I think you are far too literal, instead of looking at the big picture.
I mean, Windows doesn't even have a default privileged user named "root", does that mean that the Sony BMG rootkit was not a rootkit, because, traditionally, that's the name applied to stuff that gave access to the root account on a unixoid system? If all you cared about was etymological purity, you certainly could make that argument.
Now, what does "access to a computer" mean? What does "otherwise not allowed" mean? What does "remote access" mean? What does "code execution" mean? What does "hiding" mean?
Does the average user actually know that there is a component on their phone that reports to google whether they have tinkered with it? Is it advertised to them that that is the case? What would it take in your mind to qualify as "hiding"? And mind you, traditional, unixy, rootkits aren't necessarily undetectable either, not even on the running system.
Suppose there were some mandatory software installed on your phone that allowed some other party to control which telephone numbers you are allowed to call. Is that "remote access"? I mean, it's obviously giving someone remote control over what your phone will do, or refuse to do. What would it take in your mind to qualify as "remote access"? Would that necessarily require code execution? And if so, what does "code execution" actually mean? Is a javascript interpreter you can load code into (aka a web browser) "code execution"? Or is it not because it's in a sandbox? But then, what if the phone has a hypervisor, and the "rootkit" only gives you root access to the linux kernel running on top of that hypervisor ... that's also kindof a sandbox, so that doesn't qualify as a rootkit either? Or does it?
Suppose you were to ask people "do you want to have software installed on your phone that reports to third parties whether you have tinkered with your phone?" ... how many people do you think would say "yes"? If it's installed on the phones of people who would answer "no" to this question, wouldn't that qualify as "access [...] that would not otherwise be allowed"? How would you justify that as authorized use of the phone? Or would you?
What distinguishes spyware from rootkits is exactly that spyware just exfiltrates data, whily rootkits allow some sort of control of the system (but also, the distinction isn't always all that clear-cut).
Now, you might argue that google's component is just spyware (and you kindof did) ... but that's again missing the big picture, because the whole point of this spyware obviously is to control what the user can do with their device, even if part of that mechanism then is technically implemented by a third party and/or on a remote server.
> This utility is most similar to the function called by desktop software installers that check to see if you have enough disk space, so the installer can choose to abort based on the result.
That shows that you are completely missing the point: This is about power structures, not about technical implementation details. You might as well be arguing that a gun is most similar to a computer case, because they are both made from metal, in a discussion about whether someone holding a gun to your head is comparable to someone threatening to hit you with a baseball bat.
I mean, Windows doesn't even have a default privileged user named "root", does that mean that the Sony BMG rootkit was not a rootkit, because, traditionally, that's the name applied to stuff that gave access to the root account on a unixoid system? If all you cared about was etymological purity, you certainly could make that argument.
Now, what does "access to a computer" mean? What does "otherwise not allowed" mean? What does "remote access" mean? What does "code execution" mean? What does "hiding" mean?
Does the average user actually know that there is a component on their phone that reports to google whether they have tinkered with it? Is it advertised to them that that is the case? What would it take in your mind to qualify as "hiding"? And mind you, traditional, unixy, rootkits aren't necessarily undetectable either, not even on the running system.
Suppose there were some mandatory software installed on your phone that allowed some other party to control which telephone numbers you are allowed to call. Is that "remote access"? I mean, it's obviously giving someone remote control over what your phone will do, or refuse to do. What would it take in your mind to qualify as "remote access"? Would that necessarily require code execution? And if so, what does "code execution" actually mean? Is a javascript interpreter you can load code into (aka a web browser) "code execution"? Or is it not because it's in a sandbox? But then, what if the phone has a hypervisor, and the "rootkit" only gives you root access to the linux kernel running on top of that hypervisor ... that's also kindof a sandbox, so that doesn't qualify as a rootkit either? Or does it?
Suppose you were to ask people "do you want to have software installed on your phone that reports to third parties whether you have tinkered with your phone?" ... how many people do you think would say "yes"? If it's installed on the phones of people who would answer "no" to this question, wouldn't that qualify as "access [...] that would not otherwise be allowed"? How would you justify that as authorized use of the phone? Or would you?
What distinguishes spyware from rootkits is exactly that spyware just exfiltrates data, whily rootkits allow some sort of control of the system (but also, the distinction isn't always all that clear-cut).
Now, you might argue that google's component is just spyware (and you kindof did) ... but that's again missing the big picture, because the whole point of this spyware obviously is to control what the user can do with their device, even if part of that mechanism then is technically implemented by a third party and/or on a remote server.
> This utility is most similar to the function called by desktop software installers that check to see if you have enough disk space, so the installer can choose to abort based on the result.
That shows that you are completely missing the point: This is about power structures, not about technical implementation details. You might as well be arguing that a gun is most similar to a computer case, because they are both made from metal, in a discussion about whether someone holding a gun to your head is comparable to someone threatening to hit you with a baseball bat.