0
3

[–] spiritfiend 0 points 3 points (+3|-0) ago 

It's certainly possible that a custom rom developer can insert malicious code, but it's also possible that the manufacturer or carrier could do the same. It's just a risk that you could choose to take.

0
2

[–] Daed 0 points 2 points (+2|-0) ago 

Unfortunately, with your limited knowledge of code, you lose access to one of the only ways to be sure that the code you're running is "safe." However, even if you could be sure that the OS you're running is secure, you still are vulnerable to exploits in the hardware or the software. Pretty much everything can be backdoored or exploited from the CPU to Tindr. It's a calculated risk. But there are a number of things that can put your mind to rest. Since ROMs are a "power user" thing, a lot of experienced people interact, develop, and debug these ROMs on an almost daily basis and the internet loves controversy. I could almost guarantee that anything malicious put into these ROMs would be found almost immediately and posted all over XDA, reddit, voat, 4chan, Android Police, etc. It's just not worth it. Another thing is, as much as you value your data, it's just not worth much to other people. Your contact list? Maybe, just maybe, someone could sell it for a few cents to spammers. But that's not a lot of profit for a ton of work. TBH, the only thing you really could make money off that you could get from someone phone would be, maybe, a Netflix account or Paypal account.

Furthermore, even if you couldn't trust the custom ROMs, there isn't much trust in the original software with carriers installing whatever apps they get handed from the highest bidder or, if you're paranoid enough, the NSA having intercepted hardware to backdoor it.

My thought is, if you are worried about this kind of stuff, just don't use a smartphone, it's the only way to be 100% sure it's not happening to you and it's super unfortunate. I hate that people have to be suspicious of the technology that should be making their life better. So you just have to live with the possibility of a "hole" in your phone and just hope you are not interesting enough to get "picked" to have your data stolen.

0
1

[–] lawofchaos 0 points 1 point (+1|-0) ago 

SlimRom is a well established custom rom and I don't think I have ever come across any news of suspicions regarding it. I haven't come across any news like this about any custom roms but people are paranoid about this kind of thing, more so now then ever. It is open source so if there was something dodgy in it's code you would have heard all about it by now.

I doubt your stock rom is open source (maybe I'm wrong) and in that case it is actually far less trustworthy then SlimRom. Nice choice by the way, if you get around to installing it I'm sure you'll be happy that you made the change.

0
0

[–] nearly-evil ago 

It is all open source, so you can look at the code and see for yourself. While almost no one ever does this the guys/teams who make the custom roms frequently look at others work and even share bits and pieces. Perhaps it is misguided but I am far more trusting of the open source community then I am of and corporate backed closed source software.