Odds are that you have a smartphone. Smartphones are ubiquitous today and most of us have one. And some have more than one. But odds are that if you have a smartphone, you’ve heard the expressions “jailbreaking your phone” or “rooting your phone”. Both expressions describe the same thing, just the former expression tends to be used when speaking of Apple products, whereas the latter refers to Android phones.
And that’s what we are going to look at in this post: rooting your Android phone. What is rooting? And what are the security risks that come with rooting your Android phone?
What is rooting?
When you purchase a new smartphone, it comes preloaded with an operating system and some apps. But it also comes with technical locks (software) that limit what you can do with your phone. Things like adding custom themes and accessing and modifying certain files and directories within the phone’s file system are not permitted. To do these things, you would need root access to the phone’s entire file system. Hence the term, rooting.
In a Linux-based operating system like Android, the root user is the administrator with the highest level of privileges and access.
When using a smartphone, you’re actually logged into its operating system as an unprivileged user. An unprivileged user doesn’t have zero privileges, as the name might seem to imply. I would say it’s very much analogous to using your company-supplied laptop at work. When you’re logged in, you have access to what you need, but there are likely a bunch of directories and files that you can’t access. In order to access them, you need escalated privileges. And in order to access the entire file system, you need root privileges.
That, in a nutshell, is what rooting does. It gives you root access to your phone’s file system.
How do you root your phone?
Rooting is done by reverse engineering parts of the operating system’s code and then scanning them for vulnerabilities that allow access to the device. Once access is secured, code is deployed on the device that enables the existing (unprivileged) user to obtain escalated privileges, in this case, root privileges. This is essentially a privilege escalation attack, but without the malevolent actor. You do it to yourself, and for your own benefit.
Of course, I don’t know how to do that. And if you gave me an Android phone tethered to a Linux laptop to root it, I’d probably just end up putting on my finest black hat (for fun) and then transferring a couple of photos onto the phone before calling it day.
But that’s OK because you can download software to your computer that will root your USB-connected phone for you. These are typically provided by groups of enthusiast security researchers who know what they’re doing. You still need to follow the not-so-easy instructions, which typically involve pressing certain button sequences on the phone at specific times during the process. And you still need to trust the developers of your rooting software, as the process will be pretty opaque to most.
And that brings me to my next point.
What are the security risks of rooting your phone?
Being an unprivileged user – though it may not sound very cool – has one huge benefit: it protects you from yourself.
So as an unprivileged user, a lot of risky behavior is simply not possible:
Want to access protected directories and files? Nope.
Want to modify system files? Can’t do it.
And in an unrooted state, all of the apps on your phone are sandboxed. This means they can only exchange legitimate data between each other (as determined by the OS) and that they’re locked out of sensitive areas of your file system.
Rooting your phone removes the above restrictions and gives you full access to and full control over your smartphone. And while we like having access to and control over things, there are risks. Let’s look at a few.
Bricking your phone
This risk has to do with the process of rooting your phone. As I mentioned above, rooting your phone is done by following a set of instructions that likely aren’t the easiest you’ve seen. These instructions vary by device and the version of Android they’re running.
Many times you need to press certain buttons when a specific prompt appears on-screen. And then release certain buttons after counting to 10. Things like that. But the point is that if you mess up those sequences during the rooting process, there’s a good chance you’ll end up bricking your phone.
A bricked phone is a phone that has been rendered unresponsive and that’s unusable. A bit like a brick.
So that’s the first risk. But it’s not the only way rooting can brick your phone, as we’ll see a bit later.
Voiding your warranty
While jailbreaking and rooting are legal, phone manufacturers try to discourage the practice as much as possible. One way they achieve that is by voiding your warranty if your phone is rooted – and that’s legal too.
What does that imply? It means that if you take your phone in to get serviced by your manufacturer in a rooted state, they have the right to refuse to service your device. They may well still do it, but they’re under no obligation to do so if your phone is rooted.
However, rooting your phone is a software modification. Your phone’s hardware remains unchanged. That means that you can undo the process at any time, by simply restoring your phone to its factory settings. Of course the age-old adage of “make a backup first” applies here. But the point is that you can easily unroot your device to have it serviced, most of the time.
I say “most of the time” because there is a caveat. Some Samsung phones have a security module called Knox. Knox’s main purpose is to enforce separation between personal user data and business user data on the phone. But Knox can also detect how many times your firmware has been flashed. So Samsung may be able to detect that your phone has been rooted, even though you brought it into the shop unrooted.
So it’s hard to predict whether or not your phone manufacturer will consider your warranty as being void, but there’s a real risk.
Installing malicious software
On Android, you’re always free to download third-party apps from wherever you want. The practice is discouraged by Google, of course, because of the security risk. But it’s always been possible.
Now that you’ve rooted your phone, if a malicious app finds itself on your phone, it’s like a kid in a candy store.
Rooting your phone escalates your user’s privileges to root privileges. So the malware you just installed on your rooted phone isn’t going to be sandboxed. It will have access to your entire file system. And the havoc it could wreak on your smartphone is huge.
This is the biggest risk you run in rooting your Android phone if you ask me.
Messing up your file system
Root access also means that you can modify every single file on your phone’s file system. Any file, from your contacts list to critical system files.
If you don’t know exactly what you’re doing and you modify system files, you could end up breaking some of your phone’s functionality or end up with performance issues, or both.
And, worst-case scenario, you could end up bricking your phone. And once bricked, usually, your only option is to restore your phone to factory settings. Forgot to make a backup? You’re pretty much out of luck.
Do the advantages of rooting outweigh the disadvantages?
While there may be some good reasons for rooting your Android smartphone, they’re assorted with a few risks.
If there’s a third-party app that you really want that requires root access to work properly (and such third-party apps, like firewalls, can actually enhance your phone’s security – if you know what you’re doing), or if you’re tech-savvy and want to mess around with the system files on your phone to understand how they work, it may be worth the risk of rooting your phone. I’ll let you be the judge of that. Just go in knowing what you’re getting yourself into.
If, on the other hand, you feel no need to install any third-party apps or to modify any system files, or if you just don’t have the technical knowledge to fully understand what rooting your phone implies, then there’s really no reason for you to root your phone. In such a case, an unrooted phone with the manufacturer’s technical locks still in place will provide you with more security than the firewall app you downloaded off some random website.
All of the risks we talked about are all related to user behavior, i.e. what you do with your phone. So while rooting a smartphone isn’t rocket science, you do need to know what you’re doing. If not, you could end up with an expensive and useless paperweight – and who uses paper anymore?