There is no magic in root ------------------------- By Jerry Hildenbrand | Jul 19 2014 | 3:54 pm Removing some of the mystery of the superuser While reading around the Internet last week, I noticed several otherwise fine publications making a mistake that far too many people make — claiming that rooting your Android phone or tablet or watch (we cant forget the watches) will make things run better. Thats a trap that far too many people fall into, because having superuser access (root) on any Linux-based machine can allow you to do things that make your device better. It can also allow you to do things that make a device run worse, or even break everything and leave you with a pile of copper and silicon that wont ever do anything ever again. The old adage of with great power comes great responsibility really is true. But by itself, having superuser access does nothing. Everthing is a file In any Unix based operating system, whether its Ubuntu, or Android, or even OS X, you can safely say that everything is a file. When you plug a thumb drive into a USB port, one file gets read and another file gets created or populated. When you change the volume of sounds going out to your speakers, you change a file that gets read to tell the sound server how loud to be. This goes even deeper into the operating system. If you want to see how much battery you have left, you read a file that the kernel has written a value to. If you want to change the CPU governer, you guessed it, you write the new value to a file. You can see this for yourself right on your Android. Connect to a computer, open an ADB session and look at the /proc or /sys directory. This is a set of instructions being read by and written to by the kernel with information about your battery, your CPU, and all manner of nerdery thats happening behind the scenes when your Android is up and running. And if we can manipulate those files and folders, we can change stuff. Root is a user with permission to break things Because everything is a file, being able to make, delete or alter these files can have a dramatic effect on just about everything in your Android. Allowing a user to alter any files they dont own is never a good idea, so Android uses permissions to decide who can do what. No, not like the permissions you grant when you install an app. Were talking about permission to read, write or execute a file in the system. You might have bought your phone, but you arent the owner of system files and folders. Those belong to the system, and your stuff is in a different place where youre allowed to muck around with it. The system user is allowed to muck around, too, because it might need to make adjustments to stuff thats yours, because its stored on space thats theirs. This is how Unix-based permissions work. Your space gives you permission to do most anything, and it may give other users permission to do it all. In the space thats not yours, youre only allowed to look while the system user can do it all, because its their space. Thats where the root user comes in. It can do anything to any file or any folder on your Android. Or your Linux desktop. Or your iMac. Theres nowhere that root doesnt have full read, write and execute permissions. Root is allowed to delete your files. Root is allowed to say that your half empty battery is really full by lying and entering any value it wants in that file. Root is allowed to tell the CPU to never sleep or to never wake up, or run at any speed and voltage that is supported by the kernel. Root can do mundane tasks that everyone understands, as well as really technical things that are just a bunch of hexadecimal numbers when we try to peek and see what its doing. In other words, root is allowed to do things to make your Android run better, and do things that make your Android run worse. What root cant do is make any of these things happen by itself. Rooting your phone is simply saying that there is now a user who is allowed to do stuff that normal users cant do. You either need to enter commands while youre acting as root (through a terminal app or the ADB interface) or install applications or scripts that automate things and can run commands at intervals or through a GUI. When you use Root Explorer to monkey with system files, youre just sending file commands as root when you tap buttons. It seems like magic because you didnt have to do anything harder than install an app from Google Play. Nothing makes me cringe quite like seeing someone ask for an app to root their phone because they dont understand all this SDK and ADB stuff. Those are the users that the bad guys just freaking love, because they need people who will just click stuff so they can steal your bank password. And there are plenty of them out there. Because everything is a file, and root is allowed to do anything to any file anywhere on your Android, its simple to get sensitive information from a secure area and put it somewhere it can be sent back to some server on the other side of the world. All you have to do is tell it to happen, and hiding the commands to make it happen in a game you pirated from blackdroid is really easy. When you buy a new Android, root isnt enabled for your own good. Ive been doing this Unix-based thing for over 20 years, and I still screw up. Youll screw up if given the chance. We all will screw up because its so easy to screw up. Whats not easy is fixing it all. Because the people who build these Androids wont deliver software to reload things back to factory condition — the very best thing about Googles Nexus program — you cant just cry uncle and load everything fresh when you screw up and have a device thats not running, or runs fine but is insecure and youre sharing your lifes details with some guy in Estonia or Oregon. We dont have to like it, and we can do everything in our power to undo these precautions, but out-of-the-box your phone has no root because you cant be trusted with root. Remember, folks like HTC or Verizon have no idea if youre a careful user or one who gets click-happy. We all get treated as if were the click-happy type. Thanks, Obama. The middle ground (and in my opinion the best method) is when you can unlock the bootloader on your phone — after warnings that when you screw things up youre out of luck — and install any firmware you like. This is how Nexus devices and so-called developer-editions come from the factory. You can break it if you want to, and the manufacturer wont try to stop you — or care when you break it. I also think a bootloader unlock token should be provided when your device is paid-in-full, but thats another article for another time. Knowing how this sort of thing works is important. Not just to keep from breaking your new $600 phone, but to stay safe and secure while youre using it. Most importantly, be aware that rooting your phone only gives you permission to do something stupid, and never does anything by itself. m.androidcentral/there-no-magic-root
Posted on: Sat, 19 Jul 2014 22:33:39 +0000
Trending Topics
Recently Viewed Topics
© 2015