Last week, TowelRoot shocked the Android community. TowelRoot was created by white hat hacker George Hotz, also known as Geohot, and claims to root any Android device in existence.
The Android world was amazed at TowelRoot – no other rooting method had come anywhere close to working on all devices.
Better yet, running TowelRoot is as easy as installing an app (TowelRoot itself is an APK file).
While Android users are enjoying the exploit, the rest of the world is frightened by its security implications.
You see, TowelRoot works on all Android devices because it exploits a section of Android that is found on virtually all Android devices.
That “section” is found in the Linux kernel of Android. While kernels change from device to device, the specifically targeted section is found on almost all Android devices – and even a few desktop Linux kernels.
That exploit wasn’t actually found by Geohot. Instead, it was exposed by an anonymous teenage coder named Pinkie Pie. Mr. Pie encouraged the Linux community to fix the exploit as soon as possible – which is what happened on many desktop Linux kernels.
On Android, fixing that exploit isn’t as easy. All Android code changes need to be passed through manufacturers and carriers – a time-consuming process which will leave Android users exposed for the next few months.
Why it’s a security threat
Why is this such a scary thing for the Android community? It’s scary because any app can use this exploit to grant itself root permission without your explicit knowledge.
Installing TowelRoot is as easy as installing a new app. TowelRoot is made by a well-known ethical hacker who fights for the common interest of the people.
But what if a black hat hacker created an app that exploited the same kernel as TowelRoot? What happens if that person then uploads their app to the Google Play Store? Or releases the APK for free online?
If so, all it would take is one click to give a malicious third party root access permissions on your device.
It’s also scary because of how long it takes Android users to receive updates. The Linux kernel exploit can be easily patched, but that update will have to go through the manufacturers and carriers first. How long will that take?
We like to think of rooting as some benevolent activity – and it mostly is. But we are hacking into the Android’s core code by exploiting vulnerabilities. In the right hands, those vulnerabilities help us root. In the wrong hands, they could help a malicious third-party track you, install malware, and ruin your device.
With great power comes great responsibility. Be careful when downloading apps and APK files online from now on. The next app you download could grant itself root access without your explicit permission.