So in my last post I wrote about third-party 2FA authenticators and why every site that requires or provides 2FA should be required to support them. In this post I want to discuss how and why rooting of mobile devices must be a right.
In setting up Aegis authenticator on my device, once it is installed I then add 2FA for various sites I use. At the present moment there are two sites I use somewhat often that are registered with Aegis and a few others that I use seldomly.
The easiest way to set up a site’s 2FA to work with Aegis is to simply scan the QR code with Aegis that the site provides. Then you enter an initial OTP to verify.
But what happens if your mobile device which has Aegis installed is lost or damaged? OK, when you initially set up 2FA on a site it should provide you with a list of backup codes that you can use in the event that you’re unable to use the authenticator. These backup codes enable you to log on to the site and then, if necessary, disable 2FA or switch 2FA to another device.
But there’s another failsafe that is easy to use and very convenient. If you’re phone is rooted and you have Titanium Backup installed and Nearby Share configured on multiple devices, then you can select the option in Titanium Backup to “Send latest backup…” The Send Latest Backup feature has an option to send the latest backup as “App+Data (easy import)”.
As the name suggests, this will send the app along with the data of the app to a device of your choosing. The import process is initiated on the sending device and must be accepted on the receiving device. Once accepted on the receiving device, if Titanium Backup is also installed and that device and it is also rooted, then the app + data will automatically be installed on it.
This is a great way to back up Aegis and make sure that you have it an a secondary device. This is also obviously a very useful way to have a functioning backup copy of any other mobile app with which you have data associated – for example an e-mail client, web browser, etc.
Now imagine that you do not have root on your devices. You cannot do any of this. No backing up and restoring apps with Titanium Backup. No ability to send and install an app along with its data to another device. On devices that you ostensibly own. That you paid for. That is not right.
Dipshit employees at different companies will claim that this is for security. That allowing root is a huge security issue. But that is total bullshit. If that were the case there wouldn’t be any apps on desktop computers, all of which essentially allow root on them. But obviously people do things like run point-of-sale applications on desktop computers for their businesses. People conduct thousands of dollars worth of transactions via their desktop computers.
The reason for the BS claims about rooted phones being too insecure is for other reasons. They’re lying and as usual they want to rip you off.
Leave a Reply
You must be logged in to post a comment.