This is only true with an embarrassingly coarse threat model.
Yes, every avenue that allows a user access in theory allows a hacker possible access. But the entire point of security is to create access that is as close to seamless for the user and as close to impermeable for the hacker as possible.
Think of the physical world. We secure a literal bank vault against thieves, customers and even employees with different threat and access models while officers and executives retain “root” access.
If you simply use an access and threat model that treats the user as a hacker, it’s both lazy and undermines the basic purpose of security. It’s just encasing the bank vault door in concrete.
But I don’t think you even realize what you’re arguing - you’re not advocating that nobody gets root access. You’re advocating that the phone or OS maker gets root access while the user does not. You really are saying we can’t own our phones rather than than we can’t secure them.
This is only true with an embarrassingly coarse threat model.
Yes, every avenue that allows a user access in theory allows a hacker possible access. But the entire point of security is to create access that is as close to seamless for the user and as close to impermeable for the hacker as possible.
Think of the physical world. We secure a literal bank vault against thieves, customers and even employees with different threat and access models while officers and executives retain “root” access.
If you simply use an access and threat model that treats the user as a hacker, it’s both lazy and undermines the basic purpose of security. It’s just encasing the bank vault door in concrete.
But I don’t think you even realize what you’re arguing - you’re not advocating that nobody gets root access. You’re advocating that the phone or OS maker gets root access while the user does not. You really are saying we can’t own our phones rather than than we can’t secure them.