Possible risks involved in rooting and jailbreak and how to avoid them
Rooting as well as jailbreadking will come with certain risks. The worse case, the handset will be beyond repair. We need to understand the risks and ways to avoid them.
After jailbreaking, although there advantages like getting access to Cydia, can easily install the paid app, doing unlock and more. But there are also risks involves and the risks are shared below.
3.1 Security Risks
According to Betanews (2013) rooting the distribution is usually accomplished by exploiting the security flaw as well as installing some applications such as the SuperSU in managing the requests for the preeminent authorizations (which are facilitated when the security fault or defect is detected).
Ideally, this implies that distribution of the rooting is quite secure since there is generally at least one fewersecurity issues to be dealt with as well as because the users have an appwhich allows or permits them to understandthe time the other app is in need of elevated permissions. Nonetheless, this is a dangerous idea than it looks.
Opening up and mishandling the root access is the chief security risk since it open room for unwanted access, theft and data leaks, hardware fiasco and so forth in case,the developerhas some malicious intentions. The risk is higher when in the corporate environmentwhile dealing with relatively high sensitive data.
How to Avoid
However, the userhas to permit app access to the root course prior to gaining access. To avoid the security risk, it is recommended that the user should conduct researches about the app which is mainly based on root permission.
3.2 Warranty out the window
Rooting is something not formally reinforced by the producers; otherwise, one would begin viewing some devices coming now rooted straightforward from industry. Besides, some of these devices like Samsung have the flash counter which is built into enabling it to keepthe track of the users, that is, whether or not the users have tampered with their firmware or have installed some unofficial software, which could also be checked even when the phone is unrooted or locked again. There are some techniques of restoring such issue back, though no guarantees that the Warranty department would catch on the users. For the developer who is alwaysexploring around with their device, there will be the occasion where they will require visiting the service center. Nonetheless, whenever their flash counter shows number larger than zero, there will be the issue with the repair warranty.
Flash counter, can be accessed through the download mode on the device. This is usually the well-known flash counter which reflects a numberof times one hasinstalled an unauthorized ROM on their devices. Flashing the official or authorized firmware does not at any point impact on this number. Hence, in case the counter is not at any point reset, one might experience some issues with their guarantee whenever they take their devices for repair. Additionally, resetting the flashcounter back to zero is usually a rightmean in removing all the traces of changes where one subject his or her OS with their tinkering.
How to avoid
‘Triangle Away' is an APP with a capacity of resetting the flashcounter back to zero, and the one that would reset a device, leaving its flash counter back at zero and removing the favorite yellow triangle whenever flashing the modified kernel. (Source: Androidpit)
The quickstep to install the Triangle Away
Step 1. Download the APK then open Triangle Away application.
Step 2. Open Triangle Away application, which would later prompt to provide it the root permission. Mainly accept by pressing the "Grant."
Step 3. Download additional files for the triangle Away requirements. One should confirm that the deviceversion exhibited is similar to the version they possess.
Step 4. When finished installing the files, one should select Reset Flash Counter option. After which warning sign appears, later click on the "Continue" option, the device would reboot.
Step 5. In resetting flash counter, press Volume Up. And if wish to restart the device without resetting it, press Volume Down key).
3.3 Problems with updates
Patches are the update of firmware is the critical aspect for mobile.
Another common issue result in rooting your device is that all the automatic updates in firmware automatically stop. There will not at all be any updates via Wi-Fi and management software.
How to Avoid
After rooting, the device will be able to update the firmware manually; nonetheless it is considered a tiresome process as people would be forced to have a new version every time their firmware is officially released.
3.4 Might brick device
To root or jailbreak the device, some users might find it quite simple whilst others mainlythe novices might find themselves in hectic setting while trying to deal with the complex processes.These processes could fail, making the device quite useless (bricking).
Similarly, there are numerous techniques of rooting the Android devices based on model or version of the Android device. For instance, while rooting the Nexus, one requireshaving toolset downloaded as well as using the PC command prompt in gaining access while most of the Samsung devices might require an Odin software. It is therefore quite evident that the rooting procedures or processes differ and it is more likely in getting it wrong for the beginners. Such could also result in the Android devices becoming useless or bricked.
Depending on the status, the user still might be able to get the device repaired, but that’s not a guarantee. Some bricked devices are almost irrecoverable.
Regardless of the situation, if the user still wants to root/jailbreak the device. The following steps are necessary, one, ensure the process is researched thoroughlysince this varieson the basis of a smartphonebrand and type. The improved decision will be to seek professional adviceon the devoted forums, or requesting the tech-savvy individuals to jailbreak or root it; all aimed in ensuring one does not turn their decision into the brick.
If an Android phone, install appropriate antivirus protection software for Android devices, even prior to jail-breaking the Android device in fending off or preventing the malware contagions.
Author: Tan Kian Hua, student LIGS University
Chuan Ji, Oct 19, 2011, Tags: Android, Featured, Retrieved from https://seasonofcode.com/posts/how-rooting-works-a-technical-explanation-of-the-android-rooting-process.html
Srinivasa Rao Kotipalli, Mohammed A. Imran, (2016, July). Hacking Android. Chapter 2: Android Rooting
Suktika Mukhopadhyay, Brandon Clark, Talha Tariq, Luca De Fulgentis; Title of article. Dangersof Jailbreaking and Rooting Mobile Devices. Retrieved from https://www.owasp.org/index.php/Projects/OWASP_Mobile_Security_Project_-_Dangers_of_Jailbreaking_and_Rooting_Mobile_Devices
Kunal Relan (2016) iOS Penetration Testing - A Definitive Guide to iOS Security, page range. 31-39
Suktika Mukhopadhyay, Brandon Clark, Talha Tariq, Luca De Fulgentis (27 June 2015). Projects/OWASP Mobile Security Project - Dangers of Jailbreaking and Rooting Mobile Devices. Retrieved from https://www.owasp.org/index.php/Projects/OWASP_Mobile_Security_Project_-_Dangers_of_Jailbreaking_and_Rooting_Mobile_Devices
Jim Swauger, Jim Hawke, Retrieved from http://www.binaryintel.com/services/jtag-chip-off-forensics/jtag-forensics/
Oleg Afonin, Vladimir Katalov (September 2016). Mobile Forensics – Advanced Investigative Strategies. Retrieved from https://books.google.com.sg/books?id=9oVcDgAAQBAJ&pg=PA22&lpg=PA22&dq=types+of+mobile+device+advanced+data+extraction+techniques&source