However, even if we assume that the OS developer doesn’t thwart your restrictions on their own apps, the first-party apps still enjoy pride of place. There are more of them; they are preinstalled on your device, facilitate core mobile device features, require more permissions, and often lose core functions when those permissions are denied.
Mobile OSes also sandbox every application, forcing each to run in an isolated software environment, oblivious to other applications and the underlying operating system. This, too, benefits the OS vendor. Like the app permission settings, this functionality makes it harder for third parties to grab the same data the OS effortlessly ingests. The OS relies on its own background processes to obtain the most valuable data and walls off every other app from those processes.
Mobile Security Isn’t Designed With You in Mind
The most powerful mobile security control is the denial of root privileges to all applications and users (besides, again, the OS itself). While it goes a long way toward keeping the user’s data safe, it is just as effective at subjecting everything and everyone using the device to the dictates of the OS. The security advantage is undeniable: if your user account can’t use root, then any malware that compromises it can’t either.
By the same token, because you don’t have complete control over the OS, you are unable to reconfigure your device for privacy from the OS vendor.
I’m not disparaging any of these security controls. All of them reinforce the protection of your data. I’m saying that they are not done primarily for the user’s benefit; that is secondary.
Those of you familiar with my work might see the scroll bar near the bottom of this page and wonder why I haven’t mentioned Linux yet. The answer is that desktop operating systems, my preferred kind of Linux OS, benefit from their own examination. In a follow-up to this piece, I will discuss the paradox of desktop security and privacy.
