We post a lot here about rooting your Android phone, and updates to the various custom ROMs that are available. When you think of rooting and all the possibilities for modification it opens up to your phone, do you see yourself as benefiting from security risks? An Android engineer thinks so, and calls for a way to let users have root access without the security problems both leading to and stemming from the rooting process.
With the exception of phones like Google’s Nexus series, most smartphones go to some lengths to keep you from running the system code of your choice. When you do gain root access to one, you do so by exploiting a bug in Android; in a fully-secure system, you wouldn’t be able to gain root without the root password. Developers are always working to eliminate Android bugs, but that means they’re working at the same time to prevent users from rooting their handsets against the manufacturer’s wishes.
Android Security Team member Nick Kralevich thinks there can be a better solution, if manufacturers recognized that users do want the ability to modify their phones and will attack any obstacles put in their way. He proposes that there can be some kind of middle ground, where manufacturers and carriers keep enough control over phones to prevent app piracy or code that causes undue network congestion, while still giving users access to the operating system, including the ability to install alternate system ROMs.
The logistics of Kralevich’s suggestion are a bit tricky, possibly requiring new phone hardware in the form of a secure co-processor, but the real impediment is the will of manufacturers and carriers. Unless they could be convinced that they can give up a good deal of control over how consumers use their smartphones without risking negative attention from network engineers and app developers, they’re not likely to break from what they know to work.
Would you be more likely to buy a phone that allowed you to easily root and change ROMs, do you really not care, or do you figure that it doesn’t matter since eventually someone will find a security hole, letting you root it anyway?