I am taking a chance here by discussing a topic such as this, and in particular taking the stance that I am taking. So, with that in mind, let’s just get down to business.
As is usually the case with these sorts of things, we’ll start off with a disclaimer or two. Most importantly you must realize that these are my opinions and observations, and some of them might be wrong. Please feel free to let me know if you disagree with anything I say. Keep in mind also that I am not saying that rooting your device does not have its benefits, but rather that one must be careful. Now that that is out of the way…
So, you just got your fancy new G1 or MyTouch 3G (or whatever other device you happened to get) and you’ve been reading about all of the cool things that you can do with it… but there is a catch. You have to “root” your device in order to do these cool things. So, of course, you hop online, find a tutorial (or even better, the so-called “1-Click Root” method) and proceed to root your device. To your surprise, it has been made so easy by now that it worked perfectly on the first try. Congratulations.
Now, in a perfect world, every user who has gone through this process knows exactly what they are doing and, even more importantly, how to keep their device and the information within and connected to it safe afterward.
But the reality is we don’t live in a perfect world and I see new Android users every day who choose to root first and ask questions later. That is, they decide that they want or need to root their device before truly knowing what that entails.
However, I can’t really put all of the blame on the users at this point because I know that there are a lot of (really great) tutorials out there for rooting, and I know that not all of them put enough emphasis on the seriousness of it all. Some flat out fail to make it clear that you are compromising the security of your device when you root it. It is as if they make assumptions about the technical level of the reader, and we all know what happens when you assume.
Accordingly, it always concerns me when rooting guides are placed right alongside beginner tutorials. To the reader, this implies that rooting is a beginner process, and that all beginners should do it. To that I would have to disagree. In fact, there are some users that simply should not do it.
To fully explain why I think not all users should root I have to jump out of the “root” discussion for a while, but I hope it will help to make my point.
How many times have you been perusing the Android Market and seen an application or game that you wanted to download? Countless, right?
How many times have you gone to download that application or game, been presented with a list of requested permissions, and seen things like Full Internet, GPS Location, Read Contacts, etc… Do you ever think “Hmm, why would a game like Asteroids or “Insert Game Name Here” require access to these things?” Do you ever install anyway? Don’t be afraid to say yes… I have done it too.
The fact is the majority of users simply don’t pay enough attention to the permissions requested by Android applications.
The fact that the Market tells us what types of things a given application wants to do is totally awesome, but it isn’t enough. Unless the user takes this information and makes an informed decision, there is little point to this security measure. As soon as you grant these rights to an application, there is little you can do to stop them taking all of your Contacts information (for example) sending it up to their server and doing with it what they please. I am sure that your mother wouldn’t appreciate whatever repercussions this might have (spam, telemarketing calls, junk mail, etc…).
And take for example another type of app. The kind that may have the best of intentions, but the worst of implementations. Believe it or not, developers do make mistakes. Sometimes a developer chooses to use a protocol that they think is secure but isn’t. Or maybe they choose to use a single sign on for all users, and then leave in the debugging code that prints that sign-on information to the console. Suppose also that this well-meaning application also offers an option to remotely wipe your phone. What happens when someone figures out how to spoof information (they probably already have) and send it to the server and invoke a wipe of your data without you knowing it?
Basically, what I am saying is that even non-root applications can be harmful to the overly trusting user. With that being said, we’ll head back to the discussion of root access for applications.
So, with root-enabled Android applications we see all of the same potential for misuse that we see in regular Android applications and then add on a whole new level of potential. Why? Because root access circumvents the security restrictions that are put in place by the Android OS and there is not really any effective way to tell just what the application intends to do with that power.
Sure, most (if not all) modified firmware releases include the Super User application by Koushik Dutta, or a variant of it, but is that enough? Similarly to the user account control message in Windows or other similar programs in other operation systems, this app only tells when an application requests Super User access. It does not (can not?) tell us what the application intends to do with that access.
How many times have we (yes, I have done it too) granted “Always Allow” access to an application without fully knowing exactly what the app was going to do? How can we tell exactly? Most of us can’t, so we rely on what other users tell us, or we trust the developer. But, of course, that is not always reliable.
In many cases, but not all, these applications are open source so we can look at the source code to assess the risk. Then again, with an open source application, there is a greater possibility of coming across a modified version. Even if you only allow access once, your phone could be ruined.
But what exactly might a malicious root application do? Basically anything. In a little brainstorming session with a friend we came up with a wide variety of evil things that a root-enabled application could do.
- replace the Gmail application with a modified version
- replace your keyboard with a version that logs keystrokes
- delete files such as applications or application data
- download and attempt to install a different modified ROM
- download and install another application that wakes up nightly to call toll-numbers
- gain access to your Market account and make purchases on your behalf
- and the list goes on…
Luckily, we haven’t yet seen anything like these. Hopefully, we never will.
If you are now thinking, “Man, that stuff is scary…” then I am already starting to feel better. It is the user, who recognizes the potential misuse and keeps it in mind when using these applications, that will be better able to protect their device and information.
Do your research. Learn about an application and the developer before trusting them. As a precaution, don’t use “Always Allow” in the Super User application, though that will not protect you against a one-time attack.
Ideally, we wouldn’t have a need to “root” our devices for some of the things that we are rooting for.
Case in point, I’d guess that a large portion of users root because they want to apply a theme. If Android were to natively support themeing, that might reduce the number of people rooting. Some people are rooting because there are optimizations added to make the phone run faster. Perhaps some of those optimizations could be contributed to the Android Open Source Project and included in official builds. In the case of the G1, where storage is extremely limited, we are rooting so we can store apps on the SD Card, or so that we can continue to receive updates to the OS.
In the effort of full disclosure, I have two Android devices, a T-Mobile G1 and a Google Ion ( HTC Magic), and both of them are rooted. I rooted my G1 when I first got it so that I could install applications to my SD Card. I will not claim to have known exactly what I was doing at that time and I am pretty sure that I don’t now. For months I used my Ion without rooting, and only did recently to try out the “1-Click Root” method. Otherwise, I’d be pretty happy plodding along without root on my phone.
I am sure that there are a few readers who might be wondering what brought on this post? To be honest, it really comes down to an observation that a lot of new Android users have the impression that in order for your Android device to be “functional” it must have root. And while I wouldn’t normally see that as a problem, we are beginning to see more users who don’t fully understand the whole root concept and as Android continues to gain momentum, the likelihood of an attack grows.