What are the benefits and risks of getting root rights today, and why is this not possible for some devices? Let's try to figure it out.
At the heart of Android is the core Linux, and from the beginning enthusiasts and power users alike have been interested in gaining root access to make changes and add new features. At the very beginning of evolution Android on most devices, this procedure was quite simple. There were several apps and tools available that could root almost any Android based smartphone or tablet, and in a matter of minutes you could start to truly control the device. With the development Android, users have ceased to be so obsessed with gaining root access, the process has become much more complicated and dangerous. So what are the benefits and risks of getting rooted today, and why is this not possible for some devices? Let's try to figure it out.
Benefits
Gaining access to superuser rights on Android is akin to working on Windows with administrator rights. You are given full access to the system partition and you can change the way the OS works. An integral part of the process of obtaining access is the installation of an application that controls the granting of the corresponding rights (for example, SuperSU). Such tools are essentially the 'guardians' of access to the root partition on your device. When an application asks for access permission, you need to grant it using the said application.
What can we do with open root access? Let's say you have a system application installed on your phone that you don't like and cannot be disabled using the standard method. If the phone went through root, then using the Titanium Backup application, you can hide or delete unwanted applications, as well as manually create a backup copy of the application / game for recovery on another device. Want to change the processor mode of your device or change the user interface? Here, too, you need root access, as is the case with various ad blocking software: such programs modify the standard host files to block known ad servers. Android now has significantly more options for backing up, but gaining root access is a guarantee that your data is no longer lost. And this is useful: if your enthusiasm damages something, then you have to restore the OS.
Risks
Root access gives complete control over the system, but this kind of 'power' can negatively affect the operation of the device. Android is designed in such a way that it is not easy to 'break' anything when using a restricted user profile. However, a rooted user can turn everything upside down by installing the wrong application or changing system files. The OS security model is also violated to some extent, because the applications used in the process of obtaining root-rights have much wider access to the system. Malicious software on a rooted device can receive large amounts of data. Again, be careful with what you install.
This is why Google does not officially support rooted devices. There is even a special API called SafetyNet that applications call to check if a device has been hacked or tampered with by the user. Applications that work with sensitive personal information perform this check; they will not work on rooted devices. One of the most striking examples is Android Pay, the app won't even launch on a device that hasn't passed SafetyNet verification. If you do not want to lose access to well protected applications, then it is better not to resort to the process of obtaining root rights. Speaking about the process itself, it so happens that the methods used in themselves pose a certain danger. There is a risk of turning the device into a 'brick' and the possibility of voiding the warranty. Depending on the manufacturer, it is possible to repair a device that has suffered from inept actions, but there is no guarantee for further stable operation.
Starting with Android 5.0 Lollipop, system updates for some devices (Nexus, Pixel) will only work on stock devices, without root. This is because the way the operating system handles the OTA file has changed. Updates change the entire system partition, so any changes or additional files will not be validated and the update will be canceled. On other devices, almost any over the air update will remove root access and block the method used. If it is so important for you to maintain access to the system partition, then you will have to stay on the old and full of 'bugs' software and wait until a new method of obtaining root rights or updating a modified version of the OS appears.
Why has root become so hard?
If you are a longtime user Android, you may have noticed that the process of accessing root privileges has become much more complicated. Several years ago there were loopholes through which any Android device could be hacked in a few minutes, but today they are much less common. Towelroot was the last near-universal exploit in mid-2014 and was quickly shut down by Google. The presence of active 'holes' in the device's system poses a certain danger for most users, and this is the reason for such a quick 'treatment' of ways to exploit the vulnerability. Security 'holes' can be exploited by malware to intercept device control and steal data. Google and the device manufacturers are responsible for eliminating methods of gaining access to the system partition once they are released. Following last year's Stagefright story, Pixel and Nexus have monthly security updates. Carriers and OEMs are also pushing for such updates, updating devices twice a month. Sometimes such updates will close discovered 'holes'. Android has become more reliable, it now takes more effort to hack the system in order to gain root access. As a result of this game of 'cat and mouse', 'holes' are often activated at the level of the system partition.
Arbor number 59. Stagefright as the first horseman of the apocalypse Android
Popular devices may not have publicly known methods of gaining root access, which requires efforts to find, test, and develop exploits. This is not to say that there are no 'holes' in such devices, however, the manufacturer values these smartphones / tablets and is not going to give vulnerabilities to the user community. If you are browsing the sections of the XDA forum, then you may have come across threads in which a monetary reward is offered to those who find a working method of obtaining root-rights on a particular device. This approach sometimes works, but collecting such funds is not easy, and a few thousand dollars for an exploit is not a huge amount. Any security auditing and research Android professional will tell you that undisclosed 'holes' are particularly prized among security and expert companies. A generic exploit like the ones we saw a few years ago could easily cost tens of thousands of dollars. Many are not ready to give their finds for a pittance.
Root or not root?
If Android interests you primarily as a 'DIY' object, then you should think about that when choosing a device. Do not buy a gadget hoping that someday there will be a way to get root access for it, you may have to wait a certain time and end up with an incomprehensible exploit that will be immediately closed. There are devices that are quite suitable for 'rooting', such as the Nexus and Pixel, which are easily amenable to this process thanks to non-blocking bootloaders. They also contain system images for use in case of unexpected errors. If you are not familiar with the tools Android and do not know how to get rid of problems through the command line, then you should consider the need for root access. The end result can be very interesting in terms of personalizing the device, but it can also lead to certain negative consequences and finding ways to fix errors caused by over-modification. It is worth pondering over the mentioned SafetyNet locks.
Original material by Ryan Whitwem
The material is rather for those who are just planning to try themselves in custom firmware, embellishments and other attributes inherent in a device with rooted rights. Looking back at my little experience of getting root (three or four devices), I can say that the result was always satisfactory, the main thing is to understand what is needed from the device and what does not suit it at the moment. Played enough root on HTC HD2, a truly iconic device for enthusiasts, and has since put less emphasis on the process. However, both SGS 4 and the existing SGN4 were subjected to it, but mainly for the sake of removing / disabling pre-installed applications.
Yes, Google is gradually 'tightening the screws' for enthusiasts, trying, independently or with the help of OEMs, to eliminate certain negative aspects for users in the standard firmware. But the process is not complete yet, so root access for Android – devices is not going anywhere yet. And if you look at the products of Chinese manufacturers, then there root is elevated to the status of functionality out of the box, access to it is facilitated, the manufacturer deliberately goes for it. Do you consider root to be a thing of the past or do you still need complete control over your device?