Just out of curiosity does anyone know if any android devices can be affected by a fork bomb sent via text or email?
It is Linux so I'm guessing it will be affected. Maybe it won't be like OMG but it will be some what affected.
If a text or email could execute a custom script on being received, there is probably a lot worse that it could do than a fork bomb... Might be possible to get two views to keep calling each other, in which case the bundle for that program will expand until it runs out of memory and android will kill the app. This is very much an app specific bug though, and isn't related to the "fork bomb" of a program making a new instance of itself.
I thought Android runs on the sandbox environment for applications, which means the app can't execute much permissions as compared to Windows.
Just my $0.02
Yes, the apps are sandboxed for the most part.
Now that I think on it, there is a launch flag to open a new instance of a program leaving any currently running ones alone, which could be used to make a forkbomb. In this case, it would not be stopped by memory as the earlier instances will shut down but the exponentially increasing new instances will keep going, probably making the phone unusable until a reboot.
This can only be done by compiling and launching a signed app though, no email client can do this unless it has a backdoor to trigger this code from itself or from a trojan-esque feature to download, install, and launch apps on its own. The user would be promted to ok the new app's permissions anyway, unless it uses and gets permission for root access.
Basically, forkbombs are possible, but not by email or text with stock or nonmalacious programs.
Task Management
If the script gained root access, it'd be just the same as on a Linux machine. But I believe the DalvikVM simply kills any apps/processes it needs to in order to keep the system running smoothly (in theory).
well it works...
https://github.com/nicandris/com.example.forkbomb
There are a few of these guides around, but I thought to write my own. Hope it will be helpful! I'll keep the most up-to-date version on my site.
Rooting Android: What Is it?
If you've heard about "rooting" your Android phone, and are confused by what exactly it does, or don't understand the instructions you found on an obscure forum or blog post somewhere, this guide might help you make sense of things.
What Is "Root"?
"Root" is the name of the default administrative user in Unix. The user named "root" can do absolutely anything: edit or delete any file, start or stop any system service, and also add, remove or change the privileges of other users, so that they, too, could perform the same operation.
So, user "root" can actually bestow administrative privileges on any Android user, including the default one you use normally on the phone.
When you buy an Android phone, it normally does not let you login as user "root".
What Can User "Root" Do?
Your phone is really a general-purpose hand-held computer. People have written apps for it that can do the things like this:
Turn it into a wireless internet router, connecting to your 3G/4G network on one end, and broadcasting a wifi hotspot on another. You can thus connect your laptop to the internet from anywhere. "Tethering," but without cables!
Lets you overwrite any of the Android system files, customizing it to your heart's content. This lets you customize the built-in fonts, colors, keyboards, etc.
Lets you install newer versions of Android, beyond what your phone's vendor has provided.
Why stop at standard Android? Because Android is an open source operating system, people have been able to modify it to add features far and beyond what Google has put in it, as well as offering better performance in some situations. With administrative privileges, you can just flash an entire new Android ROM to your phone. A very popular one is CynaogenMod, which is based on Android 2.3.
Install various networking servers and clients, such as QuickSSHd to allow logging in to your phone over the internet, or CifsManager, which lets you access Windows shared drives from your phone.
Who knows? People might think of new users for these hand-held computers, uses that would require full access to all features of the phone.
Why Won't My Phone Normally Let Me Login As "Root"?
First, for reliability -- as far as you're concerned.
Imagine if your phone automatically gave you administrative access. This means that any app you install can do anything it wants to it. Obviously, unacceptable.
An alternate solution is available in newer versions of Windows and other desktop operating systems, which require you to enter a special administrative password whenever a program is trying to access secure parts of your computer. This is annoying enough on a desktop computer: on a phone, it would again be unacceptable.
So, it makes sense -- for your sake -- to disallow any administrative privileges.
Second, for reliability -- as far the phone vendor is concerned.
A smartphone, unlike a PC, is an expensive consumer device with an explicit support contract. People normally and frequently return phones to the shop if they stop working properly, or call customer support to get assistance. There's a huge cost for the vendor to maintain this support network.
Think for a minute what would happen if any phone user could login as "root" and delete any system file: you would have broken phones everywhere, frustrated consumers, and clogged support networks. Indeed, "rooting" a phone pretty much voids your warranty as far the vendor is concerned.
I Understand the Risks and Am Willing to Void the Warranty, So Why Can't I Login As "Root"? It's My Phone!
Even if logging in as "root" were an advanced feature, hidden away somewhere in the menus with thousands of warnings about possible dangers, you can bet that many non-advanced users would find it. When their phone breaks, you bet they will be angry, and will not care that the warnings were there. As far as they would be concerned, this "root" thing is a feature of their phone, and if it can break the phone then it shouldn't even be there.
And there's a third party who has a business interest in denying you "root": the telecommunication carriers. Their business model is designed around typical consumer uses of the phone, and they do not want it to be too powerful. For example, a "rooted" phone can let you tether it to a laptop, so that your laptop gets its internet access. But, carriers typically sell special "laptop sticks" for that purpose specifically, and these usually are more expensive than phone plans, because they take into account the much heavier bandwidth that laptop users tend to use. If everybody could "root" their phone and tether it, this product -- and source of revenue -- would be irrelevant.
So, Phones Don't Come with a "Root" User?
Android is based on the Linux operating system, which requires the "root" user to function. It's there. However, the vendor has tried to hide all the normal ways to access it. The "root" user is there, it's just "locked."
What Is "Rooting"?
In the context of Android phone, rooting means more than just letting you log in as the "root" user: it means installing a set of tools so that any of your programs can access "root" when then need to and you allow them.
The result is that "rooted" phone works just like Windows, in that it will ask you for permission (but not a password) whenever an app is trying to get administrative privileges.
Fortunately, once you gain access to the "root" user, it's very easily to install a set of standard apps that let you implement this feature, specifically the Superuser app.
How Do I Root My Phone?
Nothing in software can be truly locked down, and hackers have found ways to get "root" access on any Android phone on the market. There are quite a few holes.
But, these methods vary a lot and are different per phone. It's easier on some phones than others. It's often risky, too, because a misstep could potentially "brick" your phone -- making it so that you cannot boot into Android. "Unbricking" is possible in some cases, but not in others. Take care!
Search the internet, and you will likely find various blog and forums posts with instructions for rooting your particular phone model.
This is not a guide for rooting your particular phone model. Instead, it is a general description of what rooting is and how it works. It can help you understand the rooting instructions you find.
Any Downsides?
Well, first of all, there is the risk of bricking your phone. You might want to make sure that someone you know with the same model phone as you have has used the method before. Or, read about it in the internet forums, and make sure that lots of other people have used this method successfully.
Also, you may void your warranty: of course, this would only happen if customer support looks closely at your phone and notices that it has been rooted. It's a good idea to look at these rooting guides to see if there is an easy way to un-root the phone, or at least return it to factory settings.
Finally, there's the issue of "firmware updates" coming from your carrier. Sometimes they will work fine with rooted phones (as long as custom Android ROM has not been installed on them), but depending on the rooting method it may mean that won't work fine anymore. "Not working fine" can mean that the upgrades simply won't run, but it can also mean that the upgrades would fail terribly and brick your phone. Generally, if you have rooted your phone and are getting an "Update Available, Do you want to download?" message from your carrier, don't just say "yes," instead check the forums to see the experience of other people with rooted phones with this update. Generally this problem seems rare, a result of a very poor upgrade package from the vendor -- the usual case is that the upgrade simply won't work.
Don't worry too much: with a rooted phone (and a good Recovery program, see below) you will likely be able to install the upgrade yourself, and possibly better upgrades to more advanced versions of Android than your vendor provides.
How Rooting Works
First, let's understand how the locking down happens.
Your phone actually has more than just Android installed on it. There are, at minimum, three and usually four "partitions" in which entirely different programs are installed. Android is just one of them.
The Boot Loader
The first partition has the boot loader, the very first program see when you turn on the phone normally. The boot loader's main job is simply to boot other partitions, and by default it just boots the Android partition, commonly called the ROM (described below). So, you don't really see the boot loader for very long.
However, all phones allow for a special way of turning them on -- for example, holding the volume up button while pressing the power on button -- that shows the boot loader menu.
When you're there, you can actually choose if you want to boot into the Android partition, or you can boot into the Recovery partition (described in detail below).
The interesting thing about the boot loader is that it is very, very simple. It has no mechanism for users and privileges. One way to look at it is that it always is "root," and in fact can't be anything else.
Sounds like a good place from which to unlock your phone! Unfortunately, most boot loaders are too simple.
One exception is the boot loader found in Google's Nexus phones, and in a few other developer-friendly phones. These boot loaders can actually communicate with a PC over USB, and support writing data to partitions ("flashing" them), as well as booting from them. With this feature, you can flash an unlocked Android ROM to the Android partition, and you're done! Well, the challenge is just to find such a ROM that works well with your phone...
Most phones don't have such a flexible boot loader. However, getting into the boot loader menu is important, because it lets you boot into the Recovery partition, detailed next.
The Recovery Partition
As its name can tell you, this partition is mostly for customer support: the Recovery program can be used to return the Android partition to its factory settings, which can solve a lot of problems with faulty phones, or phones that were infected by bad apps. It can also format the SD card partition.
Some Recovery programs can also install special phone upgrades from the SD card, that write directly to ("flash") the Android ROM partition. Obviously, free access for anyone would allow rooting, so vendors make sure that Recovery would only accept official upgrades. But, one way to root a phone would be for hackers to find a way to create such an "upgrade" that the Recovery program would accept.
There's quite a lot of variation in Recovery programs out there: every vendor has their own idea of which recovery features would be useful for their customer support team. Boot into yours and take a look! It's harmless, unless you actually choose one of the recovery options...
Like the boot loader, the Recovery program is always in "root". A hacked Recovery program could let you flash an unlocked Android ROM, or run any "upgrade" you like. So, in addition to just "recovering" an unusable phone, it can help you "recover" the "root" user that has been locked from you!
A good Recovery program is very useful for customizing your phone, beyond just rooting it. By far the most popular Recovery program is Clockwork Recovery, also called ClockworkMod.
Some rooting methods begin by finding a way to flash ClockworkMod to your Recovery partition, from which you can then run an "upgrade" that roots your phone. Other rooting method find another way in, but still recommend you flash ClockwordMod as soon as possible, because it's just so useful for customizers.
You will not find a homepage or an "official" way to download ClockwordMod: carriers obviously do not want you get have easy access to it. But, search around, and you will find one appropriate for your phone. The ROM Manager app can also flash it for you, assuming you are already rooted.
The SD Card
This is another partition, entirely for you. It is not protected in any way, and you have full access to reading and writing files on it.
For many phones, this partition does not exist unless you physically install an SD card. Some phones have a built-in SD card.
The Android ROM
Finally, the most important partition on your phone! When the boot loader starts the Linux operating system (the "kernel") that sits underneath Android, one of the first subsystems to come up is the security system. From then on, the "root" user will be used to start various user-level subsystems required for the phone to function.
Eventually, the default user will be started, and that will be used to run your apps: the status and notification bar that appears on the top of the screen, the settings manager, the virtual keyboards, etc. Finally you get the home launcher, from which you can launch all the other apps on your phone. None of these programs run as "root", so you are effectively locked from administrative privileges.
The Linux operating system can set security permissions per file. So, indeed large parts of this partition are restricted to be read-only by any user except "root". So, if you boot into Android, none of the apps you run will be able to change these system files. The rest of the partition is readable-and-writeable, and generally functions just like the SD card partition, though it's usually much smaller.
Of course, if you boot into Recovery instead, you will be able to write to these files, because you are "root" there. That's why ClockworkMod is so useful for rooting your phone!
Most Android apps run on yet another layer, a virtual machine called Dalvik, which is a heavily modified version of the Java virtual machine found on previous generations of cell phones, as well as on desktop computers, servers, and many other devices. Definitely, everything you install from an app store will run on Dalvik. Dalvik is a tightly controlled environment in which privileges are carefully controlled per program, beyond what the Linux operating system provides. Not only do apps not have administrative access to the phone, but they can be limited in access to wifi, cellular access, and your data.
Except... that Android does provide a way for apps to request administrative privileges. In locked phones, this is automatically and silently denied. However, the Superuser app can hook into these requests and let any app switch to the "root" user, from which they have full administrative access. A friendly dialog box will pop up, asking you if you want to give the app full permissions. Say yes, and there you go!
A phone in which the Superuser app is running properly is rooted.
Summary: Rooting Methods
The rooting instructions you find will likely be one of these, or a combination of these steps:
Phones with boot loaders that can be unlocked (such as Google's Nexus) will let you flash other partitions. You can flash a whole Android ROM that is already rooted, such as CynaogenMod, and you're done! Or, if you don't want to replace your entire Android ROM, you can flash ClockworkMod into the Recovery partition, and move from there to the next method.
Some rooting methods start with a hacked way to flash ClockworkMod into the Recovery partition. With ClockworkMod, you can run your own special "upgrade" from the SD card. This "upgrade" will vary a lot per phone model, but at the minimum it will involve installing the Superuser app. For some phones, it will modify a few Linux configuration settings to make sure that Superuser app can login as "root." Other, more heavily locked-down phone models might require replacing certain locked parts of Linux and the Android system, sometimes much of the Linux "kernel" itself.
Other rooting methods use the phone's existing Recovery program, but the hackers found a way to create an "upgrade" that can fool the Recovery program into believing it's official. From there on, it's identical to the previous step.
Some rooting methods start straight from Android. Hackers found a way to login as root while Android is running. Of course, logging in as root is not the same rooting, but once you are logged in as root you can run a similar "upgrade" as is used in the previous steps.
Need More Help?
Don't ask me, please! Seriously, I spent a lot of time writing this long article specifically so I would not have to keep answering questions about the process. There are many internet forums and bloggers that welcome questions from noobs. I've generally found the Android hacker community to be extremely generous and welcoming.
Happy rooting!
Nice - but clarification requested
I like the article as it answers some questions.
One thing I'm curious about - you seem to use the terms Recovery Partition and Recovery Program interchangeably. Is that your intent? I'm not trying to split hairs - I just want to understand. I would have expected booting into the recovery partition loads the recovery program.
Also, you talk about how vendors choose features of their recovery program. CWM is then a replacement for the vendor supplied recovery program, correct? If you root then install CWM, are you in effect replacing the recovery program after rooting (as opposed to forcing CWM to overwrite the existing recovery program via flash)?
Thx
Thanks!
A very useful guide for android beginners like me!
Sorry for the bump . This post deserves a thanks and a bump
Thanks! A very useful guide for beginner. I've forwarded this to my colleague who just switched from Windows to Android phone.
Much appreciation!
Thank you so much. I have just purchased a rooted phone & have a ton of questions. Have spent hours here tonight searching for basic info. Finally found this & it really helped this total "noob".
Thank you again.
thanks (very2 usefull) from iphone4 user
Good work..
Sent from my Galaxy Mini using xda-premium
Thanks. It helped very much
how to root sony xperia u
How to root sony xperia U..?
please give me detailed and simple procedure to follow...
i would also happy to know should i have pc drivers to run this rooting process..?
thanks
Thx for taking the time to write the article helped me understand a lot of things
I am a NOOB, but I like myself just fine. The video for NOOBs is funny, but IMHO, should be a bit more serious.
I'm one of those people experiencing issues with GPS and TTFF being excessively long on the MT. Cry.
If I run MyPhoneExplorer, I can see the system file structure, and I believe I can move files to the phone. I believe I can do the same with SwiFTP.
Can one drop replacement GPS libraries for example into the SYSTEM and SYSTEM/HW sub-directories using a program like MPE, or an FTP program like SwiFTP without rooting, and would they be honored on the next reboot?
Would I be mangling some check-sum or other that determines the integrity of the system loaded?
I'm one of those users that doesn't really want to root if not necessary, but I wonder if doing some mod like the above - would doing so lay subsequent update pushes from VMUSA to waste?
Also, I'd really like if possible to flag some programs not to load, unless I explicitly ask them to load via the U.I. with intent. I suppose I'd have to root to do something like that. Perhaps with Ginger-Break? Would doing this make subsequent updates problematic?
Any information regarding my constraints and options to effect both of the above would be very appreciated. Thanks.
There are ways to mount the various partitions from a host machine (e.g. Linux) while it is in the "emergency" flash mode, which would permit what you want to do. Doing this is quite dangerous - at least as much as rooting the device and perhaps more-so.
I appreciate the response.
OK, if I were to root via Gingerbreak and install the files that way, then un-root, would my system then appear to be (to an update provided by Motorola or VMUSA) as something which couldn't be updated?
In other-words would rooting put me on a path to having to use specially modified updates?
Thanks.
Depends on what you change.
In GENERAL no, the update will come through. The major risk is that it crashes on install as some part of what you changed is a dependency but is not reloaded. This is rare, but can happen.
So.... root, install Clockwork, and make an immediate Nandroid backup BEFORE you screw with anything. That SHOULD allow you to un-hose yourself if you get in trouble.
A Chairde
I am wondering if anyone can help me. I have heard there are Rooting methods on Android devices not involving third party software on the device, could you tell me what they are, and what phones support them. I have read the XDA Developers book, and the closest I have come is the Google Nexus phone on Chapter 8, Unlockable device, but still needs to load Busybox APK, and SuperUser binaries.
This question revolves around sound forensic techniques, I believe XRY load tools into RAM when using physical extraction.
Any help / pointers would be greatly appreciated
crumdub12 said:
A Chairde
I am wondering if anyone can help me. I have heard there are Rooting methods on Android devices not involving third party software on the device, could you tell me what they are, and what phones support them. I have read the XDA Developers book, and the closest I have come is the Google Nexus phone on Chapter 8, Unlockable device, but still needs to load Busybox APK, and SuperUser binaries.
This question revolves around sound forensic techniques, I believe XRY load tools into RAM when using physical extraction.
Any help / pointers would be greatly appreciated
Click to expand...
Click to collapse
By default, Android doesn't have the ability to substitute the current user for the root user, which is why the 'su' binary has to be installed. By adding a particular line to '/data/local.prop', you can trick the ADB into thinking it's communicating with an emulator, which would temporarily give the ADB elevated permissions, but most of the techniques needed to do so require other binaries that Android doesn't have by default, hence the need for Busybox.
XRY physical extraction, on the other hand, doesn't communicate with Android at all, so there are no "root" permissions to be gained. It relies more on very low level communication with the hardware itself and extracting raw data (i.e. ones and zeros). Highly specialized software would then be needed to translate that data into a more human readable format.
So, to answer your question...
As far as I'm aware, there is no way to achieve permanent "root" permissions on Android without (at the very minimum) installing the 'su' binary.
soupmagnet said:
By default, Android doesn't have the ability to substitute the current user for the root user, which is why the 'su' binary has to be installed. By adding a particular line to '/data/local.prop', you can trick the ADB into thinking it's communicating with an emulator, which would temporarily give the ADB elevated permissions, but most of the techniques needed to do so require other binaries that Android doesn't have by default, hence the need for Busybox.
XRY physical extraction, on the other hand, doesn't communicate with Android at all, so there are no "root" permissions to be gained. It relies more on very low level communication with the hardware itself and extracting raw data (i.e. ones and zeros). Highly specialized software would then be needed to translate that data into a more human readable format.
So, to answer your question...
As far as I'm aware, there is no way to achieve permanent "root" permissions on Android without (at the very minimum) installing the 'su' binary.
Click to expand...
Click to collapse
SoupMagnet,
You answered my question fully, you are a legend !!
How to restrict/block access to settings with adb and is it possible to do it with no root.If impossible (and only if impossible) with no root other no root alternatives would be appreciated.
I'm doing this bc everytime I restart my phone the third party apps that should block access to settings aren't started as yet so it leaves an opening for settings to be accessed.
I am a noob with adb so a little explanation would be very welcome.
Today is Monday said:
How to restrict/block access to settings with adb and is it possible to do it with no root.If impossible (and only if impossible) with no root other no root alternatives would be appreciated.
I'm doing this bc everytime I restart my phone the third party apps that should block access to settings aren't started as yet so it leaves an opening for settings to be accessed.
I am a noob with adb so a little explanation would be very welcome.
Click to expand...
Click to collapse
Probably not. If you want to control things on your device other than the things you have installed yourself, it almost always requires root. There are apps and tools that claim to be able to do things without root but they are not effective.
Droidriven said:
Probably not. If you want to control things on your device other than the things you have installed yourself, it almost always requires root. There are apps and tools that claim to be able to do things without root but they are not effective.
Click to expand...
Click to collapse
So disabling specific UI Buttons would also need root?
Today is Monday said:
So disabling specific UI Buttons would also need root?
Click to expand...
Click to collapse
It may or may not depend on which buttons you mean and on what you mean by disable, I suppose. But, generally, modifying the kinds of things you want to modify requires root because the things that need to be accessed and modified are in the system partition, the user has no control of system without root. Without root the user can generally only access, use, read/write/delete and modify things in the data or data/media partitions(userspace).
Droidriven said:
It may or may not depend on which buttons you mean and on what you mean by disable, I suppose. But, generally, modifying the kinds of things you want to modify requires root because the things that need to be accessed and modified are in the system partition, the user has no control of system without root. Without root the user can generally only access, use, read/write/delete and modify things in the data or data/media partitions(userspace).
Click to expand...
Click to collapse
Nvm the sheer no. of buttons that give access to settings make it that it would probably be better to disable the pull down feature altogether not even gonna mention the no. of the buttons outside the pull down feature.
Is there anyway without root to just make my phone inaccessible for 2-3 mins after it starts up so it can load the third party apps that block settings? I'm feeling pretty hopeless rn tbh.
Today is Monday said:
Nvm the sheer no. of buttons that give access to settings make it that it would probably be better to disable the pull down feature altogether not even gonna mention the no. of the buttons outside the pull down feature.
Is there anyway without root to just make my phone inaccessible for 2-3 mins after it starts up so it can load the third party apps that block settings? I'm feeling pretty hopeless rn tbh.
Click to expand...
Click to collapse
You've already been given the answer to that question. As stated, the things that need to be changed in order to get the result that you want, requires root.
Requires root
Requires root
Requires root
Again...
It requires root.
Why does it require root? Because you cannot access the system partition without root. The system apps are loaded first, then user apps are loaded during startup, therefore, the system apps will always beat the third party apps to the punch, unless you root the device and do something like modify parts of the system partition or add your third party apps to the system partition so that they load when the system loads during startup.
Droidriven said:
You've already been given the answer to that question. As stated, the things that need to be changed in order to get the result that you want, requires root.
Requires root
Requires root
Requires root
Again...
It requires root.
Why does it require root? Because you cannot access the system partition without root. The system apps are loaded first, then user apps are loaded during startup, therefore, the system apps will always beat the third party apps to the punch, unless you root the device and do something like modify parts of the system partition or add your third party apps to the system partition so that they load when the system loads during startup.
Click to expand...
Click to collapse
Thx for answering. Sorry if I annoyed you didn't mean to