Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: Can I Trust Android Rooting Tools?

Posted by timothy on from the spider-sense dept.

Qbertino writes After a long period of evaluation and weighing cons and pros I've gotten myself a brand new Android tablet (10" Lenovo Yoga 2, Android Version) destined to be my prime mobile computing device in the future. As any respectable freedom-loving geek/computer-expert I want to root it to be able to install API spoofing libraries and security tools to give me owners power over the machine and prevent services like Google and others spying on me, my files, photos, calendar and contacts. I also want to install an ad-blocking proxy (desperately needed — I forgot how much the normal web sucks!). I've searched for some rooting advice and tools, and so far have only stumbled on shady looking sites that offer various Windows-based rooting kits for android devices.

What's the gist on all this? How much of this stuff is potential malware? What are your experiences? Can I usually trust rooting strategies to be malware-free? Is there a rule-of-thumb for this? Is there perhaps a more generic way for a FOSS/Linux expert who isn't afraid of the CLI to root any Android 4.4 (Kitkat) device? Advice and own experiences, please.

6 of 186 comments (clear)

  1. Re:No by war4peace · · Score: 4, Insightful

    "Computer expert" is a broad, broad definition. Nobody's a "computer expert", except in their narrow field.
    So ease off with the smug. One might be an expert in their field and totally suck at another, both computer-related.

    --
    ...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
  2. Re:Try Here by asimons04 · · Score: 5, Insightful

    Mod parent up.

    I've been frequenting XDA Developers forums for years now, and haven't had any bad experiences or rootkit-type behavior on my devices. Lots of knowledge there, and I was finally able to add some of my own a little while back. Most of the insights I provided were based on years of knowledge learned from the same forums plus my own experimenting, but that's exactly what they're for.

    Depending on the version of Android you've got, you'll have to use different methods. Typically, but NOT ALWAYS, the rooting methods aren't device specific, but Android-version specific. So while you may not find instructions for rooting your exact device, you'll probably find a method to root your version of Android (unless the exploit is tailored specifically to a particular device).

    As always, make sure you read the forums and search thoroughly before you post a "I'm a n00b and I don't know what to do..."-type question. You won't get flamed out of the forums, but you will likely not receive much help as they do expect you to do some footwork beforehand and not just expect them to do everything for you.

    As always, do everything at your own risk.

  3. Re:Can you trust the hardware and firmware? by Z00L00K · · Score: 4, Insightful

    Considering the bloatware that the phones comes with as standard like Facebook (that spies on your address book) and a number of unwanted apps that have been granted unkonwn privileges by the phone vendor I'd trust a rooting tool more.

    --
    If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
  4. Re:Say goodbye to security by drinkypoo · · Score: 3, Insightful

    From your fine link:

    This is unfortunate. Even if you've encrypted your phone, anyone with physical access can simply reboot into recovery and reflash /system with something that'll stash your encryption key and mail your data to the NSA. Surely there's a better way of doing this?

    Anyone with physical access to your phone can, in theory, do anything they want to your phone. Including unlocking the bootloader, and then doing all that other stuff. What a fat waste of time that was.

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  5. Required class action lawsuit against Google by Anonymous Coward · · Score: 2, Insightful

    Imagine if Windows PC manufacturers supplied PCs lacking Administrator access in Windows. People would quite rightly complain, and many would sue their respective PC manufacturers in order to gain full control over their own legal possession. But what if Administrator access were not being supplied because Microsoft did not provide it in Windows in the first place? In that situation, the many lawsuits would rapidly collapse into a single class action against Microsoft.

    That is exactly the situation we have today in respect of Google as developers of Android. Google has not provided any means for owners of Android tablets to gain root access to their own property and hence full ownership of it. This is not the fault of the equipment manufacturers at all but that of Google, and so Google should be legally actioned for it by Android equipment owners as a class.

  6. Re:Manual steps vs. payload by c · · Score: 4, Insightful

    I'm a little surprised that the comments so far haven't really tackled the crux of your question, which was NOT "how do I find root exploits", but "are they trustworthy".

    Well, the way I see it, I'll trust a random XDA developer pushing closed-source hacks way more than I trust my carrier and/or handset manufacturer.

    It'll grant you that it's a low bar.

    --
    Log in or piss off.