There is no magic in root



Remvoing some of the mystery of the superuser
While reading around the Internet last week, I noticed several otherwise fine publications making a mistake that far too many people make — claiming that rooting your Android phone or tablet or watch (we can't forget the watches) will make things run better.
That's a trap that far too many people fall into, because having superuser access (root) on any Linux-based machine can allow you to do things that make your device better. It can also allow you to do things that make a device run worse, or even break everything and leave you with a pile of copper and silicon that won't ever do anything ever again. The old adage of "with great power comes great responsibility" really is true.
But by itself, having superuser access does nothing.
Everything is a file
In any Unix based operating system, whether it's Ubuntu, or Android, or even OS X, you can safely say that everything is a file. When you plug a thumb drive into a USB port, one file gets read and another file gets created or populated. When you change the volume of sounds going out to your speakers, you change a file that gets read to tell the sound server how loud to be. This goes even deeper into the operating system. If you want to see how much battery you have left, you read a file that the kernel has written a value to. If you want to change the CPU governer, you guessed it, you write the new value to a file.
You can see this for yourself right on your Android. Connect to a computer, open an ADB session and look at the /proc or /sys directory. This is a set of "instructions" being read by and written to by the kernel with information about your battery, your CPU, and all manner of nerdery that's happening behind the scenes when your Android is up and running. And if we can manipulate those files and folders, we can change stuff.
Root is a user with permission to break things
Because everything is a file, being able to make, delete or alter these files can have a dramatic effect on just about everything in your Android. Allowing a user to alter any files they don't own is never a good idea, so Android uses permissions to decide who can do what. No, not like the permissions you grant when you install an app. We're talking about permission to read, write or execute a file in the system.
You might have bought your phone, but you aren't the owner of system files and folders. Those belong to the system, and your "stuff" is in a different place where you're allowed to muck around with it. The system user is allowed to muck around, too, because it might need to make adjustments to stuff that's yours, because it's stored on space that's theirs. This is how Unix-based permissions work. Your space gives you permission to do most anything, and it may give other users permission to do it all. In the space that's not yours, you're only allowed to look while the system user can do it all, because it's their space.
That's where the root user comes in. It can do anything to any file or any folder on your Android. Or your Linux desktop. Or your iMac. There's nowhere that root doesn't have full read, write and execute permissions. Root is allowed to delete your files. Root is allowed to say that your half empty battery is really full by lying and entering any value it wants in that file. Root is allowed to tell the CPU to never sleep or to never wake up, or run at any speed and voltage that is supported by the kernel. Root can do mundane tasks that everyone understands, as well as really technical things that are just a bunch of hexadecimal numbers when we try to peek and see what it's doing.
In other words, root is allowed to do things to make your Android run better, and do things that make your Android run worse.
What root can't do is make any of these things happen by itself. Rooting your phone is simply saying that there is now a user who is allowed to do stuff that normal users can't do. You either need to enter commands while you're acting as root (through a terminal app or the ADB interface) or install applications or scripts that automate things and can run commands at intervals or through a GUI. When you use Root Explorer to monkey with system files, you're just sending file commands as root when you tap buttons. It seems like magic because you didn't have to do anything harder than install an app from Google Play.
The security factor
Nothing makes me cringe quite like seeing someone ask for an app to root their phone because they don't understand all this SDK and ADB stuff. Those are the users that the bad guys just freaking love, because they need people who will just click stuff so they can steal your bank password. And there are plenty of them out there.
Because everything is a file, and root is allowed to do anything to any file anywhere on your Android, it's simple to get sensitive information from a secure area and put it somewhere it can be sent back to some server on the other side of the world. All you have to do is tell it to happen, and hiding the commands to make it happen in a game you pirated from blackdroid is really easy.
When you buy a new Android, root isn't enabled for your own good. I've been doing this Unix-based thing for over 20 years, and I still screw up. You'll screw up if given the chance. We all will screw up because it's so easy to screw up. What's not easy is fixing it all. Because the people who build these Androids won't deliver software to reload things back to factory condition — the very best thing about Google's Nexus program — you can't just cry uncle and load everything fresh when you screw up and have a device that's not running, or runs fine but is insecure and you're sharing your life's details with some guy in Estonia or Oregon.
We don't have to like it, and we can do everything in our power to undo these precautions, but out-of-the-box your phone has no root because you can't be trusted with root. Remember, folks like HTC or Verizon have no idea if you're a careful user or one who gets click-happy. We all get treated as if we're the click-happy type. Thanks, Obama.
The middle ground (and in my opinion the best method) is when you can unlock the bootloader on your phone — after warnings that when you screw things up you're out of luck — and install any firmware you like. This is how Nexus devices and so-called developer-editions come from the factory. You can break it if you want to, and the manufacturer won't try to stop you — or care when you break it. I also think a bootloader unlock token should be provided when you're device is paid-in-full, but that's another article for another time.
Knowing how this sort of thing works is important. Not just to keep from breaking your new $600 phone, but to stay safe and secure while you're using it. Most importantly, be aware that rooting your phone only gives you permission to do something stupid, and never does anything by itself.
Editorialandroid rootandroid hackingeditorial

No comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...