at least such modification would require abnormal resources like expertise, time, money, and knowledge. Windows passes different certifications, security audits, and under permanent attention from security researches. Such things as audits are trying to ensure the OS applies all available security measures and is using available hardware to protect the system and apps from intrusion/modification, thus enterprises trust it. Considering the all above, you, as an app developer, can easily assume: I can trust Windows as its binaries can be hardly modified as it leverages hardware to secure everything, so whenever our app will ask the OS to provide a hardware protected storage for the data, the app will get it.

The all above applies to the stock Android as well, and apps trust such systems. The only difference here is that app developers know that Android and Linux kernel are open source and anyone can modify them and flash into the phone. Now, how an app can ensure it runs on the OS that can be trusted? The app can do that by checking whether the OS is rooted or not. If it's rooted, the OS is certainly somehow modified. The app's devs are assuming that highly privileged modified OS can fake/emulate secure storage and steal the app's data from the less privileged app.

If you wish here is an analogy: Windows is a Ritz Hotel and Android is AirBnB. While they are serving the same purpose: host you as a guest, they are different, and you'll deal with them differently as a guest. Ritz has reputation, a license to run a business, and no one can fake a Ritz hotel. When you stop in a Ritz hotel, you can 100% be sure you can trust it and there are no hidden cameras in rooms as well as you can expect a decent service. Absolutely different story with AirBnB. In AirBnB everyone can be a host, and this brings a problem with a trust to a random person. Once you stop in Airbnb apartments, you highly likely will try to find a hidden camera to understand whether you can trust the host or not.

PS: as per my knowledge, some banking apps aren't running on rooted phones due to same reasons
 
Last edited:
  • Like
Reactions: roirraW "edor" ehT

96carboard

Senior Member
Jul 17, 2018
882
530
tl;dr; because android and Linux are open source

Whenever the app is starting either in windows or android, the only thing it can reach out it's an operating system. The app has almost no privileges over the OS while the OS has ALL over the app. Since the app wants to work with its own data that shouldn't be leaked, the app somehow must ensure it can trust the highly privileged OS before it brings the data into it. How an app can ensure? Well, with certain assumptions it can.

Windows is a proprietary OS with proprietary drivers. All drivers and critical binaries in the OS are passing Microsoft's signing to ensure they aren't modified and their developers are known. OS and drivers are all binaries which makes them hard to be modified or at least such modification would require abnormal resources like expertise, time, money, and knowledge. Windows passes different certifications, security audits, and under permanent attention from security researches. Such things as audits are trying to ensure the OS applies all available security measures and is using available hardware to protect the system and apps from intrusion/modification, thus enterprises trust it. Considering the all above, you, as an app developer, can easily assume: I can trust Windows as its binaries can be hardly modified as it leverages hardware to secure everything, so whenever our app will ask the OS to provide a hardware protected storage for the data, the app will get it.

The all above applies to the stock Android as well, and apps trust such systems. The only difference here is that app developers know that Android and Linux kernel are open source and anyone can modify them and flash into the phone. Now, how an app can ensure it runs on the OS that can be trusted? The app can do that by checking whether the OS is rooted or not. If it's rooted, the OS is certainly somehow modified. The app's devs are assuming that highly privileged modified OS can fake/emulate secure storage and steal the app's data from the less privileged app.

If you wish here is an analogy: Windows is a Ritz Hotel and Android is AirBnB. While they are serving the same purpose: host you as a guest, they are different, and you'll deal with them differently as a guest. Ritz has reputation, a license to run a business, and no one can fake a Ritz hotel. When you stop in a Ritz hotel, you can 100% be sure you can trust it and there are no hidden cameras in rooms as well as you can expect a decent service. Absolutely different story with AirBnB. In AirBnB everyone can be a host, and this brings a problem with a trust to a random person. Once you stop in Airbnb apartments, you highly likely will try to find a hidden camera to understand whether you can trust the host or not.

PS: as per my knowledge, some banking apps aren't running on rooted phones due to same reasons

That is all hogwash. They harass owners of mobile devices *because they can*, which is exclusively connected to expectation and not security.

As for your example of a custom compiled kernel, THAT IS NOT ROOT. That's just a custom compiled kernel.
 
  • Like
Reactions: Aqq123

burned-donut

Member
May 1, 2022
6
4
As for your example of a custom compiled kernel, THAT IS NOT ROOT. That's just a custom compiled kernel.
It’s not a “just”. Kernel is the most privileged part of the whole system and “just custom compiled” for app developers means “it’s no longer a kernel signed by the manufacturers we trust as they have contracts with vendors supplying a DRM subsystem and this unknown kernel has endless power over the system and who knows how it was altered”. Thus “just custom compiled android” with “just root functionality” is the same thing from the app’s perspective. Google for “android verified boot” and you’ll learn why “just custom compiled kernel” breaks the chain of trust.

PS: in past I was a developer of a linux multimedia devices that had supported the same thing to play drm media. Without proper drm support which requires a verified boot no one will allow you to join the US media market and import your devices. If Hulu app would allow to play a licensed content on devices without drm+verified boot — the Hulu immediately would be kicked out from the market by other players.
 

dragynbane222

Senior Member
Jul 2, 2012
225
102
Google Pixel 4 XL
Google Pixel 5
tl;dr; because android and Linux are open source

Whenever the app is starting either in windows or android, the only thing it can reach out it's an operating system. The app has almost no privileges over the OS while the OS has ALL over the app. Since the app wants to work with its own data that shouldn't be leaked, the app somehow must ensure it can trust the highly privileged OS before it brings the data into it. How an app can ensure? Well, with certain assumptions it can.

Windows is a proprietary OS with proprietary drivers. All drivers and critical binaries in the OS are passing Microsoft's signing to ensure they aren't modified and their developers are known. OS and drivers are all binaries which makes them hard to be modified or at least such modification would require abnormal resources like expertise, time, money, and knowledge. Windows passes different certifications, security audits, and under permanent attention from security researches. Such things as audits are trying to ensure the OS applies all available security measures and is using available hardware to protect the system and apps from intrusion/modification, thus enterprises trust it. Considering the all above, you, as an app developer, can easily assume: I can trust Windows as its binaries can be hardly modified as it leverages hardware to secure everything, so whenever our app will ask the OS to provide a hardware protected storage for the data, the app will get it.

The all above applies to the stock Android as well, and apps trust such systems. The only difference here is that app developers know that Android and Linux kernel are open source and anyone can modify them and flash into the phone. Now, how an app can ensure it runs on the OS that can be trusted? The app can do that by checking whether the OS is rooted or not. If it's rooted, the OS is certainly somehow modified. The app's devs are assuming that highly privileged modified OS can fake/emulate secure storage and steal the app's data from the less privileged app.

If you wish here is an analogy: Windows is a Ritz Hotel and Android is AirBnB. While they are serving the same purpose: host you as a guest, they are different, and you'll deal with them differently as a guest. Ritz has reputation, a license to run a business, and no one can fake a Ritz hotel. When you stop in a Ritz hotel, you can 100% be sure you can trust it and there are no hidden cameras in rooms as well as you can expect a decent service. Absolutely different story with AirBnB. In AirBnB everyone can be a host, and this brings a problem with a trust to a random person. Once you stop in Airbnb apartments, you highly likely will try to find a hidden camera to understand whether you can trust the host or not.

PS: as per my knowledge, some banking apps aren't running on rooted phones due to same reasons
A custom kernel is not the same thing as root. In classic Linux and UNIX, root is a user account that can do pretty much anything (even delete the entire OS if you know what flags to pass to rm, I will not go into what they are). Root is present on a lot of Linux distros until disabled, and all variants of BSD.

Next time do your research before acting like you know what you're talking about, there will always be someone who actually knows that will take you down a peg.
 

burned-donut

Member
May 1, 2022
6
4
A custom kernel is not the same thing as root.

You didn't read my comment carefully. I did say:

Now, how an app can ensure it runs on the OS that can be trusted? The app can do that by checking whether the OS is rooted or not. If it's rooted, the OS is certainly somehow modified.

The app doesn't care about the rooting itself, it has only concerns about whether it can trust the whole system or not. If the system is rooted → it came from an unverified source → it's likely somehow modified because it's open source → no trust. The rooting is only a red flag because none of stock Androids have it. Nowadays, there could be other options to check whether the chain of trust is broken or not, so apps could decline to work even if there is no rooting at all but custom kernel had broken the chain.

root is a user account that can do pretty much anything even delete the entire OS

That's no longer true. The Linux kernel (and Android particularly) has the SELinux subsystem that can be tuned up to prevent a root user from doing that. Kernel has absolute privileges, and kernel can manage what's allowed to the root user. Next time, do your research before acting like you know what you're talking about.
 
  • Like
Reactions: foobar66

96carboard

Senior Member
Jul 17, 2018
882
530
It’s not a “just”. Kernel is the most privileged part of the whole system and “just custom compiled” for app developers means “it’s no longer a kernel signed by the manufacturers we trust as they have contracts with vendors supplying a DRM subsystem and this unknown kernel has endless power over the system and who knows how it was altered”. Thus “just custom compiled android” with “just root functionality” is the same thing from the app’s perspective. Google for “android verified boot” and you’ll learn why “just custom compiled kernel” breaks the chain of trust.

PS: in past I was a developer of a linux multimedia devices that had supported the same thing to play drm media. Without proper drm support which requires a verified boot no one will allow you to join the US media market and import your devices. If Hulu app would allow to play a licensed content on devices without drm+verified boot — the Hulu immediately would be kicked out from the market by other players.

What are you on about? That has nothing to do with this discussion.
 

Top Liked Posts

  • There are no posts matching your filters.
  • 2
    Yep, Windows is a very different animal. Even with UAC (User Account Control) that has existed since Windows Vista, the main account of a Windows PC is still an Admin and effectively has root control. You can store Word documents in the Windows\System32\Drivers subfolder if you want. This kind of thing happens by accident all the time. It's pretty crazy, really.

    I think even "Standard" (non-Admin) Windows accounts have far greater permissions than they would for some aspects they would on a Linux-based device. I think Standard users can still store things in the wrong places, but probably not as many wrong places, and they can't access other users' folders.

    In the end, streaming services operating on a Windows PC have to operate without as strict conditions because the computer is already "rooted" as it comes from the manufacturer.
    1
    Need some feedback from the community. What the title says. I can download Hulu on Windows 11/10 (desktop computer with unlocked processor and root permissions of the OS) and watch everything through my account but with Android P6P rooted, it's a PAIN IN THE ASS to watch hulu through the app.

    I just don't understand the logic here. Can someone explain the difference?
    They are different things. I am not an expert but I know that android is linux based and windows isn't. There are different techniques used to display things, get root access, use the internet/apps etc. Also, the processor comes unlocked and it is meant to be that way unlike the phone which comes locked.
    1
    They are different things. I am not an expert but I know that android is linux based and windows isn't. There are different techniques used to display things, get root access, use the internet/apps etc. Also, the processor comes unlocked and it is meant to be that way unlike the phone which comes locked.
    Fair point, my computer comes with an unlocked processor, but the phone comes with an unlockable bootloader, but that's a pretty weak argument with over the top restrictions from these vendors. It seems like they all have a vision in the future and that's everything behind a server wall in the future I bet and you are just a dumb terminal with a data pipe.
    1
    I guess another side point is how do you check which level of widevine you have? If memory serves me, on A13 if you don't have the proper level apps don't show movies like Hulu. Has this been solved for A13 on P6P?
    1
    Further review of doing identity check, I am getting an HDCP disconnected error when using hulu. Seems like the Hulu apk is looking for HDCP connect status.