Why Google should make Android root access an official feature
The degree of freedom afforded to the user by nearly any Android device is almost unparalleled in the brief history of mobile devices. You are free to customize the user interface, run services in the background, and even replace system apps. Some of the most savvy users of Android have also taken to gaining root access on their devices for additional control. In fact, many users consider this an essential feature. However, most root methods we have are essentially a dangerous system exploit — a flaw in the software — and this has taken a toll on the community.
By building simple root tools, the Android developer community is doing its best to help you take control of your own device. Those tools are also available to the dark forces of the internet, though. There may be a way forward that reduces user frustration and increases security, but Google seems unlikely to go for it. What we need is an official and safe method for root access on Android.
When Google deploys a new version of Android, several powerful communities of dedicated Android modders begin pouring over the software looking for goodies. One thing everyone is on the lookout for is an exploit that can be used to gain root access. The same is true when an Android OEM puts out a prominent new device. The goal is to give the owners of Android phones and tablets complete control of their devices.
In most ways that matter, this is a good thing. You bought the phone, you should be able to access the hardware and software at the most basic level if that’s what you want. The difficulty comes when the tools developed to empower users are co-opted by malware authors. We sincerely wish this was a rare occurrence, but it seems to be an ongoing trend.
In 2011 there was the spectacularly embarrassing DroidDream outbreak in the Android Market. Dozens of apps were loaded with a community-developed root exploit called RageAgainstTheCage that was used to root unsuspecting devices, then steal sensitive information. DroidDream was eventually brought under control, but it does still float around the murkier parts of the net. Luckily, this exploit was patched in Android 2.2.2.
Just a few weeks ago another Android trojan, called RootSmart, has started popping up online (though happily not in the Play Store) using a newer Android root tool developed with good intentions. RootSmart uses the GingerBreak exploit to root phones silently and sign you up for expensive SMS services. GingerBreak works on Android 2.3.3 or earlier, as well as several versions of Honeycomb 3.x. This trojan is currently only circulating in Asia, but it shows the problem isn’t going away.
The current way of doing things is also resulting in some real annoyances for users that just want to truly own their devices. These root methods are technically a security hole, and it would be irresponsible for Google or the OEMs to leave them open to attack. New software is rolled out to patch the bug, but that just means the arms race will continue to escalate. You update, lose root, and then have to search for yet another method.
The update situation with Android is, as everyone knows, awful. So even when the Android platform is updated to patch known exploits, some of the most vulnerable users that just wanted a cheap smartphone could get left behind with insecure devices.