Would Easier Rooting Make Android Phones More Secure?

By Stephen Schenck | December 20, 2010 5:21 PM

We post a lot here about rooting your Android phone, and updates to the various custom ROMs that are available. When you think of rooting and all the possibilities for modification it opens up to your phone, do you see yourself as benefiting from security risks? An Android engineer thinks so, and calls for a way to let users have root access without the security problems both leading to and stemming from the rooting process.

With the exception of phones like Google’s Nexus series, most smartphones go to some lengths to keep you from running the system code of your choice. When you do gain root access to one, you do so by exploiting a bug in Android; in a fully-secure system, you wouldn’t be able to gain root without the root password. Developers are always working to eliminate Android bugs, but that means they’re working at the same time to prevent users from rooting their handsets against the manufacturer’s wishes.

Android Security Team member Nick Kralevich thinks there can be a better solution, if manufacturers recognized that users do want the ability to modify their phones and will attack any obstacles put in their way. He proposes that there can be some kind of middle ground, where manufacturers and carriers keep enough control over phones to prevent app piracy or code that causes undue network congestion, while still giving users access to the operating system, including the ability to install alternate system ROMs.

The logistics of Kralevich’s suggestion are a bit tricky, possibly requiring new phone hardware in the form of a secure co-processor, but the real impediment is the will of manufacturers and carriers. Unless they could be convinced that they can give up a good deal of control over how consumers use their smartphones without risking negative attention from network engineers and app developers, they’re not likely to break from what they know to work.

Would you be more likely to buy a phone that allowed you to easily root and change ROMs, do you really not care, or do you figure that it doesn’t matter since eventually someone will find a security hole, letting you root it anyway?

Source: Android Developers Blog

via: Droid Life

This post has been tagged with:
Related to this post
Here’s Why You Should Avoid Rooting Your Android Phone
Here’s Why You Should Root Your Android Phone (Video)
Android Power User: What are Unlocking and Rooting?
Android Security Advisory: How To Keep Pattern Lock Secure
Face Unlock Gets (A Bit) More Secure In Jelly Bean
Why Does Google Wallet Want Root Access All Of A Sudden?
Popular Posts
HTC Addresses “One Google Edition” Rumors
Google’s Lack Of Update For Android At I/O Was Actually Smart, Here’s Why
“You’re Just Gonna Put A Case On It Anyway” Isn’t An Excuse
Pocketnow Live, Ep. 16: Nokia and Google I/O Reactions
Our Shows
Latest Video
Nokia and Google I/O Reactions: Pocketnow Live, Ep. 16
Up Next
Nokia Lumia 925 vs Samsung Galaxy S 4 vs HTC One
Popular Videos
Nokia Lumia 925 Hands On
Nokia Lumia 925 Silver vs Black
Mobile Version