Hi all,
According to you, is rooting your device or unlock its bootloader a way for making it less secure, more vulnerable to attacks ?
Is it a false idea or a real subject ?
iwanttoknow said:
Hi all,
According to you, is rooting your device or unlock its bootloader a way for making it less secure, more vulnerable to attacks ?
Is it a false idea or a real subject ?
Click to expand...
Click to collapse
Yes it definitely is less seure
IronRoo said:
Yes it definitely is less seure
Click to expand...
Click to collapse
Thanks for your reply.
Coud you please give us more details ?
Do you mean that it can be hacked ?
What device's components are less secure when the it's rooted ?
iwanttoknow said:
Thanks for your reply.
Coud you please give us more details ?
Do you mean that it can be hacked ?
What device's components are less secure when the it's rooted ?
Click to expand...
Click to collapse
Yes, basically everything is less secure. Eg
quote "By gaining root access, you get total control over the entire system. With the right skills and tools, you can read and modify almost any parameter on your device. This is the reason why some apps, as as SuperSU, require root access in order to work properly. However, this type of access is a double edged sword as with root access nothing is there to prevent malicious applications from wreaking havoc on your system: system files can be corrupted or deleted, personal information can be skimmed, and you could even soft brick your device."
https://www.androidpit.com/5-reasons-not-to-root-your-device
And possible even just having su binary installed is an issue, though it's not clear to me whether this has been confirmed, it seems precautionary to me, if it's just a LinageOS issue or more devices are vulnerable, however this weeks update to Linage OS is trying to address this. Anyhow the fix seems to have some extra benefits
https://lineageos.org/Changelog-9/
Also, just to be clear, you are still able to be hacked even if you are not rooted, but it's a whole lot more difficult.
iwanttoknow said:
Thanks for your reply.
Coud you please give us more details ?
Do you mean that it can be hacked ?
What device's components are less secure when the it's rooted ?
Click to expand...
Click to collapse
Also just to be a tad bit more correct in nature,
Rooting or unlocking your bootloader do NOT necessarily mean your device is any less secure than it is when you first turn it on after purchase.
Many people tend to misunderstand what rooting a phone is intended for, and most of the popular "One-Click" methods are simple apps you download install and run on your phone to acquire root access through a process called "Privlidge Escalation" which gains permission as root by simply climbing a chain that eventually lets it give you access to all your phones internals,
Thus in theory, any given app could be injected with that same code & then used to MALICIOUSLY root your device (without your knowledge or control) which would obviously be a MAJOR security flaw *Cough Cough* on Google's end *Cough Cough* but since it is generally only used by geeks who want to use a phone properly they don't look too much deeper past that. However rooting your device by yourself, unlocking your bootloader by yourself, controlling root permissions via SuperSU or like application ensures if anything TRIES to gain root access YOU being the owner of YOUR device can deny the possible threat instead of never being aware of it........
Thanks for your reply.
What is *Cough Cough* ?
BTW I understand that a malicious application can take control of my device without I know it, if it's not rooted, by using the same code as applications rooting your device.
Do I have well understood what you wrote ?
But how can I have the insurance that I always will be warned by an application like SuperSU or others ?
I have necessarily to TRUST this type of application which could be also a malicious application...
It's a veritable vicious circle.
?
The question you should be asking yourself is this. Why do I want to root my device?
Though, any device may have vulnerabilities which can be exploited to gain root like mentioned. If you want to keep your device secure, do not install or use anything from an unknown source.
samehb said:
The question you should be asking yourself is this. Why do I want to root my device?
Click to expand...
Click to collapse
My main raison to root my device (if I did), would be to have a finest control on it.
But it's seems to be a difficult goal... like security in general.
?
iwanttoknow said:
My main raison to root my device (if I did), would be to have a finest control on it.
But it's seems to be a difficult goal... like security in general.
?
Click to expand...
Click to collapse
SuperSU will automatically deny anything asking it to provide root access by default . When you have an app for rooted phones installed and you run it for the first time you will get a pop-up from the SuperSU app to say "Yes, go ahead" or "No!" to anything before it even runs. So for me I always try to get devices with a way to root available because its the only way I know if stuff is trying to gain root access without my permission & watch it's actions.
@LilAnt530
Thanks for your reply.
My previous device was rooted and I used SuperSU.
But as I wrote before, "how can I have the insurance that I always will be warned by an application like SuperSU or others ?
I have necessarily to TRUST this type of application which could be also a malicious application..."
iwanttoknow said:
@LilAnt530
Thanks for your reply.
My previous device was rooted and I used SuperSU.
But as I wrote before, "how can I have the insurance that I always will be warned by an application like SuperSU or others ?
I have necessarily to TRUST this type of application which could be also a malicious application..."
Click to expand...
Click to collapse
Oh okay dude apologies the Open Source alternative to SuperSU is Phh's SuperUser & you can find it in the magisk related forum. SuperUser is only questioned as "Malicious" because ChainFire keeps the source closed from what I understand, so I believe it was Phusssion who came to light abt showing us systemless root methods with his open source root management app . You may need to root your phone with an unsafe method, & install Magisk Manager & deploy a magisk install to get the open source variant to work though, not 100% sure
It seems that it will be more and more difficult to root a mobile with new Android's versions.
iwanttoknow said:
It seems that it will be more and more difficult to root a mobile with new Android's versions.
Click to expand...
Click to collapse
I agree! And it also feels like its becoming a very heavy marketing plot aspect instead of another thing that made Android great. Like are we just supposed to pay ridiculously for the Pixel to obtain root? & for the record, that "Essential" phone, is still sorta essentially too expensive......
iwanttoknow said:
@LilAnt530
Thanks for your reply.
My previous device was rooted and I used SuperSU.
But as I wrote before, "how can I have the insurance that I always will be warned by an application like SuperSU or others ?
I have necessarily to TRUST this type of application which could be also a malicious application..."
Click to expand...
Click to collapse
Phh superuser with Magisk is a 100% open source method for managing root access on your device
Also discussed there: https://forum.xda-developers.com/showthread.php?t=2687933
Primokorn said:
Also discussed there: https://forum.xda-developers.com/showthread.php?t=2687933
Click to expand...
Click to collapse
Thanks I was trying to find one of those lol. As ive seen this question asked hundreds of times within recent months across forums
iwanttoknow said:
Hi all,
According to you, is rooting your device or unlock its bootloader a way for making it less secure, more vulnerable to attacks ?
Is it a false idea or a real subject ?
Click to expand...
Click to collapse
Rooting is a way to access the root-user on Android. It is the exact same as logging in as the root user in UNIX based operating systems. The windows equivalent of 'root' user, is an administrator account. Only difference is, within other UNIX based operating systems, the root user account is easily accessible. In android, it is blocked, so you need to do some process to gain access to the root user account. This process is known as "rooting".
Now, with administrative privileges, you gain the ability to modify the system, which is very useful, if kept in the right hands. But GOD FORBID, you get some nasty malware, such as a trojan or virus on your rooted device, that piece of malware now has access to administrative privileges, and can virtually do ANYTHING it wants to your system.
If you get some malware while the device does not have root access, the scenario is a lot less serious, as the malware cannot access system files, UNLESS there is an exploit designed SPECIFICALLY for that device or software version.
Now, unlocking bootloader in theory is a security flaw.... but then again, freedom is always inversely proportional to security... you have to sacrifice a bit of one to acquire the other. Theoretically, if all the custom operating systems you install are from trusted sources, and there is no embedded backdoors or spyware, or rootkits, or trojans, it is perfectly alright, software vulnerabilities, it is alright. But you simply cannot trust what these developers of custom roms actually embed into their roms, without actually examining the code itself.
I would recommend if you root and unlock the bootloader, install a custom recovery software such as TWRP. That way, in case your device gets compromised by hackers/malware, you can completely reformat the drive, and flash the stock firmware, thereby removing the malware.
Hope this helps.
Hope this helps.
---------- Post added at 09:31 AM ---------- Previous post was at 09:28 AM ----------
iwanttoknow said:
It seems that it will be more and more difficult to root a mobile with new Android's versions.
Click to expand...
Click to collapse
Yes, but the difficulty isn't because of the operating system necessarily. It is mostly because the phone manufacturers lock the bootloader, which makes the process of getting root very difficult. In addition to that, certain exploits that we use to gain root access are also being patched in the newer Android versions.
BIG_BADASS said:
Rooting is a way to access the root-user on Android. It is the exact same as logging in as the root user in UNIX based operating systems. The windows equivalent of 'root' user, is an administrator account. Only difference is, within other UNIX based operating systems, the root user account is easily accessible. In android, it is blocked, so you need to do some process to gain access to the root user account. This process is known as "rooting".
Now, with administrative privileges, you gain the ability to modify the system, which is very useful, if kept in the right hands. But GOD FORBID, you get some nasty malware, such as a trojan or virus on your rooted device, that piece of malware now has access to administrative privileges, and can virtually do ANYTHING it wants to your system.
If you get some malware while the device does not have root access, the scenario is a lot less serious, as the malware cannot access system files, UNLESS there is an exploit designed SPECIFICALLY for that device or software version.
Now, unlocking bootloader in theory is a security flaw.... but then again, freedom is always inversely proportional to security... you have to sacrifice a bit of one to acquire the other. Theoretically, if all the custom operating systems you install are from trusted sources, and there is no embedded backdoors or spyware, or rootkits, or trojans, it is perfectly alright, software vulnerabilities, it is alright. But you simply cannot trust what these developers of custom roms actually embed into their roms, without actually examining the code itself.
I would recommend if you root and unlock the bootloader, install a custom recovery software such as TWRP. That way, in case your device gets compromised by hackers/malware, you can completely reformat the drive, and flash the stock firmware, thereby removing the malware.
Hope this helps.
Hope this helps.
---------- Post added at 09:31 AM ---------- Previous post was at 09:28 AM ----------
Yes, but the difficulty isn't because of the operating system necessarily. It is mostly because the phone manufacturers lock the bootloader, which makes the process of getting root very difficult. In addition to that, certain exploits that we use to gain root access are also being patched in the newer Android versions.
Click to expand...
Click to collapse
Thanks a lot for your detailed answer.
If you need security, just root and install supersu or magisk.
If you have xposed framework, then try a nice fire wall like Xprivacy
As far as I can tell both SuperSU and Magisk are trusted and reliable, people wouldn't be using them, if they were untrustworthy. And I agree with Big's comments, freedom and ability to manipulate what you want in the device comes with a significant security issue. You are going to have to be careful about this either way.
Related
Hi,
I hope this isnt a stupid question. I tried searching first but can't seem to find this exact question. From my understanding, by Rooting a device, I provide myself with Root access to modify system files and scripts.
My question is, in theory, just like in any other linux, if I was to get root access (SU) and modify system files (for example the wpa_supplicant fix) and then unroot, shouldnt it keep my rooted changes when I am out of the superuser?
So, what I am asking is, "Is it possible to Root my xoom, make a few quick fixes like the WPA_supplicant and the SD card driver, and then unroot, keeping the changes persistent, but not the rooting? Or, am I misunderstanding a fundamental principal?
I'm not 100% sure why you would want to unroot. If there are other changes that need to be made in the future to the device, you would need to run root scripts again and it adds steps to the process - Adding greater complexity, greater complexity = greater risk.
In theory your changes should stay, because you only need to root permissions when actually writing to that part of the filesystem and as long as it is not something that needs to be reapplied on boot - it should be able to so what it needs to do.
the reason is because, in theory, it wouldnt look "rooted" so if I need service, it should pass the test...
also, I thought that it would allow the updates to still come in...
would these things not be affected?
ethanpil said:
the reason is because, in theory, it wouldnt look "rooted" so if I need service, it should pass the test...
also, I thought that it would allow the updates to still come in...
would these things not be affected?
Click to expand...
Click to collapse
Updates definetly won't. Happen if the file structure has bee modified. Regardless of root. Also, before you send it in for service, any tech you talk to will have you factory reset it fist. So it wouldt matter.
Sent from my SPH-D700 using XDA Premium App
I am not sure if it has been asked before, but I want to understand the root process, not a specific phone root. I want to understand how it works. Can someone point me to a primer or any sites that at least discuss the generalities of root? Thanks in advance
hongning said:
I am not sure if it has been asked before, but I want to understand the root process, not a specific phone root. I want to understand how it works. Can someone point me to a primer or any sites that at least discuss the generalities of root? Thanks in advance
Click to expand...
Click to collapse
Maybe this post will help
The general approach is taking advantage of bugs in the android OS
The process works something like this
User crafts some special data that contains a "payload" (the script/executable that we want to run)
User runs a system process that has root privileges and gets it to open the special data
The bug causes the system process to get confused by the data, and ends up running the embedded script
The embedded script runs with the same privileges as the system process, and thus can stuff that normal users aren't allowed to do (e.g. installs the SU app)
I can't post any outside links in this forum area but if you google for how root works you'll get heaps of good results.
Ok so theres this security exploit or 4 actually that mainly involve sideloading a specially designed apk called quadroot, i assume that you already have an idea what this is if you're reading this if not then google it. I read that alot of the time root access exploits are found by finding apps that have root access and exploiting them to install su to the system partition. In this case you could potentially create your own. So my question is why isn't this being persued as a viable option? Pleas let the people who know what their talking about speak and if you have no legitimate knowledge of your own (im talking google cut paste) then just syfm please.
that-squirrel said:
Ok so theres this security exploit or 4 actually that mainly involve sideloading a specially designed apk called quadroot, i assume that you already have an idea what this is if you're reading this if not then google it. I read that alot of the time root access exploits are found by finding apps that have root access and exploiting them to install su to the system partition. In this case you could potentially create your own. So my question is why isn't this being persued as a viable option? Pleas let the people who know what their talking about speak and if you have no legitimate knowledge of your own (im talking google cut paste) then just syfm please.
Click to expand...
Click to collapse
Interesting. Will look into it. Will update if I find anything.
*UPDATE*
Checked it out. Useless because we still have locked bootloader. We need SYSTEMLESS root. Anything besides that is useless.
I was under the impression that the bootloader being locked only pertains to trying to install unsigned images, the method used for rooting mm in the same manner as lp would require a modified boot.img and no one has a working system image dump for mm being the reason no one can modify the boot.img. if a app was designed to escalate root access to install super su to the system partition and gain root access that way even temporary we could copy the entire system and make a permanent solution.
Is there an elegant way to disable the ability of a smartphone user to install and uninstall applications?
We have the following situation. Our company purchased smartphones for employees so that they communicate with customers on corporate phones, rather than by personal ones. All they need is a telephone connection, the Viber and corporate mail. As a system administrator, I want to configure the devices for these sevices only. If I make a rooting of the smartphones, can I make some changes that disable ability to install and uninstall apps from files and Google Play? And will I be able to easily turn this ability back on in the future to install some application for user?
Smartphone's model Lenovo A Plus, Android version 5.1.
One way would be to remove package installer app from system partition. I am not sure though, just give it a try
naagdevta said:
One way would be to remove package installer app from system partition. I am not sure though, just give it a try
Click to expand...
Click to collapse
Thank you for answer! I must say, I'm new to android, although I have experience in administering FreeBSD (both systems are unix-like). Can you give me a resource from which I could learn about administering and tweaking android?
yurybx said:
Thank you for answer! I must say, I'm new to android, although I have experience in administering FreeBSD (both systems are unix-like). Can you give me a resource from which I could learn about administering and tweaking android?
Click to expand...
Click to collapse
https://forum.xda-developers.com/go...urce-guides-info-threads-linked-read-t2784527
These guides are mostly for nexus 5 but once you go through them you will get a fair idea about everything. Then you can search things for your specific device model.
naagdevta said:
https://forum.xda-developers.com/go...urce-guides-info-threads-linked-read-t2784527
These guides are mostly for nexus 5 but once you go through them you will get a fair idea about everything. Then you can search things for your specific device model.
Click to expand...
Click to collapse
Thank you very much!
I began to get acquainted with the process of obtaining root-access, and was surprised when I found out that there are no standard unix files "passwd" and "master.passwd" in the android. This means that I can not set a password for root-access, and the user will be free to use root-access. How to solve this problem? Maybe I need a custom firmware or a special app? But which one exactly?
yurybx said:
I began to get acquainted with the process of obtaining root-access, and was surprised when I found out that there are no standard unix files "passwd" and "master.passwd" in the android. This means that I can not set a password for root-access, and the user will be free to use root-access. How to solve this problem? Maybe I need a custom firmware or a special app? But which one exactly?
Click to expand...
Click to collapse
Supersu or magisk, they get automatically installed when you flash their zip file from custom recovery to root the phone. But not all phones have custom recovery or firmware. Mostly it depends on popularity of device, if your phone is popular many developers would be working on it.
naagdevta said:
Supersu or magisk, they get automatically installed when you flash their zip file from custom recovery to root the phone. But not all phones have custom recovery or firmware. Mostly it depends on popularity of device, if your phone is popular many developers would be working on it.
Click to expand...
Click to collapse
I managed to block the ability to install and uninstall programs by disabling the packageinstaller and daemon installd. Thank you for suggestion!
Hello, is there a way to root the phone where everything works now (Bluetooth, Face ID, etc.)?
I would very much like to see this answered. I've seen some application-specific instructions such as this reddit thread for enabling Samsung Health, and I've read about hiding the fact that the phone is rooted from apps by using MagiskHide, but it's not clear whether this works for all apps and features or just some. There's also this recently updated guide to rooting that claims:
Magisk is a highly advanced way of rooting android systemless-ly. This means that Magisk root android without changing or modifying the system partition. Hence you can receive OTA updates, run apps that require to pass Google’s SafetyNet tests.
Click to expand...
Click to collapse
However, many hacks that sound good when you read about them in advance run into snags and gotchas once you actually get into implementing them, and I'm hesitant to just give it a try and see how it works out when tripping Knox is irreversible and if things stop working you can't get them back by flashing the stock ROM.
I'd be grateful if anyone who has actual experience on this subject could vouch for being able to re-enable all lost functionality after rooting or to not lose it in the first place, or whether even some lost functionality can be enabled (and if so, what have you been able to get working and what haven't you? I don't know about OP, but to me the most important ones are Secure Folder and Samsung Health).
Also, does anyone have experience with retaining Knox-sensitive functionality on rooted S9 Exynos with Android 11 (either rooting after upgrading to 11, or rooting first and retaining root when upgrading)?
@bis225
IMO noone needs Magisk to root a device's Android. Rooting Android means having the SU-binary present on Android - a ~100KB file - nothing else. Copying SU-binary onto Android allows you to temporariy give you root access when needed.
jwoegerbauer said:
@bis225
IMO noone needs Magisk to root a device's Android. Rooting Android means having the SU-binary present on Android - a ~100KB file - nothing else. Copying SU-binary onto Android allows you to temporariy give you root access when needed.
Click to expand...
Click to collapse
I'm not sure I understand what you're saying. Are you telling me that you can simply copy the file onto an unrooted phone, and voila, you can gain root access?? Can you point to information about what to do and how this works? It runs contrary to everything I've ever read on the subject.
To the best of my understanding, in order to install su binary unto an unrooted phone you need to install a custom recovery, and use that to flash the su binary onto the phone. I thought the idea of Magisk was to provide root access without modifying system files so that SafetyNet can't detect that the system has been modified. Unless I'm missing something there's no disadvantage to rooting with Magisk, only advantages, but regardless, I don't see how it makes a difference with respect to this topic. Installing a custom recovery is what trips Knox and prevents some features and apps from working, so it doesn't really matter what root method you use if you have to use a custom recovery to install it.
If you know of a way to root a Galaxy S9 without using a custom recovery or tripping Knox and that can't be detected by SafetyNet, please elaborate.
Rooting Android simply means to add a ( hidden ) user called root ( AKA super-user ) who has ALL rights to Android's file system.
For example from within ADB you activate this user and let run him any command what requires to have ALL rights - assumed the SU-binary is located in /sdcard
Code:
adb shell "/sdcard/su -c '<command-here>'"
AFAIK Magisk installs the SU-binary in /data/adb/magisk/busybox, but I may err.
@jwoegerbauer
But I didn't ask what rooting means. Unfortunately, this doesn't answer any of my questions.
I think I clearly expressed that neither a Custom Revovery nor Magisk itself is needed to have root, that simply copying SU-binary to Android's user-space is enough.
If you want to root via Magisk then do it.
Personally never would do it this way.
jwoegerbauer said:
I think I clearly expressed that neither a Custom Revovery nor Magisk itself is needed to have root, that simply copying SU-binary to Android's user-space is enough.
If you want to root via Magisk then do it.
Personally never would do it this way.
Click to expand...
Click to collapse
This really seems contrary to everything I've read, and this Stack Exchange thread specifically explains why that wouldn't work, but if you say you have experience with this and it works for you, I'm certainly willing to give it a try and see how far it gets me. Do you know where a copy of the su binary can be obtained? All my searches for su binary lead to the supersu APK and instructions for installing it by flashing, or something along those lines. I can't find an su executable that can just be copied to internal storage as-is anywhere.