Risks of rooting Android

4 - 5 minutes read, 1059 words
Categories: android
Keywords: android root security

This year I decided to write down my list of reasons why I would like to gain administrative privileges on Android.

I did not think about writing down the reasons one should not root the device.

So here it is, my non-exhaustive list of why you might not want to gain administrative privileges.

Bad support

Here be dragons.

Once you’ve installed an unofficial ROM or changed system settings you were not supposed to, you might have issues that no one else has, as only a few people might have the same hardware and software combination you have.

While with laptops and desktops an operating system works mostly out-of-the-box (unless you need some special drivers), the phone landscape is more …​ "interesting".

First of all, the number of peripherals is much more divergent: multiple cameras, multiple microphones, gyroscopes, compass, GPS, barometer, battery, hygrometer, touch and hardware keyboard, touch screens, thermometer, one or more SIM, …​

Second, on a PC it is possible to use live-cd, AFAIK there is no equivalent for Android, thus testing before installing is currently not an option.

Third, manufacturers do not only add drivers to their flavored Android version but also programs and make other changes, like adding DRM keys, programs, and other libraries. Thus installing the appropriate drivers is generally not enough.

Fourth, backing up and restoring operating systems on a PC is a much more common operation than on a phone.

Unfortunately, sometimes serious errors are even common to all devices.

While using Cyanogenmod I’ve experienced what has been reported in fdroid bugtracker: updating some application caused a boot loop(!). The underlying cause seems to be that custom ROMs had a memory corruption that manifests itself if packages were built a certain way.

It has to be said that LineageOS has different policies for trying to set a higher quality bar (this holds, of course, only for those devices officially supported)

The downside is that depending on how well a device is supported you might or might not get a new release with the fix.

bricking phone

AFAIK most bricks are soft-brick, thus it is normally possible to unbrick the device. Unfortunately, this might not always be simple, as it might need specialized programs that are hard to find, and proprietary.

Compared to a computer, bricking it because the installation of the OS failed is impossible, unless you have a very particular device.

no turning back

Maybe it’s just me, but I am nearly ever able to find instruction to restore the original ROM and recovery. The first thing I miss is where to download or extract from my device, the original firmware, to restore it if it turns out I do not like an unofficial ROM.

Sometimes it is possible to download some files from some servers…​ hardly a trustworthy resource.

Also note that simply unlocking the bootloader, (which should be supported by every manufacturer by now) is a point of no return.

For example, on some Sony devices unlocking the bootloader with the official method will wipe DRM keys. Locking the bootloader will generally not add those keys back to the device.

Also, depending on the manufacturer, while booting there might be a misleading warning like

"The device has been unlocked and cannot be trusted. Please lock the Bootloader. Your device will boot in 5 seconds"

I dislike it, especially on older phones, as leaving the bootloader locked would have prevented installing a more recent android version with the latest security patches, thus leaving it more vulnerable.

It also gives a misleading suggestion, as locking the bootloader will, at least, brick the device, unless one reinstalls the original system.

It also augments the boot time of at least 5 seconds, which is irritating.

void warranty

Your warranty is void. (there might be exceptions)

something might not work, not as stable as official

The first serious issue I ever had was the boot loop because I updated some applications. Otherwise, most issues I had were because I touched and modified files I was not supposed to, thus it was solely my fault.

Otherwise recently, on a freshly installed ROM, the microphone did not always work reliably. After researching a little bit, I found 16 reported known issues that are months old. Unfortunately, a working microphone is an essential feature of a phone, and apparently, there is no workaround for many of the reported issues.

Many issues have also been set to won’t fix, as currently, LineageOs is transitioning from 17.1 to 18.1. Hopefully the devices I’m interested in will continue to get updates.

In all cases, figuring out what did not work and how to fix it is a time-sink.

missing features

Official ROM might have some additional or enhanced programs, for example, the bundled camera app might work better than those that can be downloaded and installed separately. Unfortunately, copying the .apk of the bundled camera and installing it on a custom ROM is not sufficient.

Sometimes people find a way to restore some of those functionalities, but you need to be lucky enough that there is someone else who made the hard work for you or document yourself very well before buying your device, or find a way for yourself to achieve such goals.

You also need to trust different people online, as you are downloading binary blobs and generally have no way of knowing what those do. Notice that this is true for a PC too. This is why I tend to restrict myself only to

  • what I can read and understand (open-source programs, scripts, …​)

  • What has been officially packaged for my distribution (as I somehow need to trust those as I already use the operating system they put together)

  • or well-known programs

This is, unfortunately, harder when dealing with Android Roms.

You need to have enough time

Even when everything works correctly, gathering all information is a time sink.

You need to know how to unlock the bootloader, search which files and programs to download…​

Granted, for those devices that are supported by LineageOs, the instruction are pretty clear.

But there is, for example, no indication about known or possible issues. What’s also missing is what are the points of no return (like if unlocking the bootloader will do some irreversible action), and if it is possible (and how) to restore the device with its original firmware after installing LineageOs.

Do you want to share your opinion? Or is there an error, same parts that are not clear enough?

You can contact me here.