Android Security Team defend rooting as openness

first_imgThe launch of the Nexus S was met with great enthusiasm by the Android community, yet a recent comment made by one of Engadget’s writers (and fueled further by additional comments from its followers) caused Nick Kralevich from Android Developers to get a little defensive:“Nexus S has been rooted, let the madness commence!” proclaims Engadget. “This is only possible because Android’s security is crap and it’s exploited easily to gain root priviledges [sic]” adds a commenter. Nick counterbalanced these comments with his own statement:The Nexus S, like the Nexus One before it, is designed to allow enthusiasts to install custom operating systems. Allowing your own boot image on a pure Nexus S is as simple as running fastboot oem unlock. It should be no surprise that modifying the operating system can give you root access to your phone. Hopefully that’s just the beginning of the changes you might make. Legitimately gaining root access to your device is a far cry from most rooting exploits. Traditional rooting attacks are typically performed by exploiting an unpatched security hole on the device. Rooting is not a feature of a device; rather, it is the active exploitation of a known security hole. Google admit that there has been security holes and the Android team actively fix them, but until carriers and manufacturers provide an easy method to legitimately unlock devices, there will be a natural tension between the rooting and security communities.Read more at Android DevelopersBrett’s OpinionPersonally, when I see a new Android handset my first thought is not to root the device, far from it, but then again I normally buy my smartphones sim-free so I have never had the need to root. However, I have to agree with Nick, rooting is just another way to utilize your phone, and in the right hands it can produce some nifty programs, such as Titanium Backup.Unlike Jailbreaking on the iPhone rooting is not actively deterred by the manufacturer, so it’s hardly the voodoo or spectacular breakthrough that people want you to believe. In fairness Android’s open standards will normally produce more security holes as a direct result, but would you rather have a rigid control structure in place or the Android compromise that its OS provides? We know which we prefer.last_img read more