“Rooting” and “jailbreaking” – you have certainly heard these two words present on blogs dedicated to Android and iPhone. In this article we will find out what they mean. We will also overview what risks and benefits these two practices can determine for a smartphone user.
Rooting
Let us start with the rooting of Android devices and its backstory. Android is an operating system based on . In Linux environments, the system administrator is a user called “root”. For security reasons the Android operating system does not allow the user to perform certain operations. In practice it means the user does not have administrator privileges.
Rooting is the operation that allows the user to obtain system administrator privileges (become “root”). Therefore, to be able to perform operations on the smartphone, that are normally impossible. Here is what the user can do, once obtained the administrator privileges:
Uninstall any applications from the phone. Each manufacturer pre-installs some proprietary programs on smartphones. They include the browser, the gallery, the weather or news widget etc. These apps are also called “bloatware”, because they are accused (often for some reason) of consuming the battery and other smartphone’s resources, while cannot be disabled.
Update to later system versions or install a custom ROM. Another option is to update your system to a more recent version. However, the most advanced users aim to change the ROM by uploading a modified version of the Android operating system. The modified ROM allows to customize the smartphone, for example, by using a spartan interface. It can also allow to increase the battery life, or adding special features absent in the original Android version.
In fact, with the full control of the operating system you can do a lot. Your can modify the device’s IMEI for tracing and blocking network connections or the device’s CPU and GPU parameters.
Jailbreaking
Let us move to jailbreaking – a practice reserved for iPhone owners. Apple built the iOS (that is the name of the system on board of iPhones) based on BSD – a UNIX-like operating system. Its philosophy is different from the Android’s one, as it allows to install only official applications via the App Store. This big difference compared to Android certainly makes it less vulnerable, as the apps on the App Store are verified and approved, before being made downloadable by users.
As well as rooting, jailbreaking allows “privilege escalation”, but with a few technical and theoretical differences. iPhone has multiple “by design” restrictions, so for example, you can only use the default browser or email client. In practice, jailbreaking is commonly used to install applications from outside the App Store (what the Android users can do without restrictions). While Android rooting basically allows you to gain complete control of the operating system, jailbreaking can only remove some restrictions present in the software.
Security risks
However, there is something in common between these two techniques: the security risks they introduce to the devices.
“With great power comes great responsibility”, said Spiderman. The same is true for rooting. Total control without full knowledge of the operating system can damage the device. Moreover, any malicious application has no obstacles to access system files, phone data, leading to serious consequences.
One of the first things Android malware performs on a device is an attempt to obtain root privileges. If the smartphone is successfully rooted, the malware can steal passwords, delete system files, and even modify the firmware, that cannot be fixed with a factory reset.
Sandbox is an iOS protected environment, where applications run. It is the main iOS defense, as it restricts access to some data and system files as well as prevents the running apps from crashing. Minimizing the chance to install malicious apps, Apple guarantees greater security to its users. Jailbreaking disables it, making the operating system and the user data extremely vulnerable to malware and trojan attacks.
What you can do to stay protected
There is just one recommendation for you as a conclusion. Please, do not root or jailbreak your device, unless you are sure of what you do. At the same time companies can do more to address such security risks. The easiest way is to block rooted and jailbroken devices from accessing the corporate network. The other way is to constantly security events from the corporate network to timely detect any lateral movements in case of a cyber-attack.