Is root done? This is something I’ve been pondering as fewer and fewer new root concept apps are coming out, and many are being phased out due to either what used to require root being incorporated into the Android ecosystem, or someone just simply figuring out how to accomplish without root access.
TL;DR Paul’s contemplating, “Where do we go from here in the root world?”
I’ll point out that root I’m speaking of is super user/root access, not unlocked/custom bootloader/ROMs.
With root an app can gain superuser access and do things Android can’t, with unlocked you can flash whatever you want that will do whatever you want it to. More or less. I can’t imagine Android being fun without being able to flash a new ROM every now and then.
Applications can be backed up via non-root methods now, HTC Backup, Helium, etc. There’re more hoops to jump through but the same results can happen. Tethering programs are out now that require no root. Your MSL can be obtained by calling the carrier or looking at your activation email these days if you want to get into a programming menu. App Ops can be replicated on non-root by repackaging apks. Etc.
Root used to do all the things that Android wouldn’t let you do, and it still does several (it’s great for kicking sand in other app’s faces in the sandboxes, cheating in games,) but overall it seems the root community seems to have been getting what they want in the form of OS enhancements.
Once again, this is root, not ROMs.
So what’s the next great step for the root world? What if it was to take a cue from the ROM world and fix things the manufacturers and carriers just won’t fix without changing the ROM or forcing a user to learn new things?
You know your two year old phone is dead to the carriers. They made their money off of it and unless they’re getting something monetarily to incentivise them to have security, you’re not getting it.
Not that a rooted phone is more secure, heavens no, but with vulnerabilities like Stagefright popping up we’re seeing what a bad idea letting moneygrubbing companies run wild with Android is doing to us in terms of OS security as a whole. Then again, they didn’t really factor into the prices providing patches and security forever, so maybe moneygrubbing is a bit oversimplifying things.
Company X doesn’t want to devote the resources to keeping a phone that’s no longer selling up and running. Their phones may last for six years, but you’re getting two of support.
And this is where the root world can flourish, perhaps in a commercial capacity: providing patches to vulnerabilities in older Android devices. Creating root exploit apps to replace modules that are exploitable, running interference between app X and vulnerability Y, acting in the capacity that the fake antivirus apps on the market don’t and actually protecting devices.
Do I think root’s dying or less important? No. Just what’s being written needs to change with what the needs are to address dead-end exploitable devices. It could make coders some money, save manufacturers some money while at the same time costing them money of a new sale – however user doesn’t dump manufacturer in this scenario.
If a programmer’s good enough and the device is exploitable, there’s no need for the end user to even know how to root their device to install an application that will fix the root exploits. They just install “My Kyocera FlipPhone Fix” and bam, root exploit, patch, lock down, done.
A practical Stagefright exploit (as I understand it several million people are still not infected… oh wait… nobody is,) to install superuser and a Stagefright patch specific to your device, could be the start of root exploits to fix root exploits, in a good way.
It’s an odd time in which the root community can potentially come and fix broken devices and be the heroes of Ye olde Androide Devicef, or hack the crap out of Android and turn it into a virus ridden hellhole that most iOS users think it is.
It’s poised to be an interesting time for root coders and exploiters, even if it doesn’t look like it.