Yea the argument stated works better for rooted environments than rootless environments or sideloading.
In a non-root scenario, you would need to specify a few permissions to give a keylogger that amount of access. I think that a big issue is people not understanding that there is a difference between a rooted device or root installed app, and a sideloaded application.
Just because you have a non-google device or a rooted device != you have a compromised device. Applications aren’t going to magically install running as root, every rom worth their salt keeps it a clear isolation between the layers, and some roms don’t even allow you to use the root environment after installing it.
In your standard google phone install? A keylogger wouldn’t be able to be installed without enabling an accessibility permission. It’s not like you can just “oops I just sideloaded a keylogger haha silly me” like described. Both google installed and side loaded applications would require prompting a warning page that very clearly states it allows logging of the screen for the logging part of it to work.
Android runs apps sandboxed, so no app can access what you write in another like your banking app, or the unencrypted packages it sends.
Yea the argument stated works better for rooted environments than rootless environments or sideloading.
In a non-root scenario, you would need to specify a few permissions to give a keylogger that amount of access. I think that a big issue is people not understanding that there is a difference between a rooted device or root installed app, and a sideloaded application.
Just because you have a non-google device or a rooted device != you have a compromised device. Applications aren’t going to magically install running as root, every rom worth their salt keeps it a clear isolation between the layers, and some roms don’t even allow you to use the root environment after installing it.
In your standard google phone install? A keylogger wouldn’t be able to be installed without enabling an accessibility permission. It’s not like you can just “oops I just sideloaded a keylogger haha silly me” like described. Both google installed and side loaded applications would require prompting a warning page that very clearly states it allows logging of the screen for the logging part of it to work.