What is Rooting and Jailbreaking

“Rooting” and “jailbreaking” – you have certainly heard these two words present on blogs dedicated to Android and iPhone. In this article we will find out what they mean. We will also overview what risks and benefits these two practices can determine for a smartphone user.

Rooting

Let us start with the rooting of Android devices and its backstory. Android is an operating system based on . In Linux environments, the system administrator is a user called “root”. For security reasons the Android operating system does not allow the user to perform certain operations. In practice it means the user does not have administrator privileges.

Rooting is the operation that allows the user to obtain system administrator privileges (become “root”). Therefore, to be able to perform operations on the smartphone, that are normally impossible. Here is what the user can do, once obtained the administrator privileges:

Uninstall any applications from the phone. Each manufacturer pre-installs some proprietary programs on smartphones. They include the browser, the gallery, the weather or news widget etc. These apps are also called “bloatware”, because they are accused (often for some reason) of consuming the battery and other smartphone’s resources, while cannot be disabled.

 

Update to later system versions or install a custom ROM. Another option is to update your system to a more recent version. However, the most advanced users aim to change the ROM by uploading a modified version of the Android operating system. The modified ROM allows to customize the smartphone, for example, by using a spartan interface. It can also allow to increase the battery life, or adding special features absent in the original Android version.

In fact, with the full control of the operating system you can do a lot. Your can modify the device’s IMEI for tracing and blocking network connections or the device’s CPU and GPU parameters.

Jailbreaking

Let us move to jailbreaking – a practice reserved for iPhone owners. Apple built the iOS (that is the name of the system on board of iPhones) based on BSD – a UNIX-like operating system. Its philosophy is different from the Android’s one, as it allows to install only official applications via the App Store. This big difference compared to Android certainly makes it less vulnerable, as the apps on the App Store are verified and approved, before being made downloadable by users.

As well as rooting, jailbreaking allows “privilege escalation”, but with a few technical and theoretical differences. iPhone has multiple “by design” restrictions, so for example, you can only use the default browser or email client. In practice, jailbreaking is commonly used to install applications from outside the App Store (what the Android users can do without restrictions). While Android rooting basically allows you to gain complete control of the operating system, jailbreaking can only remove some restrictions present in the software.

Security risks

However, there is something in common between these two techniques: the security risks they introduce to the devices.

“With great power comes great responsibility”, said Spiderman. The same is true for rooting. Total control without full knowledge of the operating system can damage the device. Moreover, any malicious application has no obstacles to access system files, phone data, leading to serious consequences.

One of the first things Android malware performs on a device is an attempt to obtain root privileges. If the smartphone is successfully rooted, the malware can steal passwords, delete system files, and even modify the firmware, that cannot be fixed with a factory reset.

Sandbox is an iOS protected environment, where applications run. It is the main iOS defense, as it restricts access to some data and system files as well as prevents the running apps from crashing. Minimizing the chance to install malicious apps, Apple guarantees greater security to its users. Jailbreaking disables it, making the operating system and the user data extremely vulnerable to malware and trojan attacks.

What you can do to stay protected

There is just one recommendation for you as a conclusion. Please, do not root or jailbreak your device, unless you are sure of what you do. At the same time companies can do more to address such security risks. The easiest way is to block rooted and jailbroken devices from accessing the corporate network. The other way is to constantly   security events from the corporate network to timely detect any lateral movements in case of a cyber-attack.

Popular/
recent post

5 Jun 2024
5 Jun 2024
SASE 500x500
30 May 2024
30 May 2024
Plus Forum Digital Uzbekistan HWG Sababa
14 May 2024
14 May 2024
deepfake
12 Apr 2024
12 Apr 2024
Post HWG Sababa & Group (33)
2 Apr 2024
2 Apr 2024
ransomware attacks in healthcare
5 Mar 2024
5 Mar 2024
cybersecurity career 500x500
29 Feb 2024
29 Feb 2024
arduino opta cyber resilience
SASE 500x500
5 Jun 2024
3 minutes
Plus Forum Digital Uzbekistan HWG Sababa
30 May 2024
deepfake
14 May 2024
3 minutes
Back to blog

Related post

5 Jun 2024
5 Jun 2024
SASE 500x500

In today's digitally interconnected landscape, organizations heavily depend on networks of suppliers and partners to maintain operations and foster innovation. However, without adequate attention to cybersecurity resilience in the supply…

3 minutes
30 May 2024
30 May 2024
Plus Forum Digital Uzbekistan HWG Sababa

HWG Sababa, an internationally recognized cybersecurity provider , will be participating in the prestigious PLUS-Forum “Digital Uzbekistan” for the third consecutive time. The event is set to take place in…

14 May 2024
14 May 2024
deepfake

In an era where digital manipulation is predominant, the rise of deepfake technology has created a new frontier of deception. Deepfakes blur the lines between reality and fiction with unprecedented…

3 minutes
SASE 500x500
5 Jun 2024
3 minutes
Plus Forum Digital Uzbekistan HWG Sababa
30 May 2024
deepfake
14 May 2024
3 minutes
Back To Top