Rooting a phone doesn't give all apps root access. You still need to approve each app.

At the level of running apps, yes. But unless I'm way behind on my rooting tech, all of the usual methods leave the phone in a state where anyone who connects it to a computer via USB can access everything on it. AFAIK, Android has gotten way better at having phones with the stock OS locked down hard, with signed bootloaders, OS level encryption keys stored in secure media, etc, and rooting blows that all away.

> Android has gotten way better at having phones with the stock OS locked down hard

eeeeerm, no. It didn't get better at all. It basically wiped out a vibrant 3rd party android development culture by making it extremely hard for them.

Not sure what you mean there. I'm saying that one is a necessary consequence of the other. If you want to have your phone really locked down tight such that it won't give up everything to anyone who connects a USB cable to it and has a few clever tools, it's inevitably going to be tough to do things like load third-party ROMs and root the phone. And it's going to be really tough to do any of those things and also maintain that security against hostile physical access.

Did you install a custom bootloader to load your ROM and root apps? Cool, but as a consequence of that, anyone who connects a USB cable to your phone can get into anything in it. Does it supposedly have security? Wanna bet the quality of any security in a homemade app vs Google's best efforts?

Isn't no root a giant scam for not allowing you to actually own your device?

All arguments have multiple sides to them.