To root or not to root?
Discussion
130R said:
So I guess you went through every line of code in each app you granted access to su ..
There are serious security implications in rooting your phone, anyone that says otherwise is misinformed.
A counterpoint, perhaps..There are serious security implications in rooting your phone, anyone that says otherwise is misinformed.
I know when you install an app on Play Store it tells you what the app is going to access, and things like Privacy Guard can be used to deny access to things (e.g. contacts, messages, etc), but what happens when you have an app that has a legitimate purpose that also has an illegitimate one?
For example - some kind of Better Contacts app could have legitimate need to access your contacts, and that request would be granted by anyone installing it (since that's its supposed purpose). Behind the scenes though this app could collect your contact details and transmit them to a web server somewhere, silently and transparently.
Granted root permissions let apps have access to see and do things that are quite a bit more damaging, but I don't necessarily think the argument is as black and white as "root = bad" and "unrooted = safe". It's safer, sure, but it's not safe. As far as I'm aware any app has the potential to leak information maliciously.
Durzel said:
As far as I'm aware any app has the potential to leak information maliciously.
Yes but you increase your exposure to malicious applications when you root, for example an app could steal credentials from other apps since it is no longer running in a sandbox. So your point about the potential for apps to do things more damaging is the one to be aware of. Even if you have a totally legitimate app that you give root access to it could have a security flaw in it which if exploited then gives the attacker root access.I'm not saying "don't root your phone" but most people that do probably don't have a clue what is possible with a RAT.
Durzel said:
A counterpoint, perhaps..
I know when you install an app on Play Store it tells you what the app is going to access, and things like Privacy Guard can be used to deny access to things (e.g. contacts, messages, etc), but what happens when you have an app that has a legitimate purpose that also has an illegitimate one?
For example - some kind of Better Contacts app could have legitimate need to access your contacts, and that request would be granted by anyone installing it (since that's its supposed purpose). Behind the scenes though this app could collect your contact details and transmit them to a web server somewhere, silently and transparently.
Granted root permissions let apps have access to see and do things that are quite a bit more damaging, but I don't necessarily think the argument is as black and white as "root = bad" and "unrooted = safe". It's safer, sure, but it's not safe. As far as I'm aware any app has the potential to leak information maliciously.
No it isn't black and white - you do up to a point need to trust any app you install not to be malicious. However at least with an un-rooted phone you can see the permissions it is requesting so you can at least make an educated decision.I know when you install an app on Play Store it tells you what the app is going to access, and things like Privacy Guard can be used to deny access to things (e.g. contacts, messages, etc), but what happens when you have an app that has a legitimate purpose that also has an illegitimate one?
For example - some kind of Better Contacts app could have legitimate need to access your contacts, and that request would be granted by anyone installing it (since that's its supposed purpose). Behind the scenes though this app could collect your contact details and transmit them to a web server somewhere, silently and transparently.
Granted root permissions let apps have access to see and do things that are quite a bit more damaging, but I don't necessarily think the argument is as black and white as "root = bad" and "unrooted = safe". It's safer, sure, but it's not safe. As far as I'm aware any app has the potential to leak information maliciously.
If you root your phone then you essentially give any app any permission to do what the hell it wants, without asking you first.
Those things could be:
- Downloading all sorts of things in the background without your knowledge
- Install a key logger to log your PIN, email login details, bank details etc...
Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff