Should I root my Android phone

It is now possible, but it has not always been. Also, some applications had some limitations at the beginning. With root permissions, and with Link2SD, it is possible to move any application to an SD card.

Preinstalled/system apps (and updates of those apps) still cannot be moved without administrator rights.

As of today, it is less critical to be able to install programs on the SD card, as the internal memory is generally bigger than the memory of the first Android phones (dozens of gigabytes of memory compared to a couple). But considering that applications are getting always bigger (the Play Store changed the policies about sizes multiple times), it might good to be able to take advantage of SD cards.

Before Android 4, there was no way, without root permissions, to update certificates, and after Android 7, managing certificates got more complicated ^🗄️.

I still have an old Android 2.2 device, and if I did not have root permissions, I would be practically unable to visit any website or use any online service. As of today, most websites use HTTPS, and certificates expire and are released continuously.

Some browsers (Firefox and Firefox-based browsers like IceCatMobile ^🗄️ or Orfox), bring their own set of certificates. This reduces the need to update the certificates system-wide but does not eliminate it, as other programs rely on the certificates for creating secure connections too.

In Android, the saved WiFi password is normally not visible. Before Android 10 the saved wifi password was not accessible.

One needed to rely on third-party applications like My Wifi Paesswords, which need root permissions for accessing them.

Note that even if it is currently to see the Wi-Fi passwords, it seems not to be possible to enlist them all at once. So root permissions could make the operation of transcribing passwords more convenient.

It is possible to back up some data, but it is not possible to back up private data unless the application we want to back up offers an export or some synchronization functionality.

With root permissions, this is a non-issue. With programs like oandbackup, AppManager, or the much more famous Titanium Backup, it is possible to create an offline backup of all applications and of theirs settings.

Those backups can also be used for exporting/importing settings from one phone to another (some programs might not work correctly).

Without administrative rights, or a built-in backup functionality integrated into Android directly, there is not much one can do. Without root, as far as I know, the most complete solution is to use adb backup. Since applications need to opt-in to this mechanism, it is not that useful, as many programs have not been programmed accordingly.

Currently, it is possible to disable nearly all applications with adb. In previous versions of Android, not even this was possible (I remember older phones full of trial programs I could not remove), thus the situation improved dramatically.

Unfortunately, there are still non-essential applications that still cannot be disabled or removed.

It is possible to disable (some) preinstalled/system programs, but programs installed by the user can only be uninstalled from the phone.

With root permission, it is possible to disable installed programs too, without the need to use different users or a work profile as a workaround.

With adb it is possible to disable nearly all applications, but one needs to use a computer.

The interface provided by adb is not as intuitive; it shows the package name and not the application name and/or the icon.

With root, any application can be disabled or removed much more easily, for example with AppManager.

Currently, manufacturers are obliged to provide updates for a couple of years (at least in some countries). This does not mean a phone will get newer Android versions, just the security fixes.

But what happens after a couple of years?

Digital waste.

I continue to find it disturbing that for normal computers it is possible to be able to update the operating system, no matter what the manufacturers say. On "smart" devices, this is generally not possible. It is, for the consumer, from an ecological point of view and a security perspective, a huge step backward.

For those who develop, it is known that ideally release and debug variations of an application should behave the same, but in practice, they might work differently. On Android, it is normally not possible to access the private folder of a release program, while it is for a debug program. Being able to access the private folder provides, to some extent, better debug possibilities for narrowing errors down.

I mostly use Termux which has its binaries and thus does not need installing something like busybox system-wide. But from Termux, it is not possible to accomplish some operations, for example, access to adb is restricted.

Thus improving the default shell (which requires administrator rights), has its use cases.

There were different projects, like Debian Kit or Botbrew Basil, that permitted installing a Linux Distribution inside Android (thanks to chroot).

Granted, I could not find any up-to-date projects. I also think that Termux is normally more than enough, but considering that termux does not officially work with Android 10, some of those projects might get resurrected.

The most common alternative to editing /etc/hosts is using a "local" VPN. Unfortunately, solutions based on a VPN are not as good.

For example, only one VPN at a time can be executed, while it is possible to add multiple entries to /etc/hosts. A VPN is a separate running program, so it probably consumes more resources, decreases battery duration, etc., etc.

Common use cases are, at least on PC, server, and other devices where one normally has administrator rights:

There are workarounds for a missing firewall that can be configured by the user, a local VPN would work, but it is generally not as good.

A real firewall would take advantage of the features of the operating system (iptables), and not consume any resources. LineageOS, for example, has an integrated firewall, while a third-party alternative (that requires root) is AFWall+.

There are Battery Tool, SuperFreezZ, Battery Calibrator, Battery Charge Limit and probably many others.

They might not require administrative rights to work correctly, but some functionalities are available only with root permissions or work better with root permissions.

Notice that some devices might already have some advanced tooling for managing batteries.

Those can help to reduce resource usage and increase battery life. Or they might enhance some features, like adjusting the led brightness.

For some reason, on Android, the user cannot control which programs can start automatically.

On a PC, it is completely normal to be able to decide which programs start automatically and those that do not.

Autostarts gives the end-user the control of which program can start on which event, but it requires root permissions.

On some devices, it is not (or at least was not) possible to disable the startup and shutdown sound. With root permissions, it is mostly possible to replace the audio file, or modify some system settings and change the default behavior. As far as I know, on all current devices, it is possible to disable those sounds.

Custom ROMs give (or at least gave) the possibility to change the boot screen/animation ^🗄️.

This is in part fixed by launchers, that do not require root permissions. They make it possible, for example, to change icons on the home screen. But they cannot change the icons and/or colors of the settings menu or the top bar.

Also before Android 10, there had not been a black theme for a long time (I believe the previous version was Android 4 or 5).

The customization possibilities of Android Stock are still less powerful than those offered by cyanogenmod, which had an app with themes, unfortunately, more recent Android versions of LineageOs seems to be less customizable.

With root and applications like Substratum ^🗄️ it is possible to have more powerful theming capabilities.

I like having a restart button, but this is not present on all/most Android devices.

Some devices have the option for enabling such functionality (through the developer options), on other ROMs it is possible, with root permissions, to use an application like Simple Reboot.

Sometimes, apps are marked incompatible just because they weren’t made or tested for a specific device, or because they have some known "minor" bugs, but are otherwise usable.

The phone carrier or manufacturer could also blacklist programs.

With administrator privileges, it is possible to ignore those artificial limitations.

While Android (I guess) always supported tethering, some devices disabled it, because carriers required it.

With Barnacle Wifi Tether it was possible to enable this disabled functionality.

As of today, such a workaround should not be necessary anymore, as tethering has become an accepted practice.

Call recording does, unfortunately, not work reliably. With root permissions or by installing this program as a system app, the chances for this app to work correctly increase.

As already mentioned, devices are not always kept up-to-date by manufacturers, and after a couple of years, not even security updates are released for older devices.

Some applications can take advantage of the fact of being installed as a system application

Change the disk encryption password, as the default has known drawbacks.

A program like LibreTasks or tasker (which do not necessarily require administrative privileges) can help to automate tasks on the smartphone.

Unfortunately, some types of tasks, like changing system settings, must be done manually. Unless one has root access.

Another example would be Peace of Mind+ and PlugOffAirplane, both need root permissions for switching to airplane mode.

It is possible to change DNS settings on Android, but it is cumbersome and error-prone.

It is cumbersome because one has to manually enter it in each network connection (every Wi-Fi connection and the cellular connection).

It is error-prone because to change the Wi-Fi settings, one has to "Modify network", then toggle on the advanced options and change "IP settings" from DHCP to Static. Thus, one has to manually specify the phone’s IP address and other details.

There are alternatives for non-rooted devices, and those involve using a VPN, which is hardly a good solution but is less error-prone than editing every network by hand.

On rooted phones, it is possible to change only the DNS settings and leave everything else unchanged.

FLAG_SECURE ^🗄️ has been introduced in Android 4.2 and is a mechanism that an application can use to tell the operating system that the content it is showing is "confidential".

If one tries to make a screenshot, either the screenshot contains a black screen/window, or he gets a notification that "Taking screenshots isn’t allowed by the app".

Unfortunately, this feature is misused, and the user has no option to override it.

For different types of content, it happens often that not that I really want to make a screenshot of it, to have a copy/backup that does not depend on the application. Especially so if the content is important and I cannot lose it, I do not want to depend on the stability of an application. The chances that an image stops working are much lower, and it is also possible to use on other devices without the need for a separate program.

Of course, with a second device, it is possible to just take a picture.

If the second device happens to be a PC, it is possible with something like scrcpy, to mirror the phone screen on it, and take the screenshot from there, where such limitations are (not yet) implemented.

With root permissions, it is possible to tell the system to ignore such requests, and just take screenshots of everything, as the end user desires.

As far as I know, there is currently no method for disabling such settings for single applications (without patching the application), even with root permissions.

Never Android version limits access to the file system ^🗄️. For many programs, this is a non-issue.

But for file managers, file editors, viewers, and all those programs (and users) that want to work with files, it is a frustrating limitation.

Thanks to NoStorageRestrict, it is possible to remove this limitation.

With SDRemount, it is possible to access with write permission the SD card. The wiki also contains useful information for different Android versions.

Apparently, on some devices, the Mac address is not randomized by default (it should be since Android 10 ^🗄️), and it is not possible to change such behavior.

Thanks to MacRandomizationEnabler it is possible to change this setting.

The installation system of Android permits the user to upgrade programs, but not downgrade them.

This can be desirable if a newer version of the application removes some desired functionality, or introduces some bug.

Without root permission, one needs to uninstall the application, install an older version, and lose all settings.

Thanks to Let Me Downgrade, SimpleAppDowngrader and possibly other programs (and root permissions), it is possible to downgrade applications.

Note that the fact that it is possible to downgrade applications does not mean that after the process, the application will work as it worked before. The upgrade process might have changed some settings or data. As a general guideline, a backup is a more appropriate solution.

While random mac addresses have their use cases, so have fixed or user-defined mac addresses.

MACsposed gives the possibility to set a well-defined Mac address.

I’ve never used this feature ^🗄️, but it seems that an equivalent functionality will be available in Android 14 ^🗄️.

Just as the end-user cannot decide which programs are started automatically, it has little to no control over which processes are executed in the background and which are killed after some time.

A common workaround (not for the end user) is to add a notification and hope that Doze and Standby mode ^🗄️ won’t interfere with the program.

What’s worse is that different phone manufacturers might also implement different criteria and policies, making it difficult to ensure consistent behavior on different phones.

DozeOff (and possible other Battery Tools) can help the end user as they give him more control, instead of relying solely on heuristics.

BackgroundRestrictor manages the hidden RUN_IN_BACKGROUND permissions. This helps both to disable programs an end user does not want running in the background all the time and enable programs a user desires.

Wrong PIN Shutdown, as the name implies, shuts down the device after a given number of failed login attempts.

The Android app manager does its job well and has a clean interface, but for some tasks, it is very limited

For example, some permissions are hidden. Others are accessible from another Android menu.

It is also not possible to

There are alternative programs that can help to accomplish some tasks more easily, some do not require administrative privileges, but then tend to be limited too.

Some managers that can take advantage of root permissions for more advanced features:

I’m unsure when it happened, but Android used to have a task manager.

One could see which applications use most of the available memory and eventually stop them.

While ideally there is no need to kill processes, it is a great thing to be able to verify what is running on the device.

Not only because applications consume battery power and data, but also to assess that everything is working as expected.

Some applications, like WhatsApp, try very hard to be active in the background the whole time.

With root permissions, it is possible to freeze/disable the application, which also stops them, or to use a task manager.

One could use htop from Termux, which might not be very practical.

Otherwise battery related programs and tools for controlling background processes or alternate app managers often offer functionalities expected from a task manager.

Since Android 11 (and since Android 6 with updated Google Play Services), the operating systems take the liberty to reset application settings ^🗄️.

One can decide to disable such features, but there is no global flag.

Every single application needs to be configured manually.

It also seems that this is still not sufficient, as I am pretty sure that some applications lost their configuration even if I set them appropriately.

Maybe like Windows during an update Android resets some settings?

It does not matter that automatically removing permission after some time can increase the security of the device.

If I’ve configured a program in a certain way, I expect it to continue to work that way. It does not matter if I use the program once a month or every day.

There are better mechanisms (like disabling applications and controlling startup programs) for managing infrequently used programs.

In particular, silently removing permission does break workflows. For example, a password manager, without the appropriate permissions, will not be invoked. There is no way to read the permission on the fly.

Automated tasks also suffer from it, because without proper permission, they will not even be started.

Periodically having dialogs asking for permissions degrades the usability of the application, and the author of the program cannot do anything about it. For example, taking a quick picture (the app needs access to the camera) or answering a call (the app needs access to the microphone) might be actions we do not do daily but want to do quickly; even losing a couple of seconds can be critical.

But there is an even worse scenario. I have not granted some permissions to some applications, and they periodically ask me to change the settings (which is very annoying, but another issue). Since with Android 12, you are expected to periodically give permissions to applications, even those you have already granted, it becomes much easier to give by accident some permissions you did not want to.

TLDR; I have manually configured my device to function in a certain way, but according to some opaque rules, those settings are reverted periodically.

This is madness.

Fortunately, thanks to AppManager (with root permissions), it is possible to change the AUTO_REVOKE_PERMISSIONS_IF_UNUSED app-op for multiple application at once.

Click Menu › 1-Click Ops › Set mode for app ops…​ (the Menu is the button ⁝), insert AUTO_REVOKE_PERMISSIONS_IF_UNUSED for app ops, and select ignore for mode, click on Search, then apply.

Done. This will change the settings for all listed applications. At once!

Unfortunately, you’ll need to reapply the procedure if you update your applications.