Google Security Engineer Blogs About “Rooting”
By on December 20th, 2010

Nick Kralveich, an Android Security Team engineer, has posted up (via Tim Bray, Android Developer Advocate) his thoughts and concerns about the current state of security on the Android platform. As the amount of Android handsets on the market increases, many users have been rootingtheir devices in order to install customizations, cooked ROMs and unlock third party software and repositories. Nick says that while Google does provide an easy modification to allowing personal boot images by unlocking the bootloader via simple commands (fastboot_oem_unlock), that it is not an indication of lax security. Google developers do aggressively fix known security holes, including those that can be used for rootingand Adobe has given credit to how Android uses a sandbox for application segregation. Google is also known for sending security of relevant patches back upstream to a project, yet many simply don’t know that rooting is an active exploitation of a known security holesays Nick. He says it is possible to design unlocking techniques that protect the integrity of the mobile network, the rights of the content providers, and the rights of the application developers, while at the same time giving users choice. Users should demand no less.and he is absolutely right.

Android straddles the fine line of providing users with a polished device with a booming application ecosystem and a highly customizable interface with open source software. With each iteration and release of Android, these lines are being blurred and Android is quickly climbing to the top.

Tags: , , ,
Author: Simon LR

Simon LR has written and can be contacted at simon@techie-buzz.com.
 
Copyright 2006-2012 Techie Buzz. All Rights Reserved. Our content may not be reproduced on other websites. Content Delivery by MaxCDN