Originally Posted by D-U-R-X
I agree that you must be careful about what you do... you actually have to give apps root permission though, they don't automatically get it. I only give root access to stuff I trust... as an example, I use Titanium Backup to back my app data up (I like to change my ROM's every now and then) and I have to give it root access using superuser.
I understand and agree completely. There are some major conveniences in having root and then allowing select apps to use it. The whole point of my post was to increase understanding of the risks, and how important it is for users to be very conservative about which apps they allow to use root privilege. The post you referenced just added the icing on the cake -- i.e., if a user is concerned about allowing location access, network access, or sensitive personal data access, then they need to keep in mind that allowing apps to use root opens all of that and much more. You really have to trust your app developers for root to be reasonably safe. I like the comments in that post you linked about how you need to really check with the user community if you are uncertain about an app before giving it root permission, and read app reviews carefully. There were also some very good points about ensuring that you only download apps from reliable sources.
Originally Posted by apple2005
Thanks Mrhelper and DURX again. I am not happy to root my device but what to do? There are some essential applications which without root access will not work. Like another member said above, titanium backup, like droidwall, like orbot.
Would you like to tell us what to do if you need those applications? Is there anyway to use those applications without rooting. Thanks. No rudeness is intended.
The important thing to take away from this is that if you are armed with this knowledge, you can better mitigate the risks. You have to decide how much any particular app is worth to you, and weigh the permissions required by it against the risks. That point is true for several of the permissions, not just root, though root clearly imposes the highest risk. There are certainly as many opinions as there are a500s about which apps are essential, and every owner has to make the decision on how much risk they want to accept relative to the benefits of any given app. I won't even begin to presume that I or anyone can give a general answer that resolves all of that for everyone. It is certainly great to have the choice.
On a similar note, I would prefer that vendors provide owners a safe front door method to access root and then shut down back door root exploits as soon as they can. This would possibly reduce the incentive of developers to crack their own devices, because they would have already been granted access. I believe that this practice could reduce external root-based threats considerably. If something I own is locked so I'm restricted from using part of it, then I'm more likely to bring out the tools to break it open. If I already have the key, why do all that work? If vendors are concerned about the service issue, they could just include a read-only recovery ROM or a recovery SD card to restore the system to factory specs if needed for diagnostic purposes. Of course, that's just a wish, and not likely to ever happen.