The problem with root enablers

Week5_Infographic_FINAL_600px

In this 4-part series you’ll learn why mobile security matters. We’ll explain common threats, debunk myths, and give you the tools to protect your phone and data — all while speaking a language you still understand. This is the final installment. Make sure to catch up on previous chapters in the series: mobile ransomware, spyware, adware.

You may have heard the term “rooting” thrown around. People root their phones, or get deeper control over the operating system of the phone, in order to do things like remove pre-loaded apps, change fonts and app icons, and more.

Problem is, if you don’t know what you’re doing, you might be getting yourself into some trouble.

What is rooting?

Gaining root access to your device gives you the freedom to make changes to the phone at the system level, allowing you to bypass any limitations set by manufacturers or mobile carriers.

Before you jump on the rooting bandwagon, however, you should know that rooting can leave your device and data vulnerable to attack.

Jailbreaking is the iOS-equivalent to rooting. It’s a little more complicated to accomplish, but can similarly leave devices insecure.

What is a root enabler?

Root enablers break the trust models of the device in order to root it. Users seek out these apps to help them achieve greater control over their phone. Once rooted, you gain privilege to all the files and directories on your device, meaning you can modify system settings, like sounds and boot animation, remove any unwanted apps that came pre-installed, the list goes on.

You see, root enablers include exploits that allow them to perform the action of rooting the device. Without these exploits, it would not be possible to circumvent any restrictions set by the manufacturer at the system level of the phone. In other words, rooting your device is achieved by exploiting a software flaw.

A note: While root enablers are largely downloaded at the desire of the user, they can also be used maliciously. In some instances, malware requires root privilege to a victim’s phone in order to carry out its nefarious duties. To achieve this, malware authors have been known to use root enablers to their advantage, leveraging publicly available exploits to perform the rooting function.

This was the case with multiple families of trojanized adware that we discovered in late 2015. Using exploits found in popular root enablers, the adware automatically roots the victim’s phone without their consent. Once rooted and installed as a system application, the malware is extremely challenging to remove, forcing the victim to tolerate obtrusive ads on their phone.

The reasons to avoid rooting

Gaining access to your phone’s system files and directories warrants you deep control over your phone. While you gain the power of customization, you also forego preset security measures put in place by the manufacturer. If you’re not skilled in the art of rooting, the risks can far outweigh the benefits.

Inconsistent software updates

Software updates happen regularly and often include fixes to critical security issues. When a vulnerability is discovered, OS- and app-updates allow developers to push patches to users. Heartbleed and Stagefright are two good examples of highly-concerning vulnerabilities that manufacturers and carriers rushed to plug. Once your device is rooted, however, you may no longer receive regular patch updates from your manufacturer or carrier. This means you’re more likely to be running vulnerable software at any given point in time.

In many cases, root enablers also require you to alter current security settings on your phone in order for the rooting process to work. If you’re a novice user, you may not know how to properly reinstate security settings after the rooting process.

Wasted warranty

A warranty is a guarantee that the product sold by the manufacturer will function properly and as stated. Rooting your phone involves tinkering with its original state. If you decided to get your hands dirty and replace a few engine parts here and there, would you expect your auto warranty to kick in when your car won’t start?

By gaining root access, you’re assuming responsibility and forfeiting any kind of warranty you once had on your phone.

Bricking your phone

While rooting a phone may seem simple — download a root enabler and voilà I have more customization — it can actually be quite cumbersome for an inexperienced user. The process of rooting your phone usually includes a list of procedures that’s not lacking in technical terms.

This is where people fall into trouble. They bite off more than they can chew and end up doing more damage than good. Gaining access to the files and directories on your phone gives you the power to change nearly everything on your device. One bad modification to a system file that is crucial to operation, however, could brick your device, rendering it useless.

How to stay safe

Avoid rooting your phone altogether. If you don’t have the technical know-how to properly secure a rooted phone, it’s probably best that you avoid it altogether.

Stick to native marketplaces. You may have heard of the term “sideloading” before. Sideloading is the act of downloading apps outside of the native app marketplaces like Google Play or the Apple App Store. While malware has made appearances in official stores, you’re much more likely to inadvertently download malware from third-party marketplaces, via drive-by downloads, or through phishing scams. In the case of malicious root enablers, this precaution could save you from being a victim of auto-rooting malware.

Take advantage of a mobile security app, like Lookout. It can alert you to root enablers, should you encounter one.

Screen Shot 2016-06-02 at 10.47.21 AM Screen Shot 2016-06-02 at 10.47.33 AM