Rooted Android phones vulnerable due to Android kernel patching flaws (opens in new tab)

(zimperium.com)

18 pointswitnessme10mo ago11 comments

11 comments

10 comments · 3 top-level

WarOnPrivacy10mo ago· 4 in thread

The author goes into the weeds on the vulnerabilities that can be left following some rooting methods. All to the good.

Meanwhile, it's non-rooted phones that get endlessly compromised

    by state sponsored cellbright attacks (LEO),
    by blackhatted Israeli exploitive malware platforms
    and from an endless array of general crapware, much 
     of it from handset manufacturers, wireless carriers and 
     their bloatware affiliates.

All that said, the article really does go into detail. I know enough to follow along but probably not enough to spot issues (if there are any).

ThePowerOfFuet10mo ago

>Meanwhile, it's non-rooted phones that get endlessly compromised

With the notable exclusion of GrapheneOS. (It's also Cellebrite-proof going on three years now.)

diogenes_atx10mo ago

What are the security vulnerabilities of GrapheneOS?

hulitu10mo ago

> With the notable exclusion of GrapheneOS. (It's also Cellebrite-proof going on three years now.)

Does Whatsup run on GrapheneOS ? Asking for a friend /s

preisschild10mo ago

You are mistaking "rooting" with using a different Android distribution.

You can install GrapheneOS/Lineageos without root. And you can install a su binary on the stock OS, not improving privacy at all.

spaqin10mo ago· 3 in thread

Would be much easier to work against such vulnerabilities if rooting was officially sanctioned and actual resources could be put towards making it a viable and secure option, rather than taking away the power from the user for the device they purchased.

preisschild10mo ago

Giving apps root permissions exposes a huge hole in the Android security system (normal permissions) though. This is inherently more insecure than not having root at all.

> rather than taking away the power from the user for the device they purchased

I disagree with that. Not having root doesn't mean it's inherently anti-user. I use GrapheneOS without root and am still in total control of my device.

mckenzba10mo ago

What does giving apps root permissions have anything to do with rooting a device? Rooting in this context means unlocking the bootloader to allow for a custom OS/kernel that isn't signed by the OEM. You can have a rooted device while still running an OS that restricts apps (that behave) from having root account access.

I'd rather have the ability to enroll my own keys so I can boot my own signed OS and maintain a root of trust that I own much like what can be done on desktop Linux with a TPM. IIRC Google's Pixel phones have this ability (and are one of the few phones that have this ability if I'm not mistaken).

1 more reply

donkeybeer10mo ago

I am not understanding what you are trying to say. Nobody runs daily apps as root on desktop linux either. Root here means ability to not necessarily actually doing something as the root user.

I don't know anything about Android permission system is built atop linux, what does it mean when you say giving an app 'root permissions'?

witnessmeOP10mo ago

This latest test is related to rooting framework KernelSU. Sinilar vulnerabilities were found earlier in other rooting frameworks such as APatch , SKRoot, etc. The vulnerability results in gaining root access and escalated privileges.

j / k navigate · click thread line to collapse

11 comments

10 comments · 3 top-level

WarOnPrivacy10mo ago· 4 in thread

The author goes into the weeds on the vulnerabilities that can be left following some rooting methods. All to the good.

Meanwhile, it's non-rooted phones that get endlessly compromised

    by state sponsored cellbright attacks (LEO),
    by blackhatted Israeli exploitive malware platforms
    and from an endless array of general crapware, much 
     of it from handset manufacturers, wireless carriers and 
     their bloatware affiliates.

All that said, the article really does go into detail. I know enough to follow along but probably not enough to spot issues (if there are any).

ThePowerOfFuet10mo ago

>Meanwhile, it's non-rooted phones that get endlessly compromised

With the notable exclusion of GrapheneOS. (It's also Cellebrite-proof going on three years now.)

diogenes_atx10mo ago

What are the security vulnerabilities of GrapheneOS?

hulitu10mo ago

> With the notable exclusion of GrapheneOS. (It's also Cellebrite-proof going on three years now.)

Does Whatsup run on GrapheneOS ? Asking for a friend /s

preisschild10mo ago

You are mistaking "rooting" with using a different Android distribution.

You can install GrapheneOS/Lineageos without root. And you can install a su binary on the stock OS, not improving privacy at all.

spaqin10mo ago· 3 in thread

preisschild10mo ago

Giving apps root permissions exposes a huge hole in the Android security system (normal permissions) though. This is inherently more insecure than not having root at all.

> rather than taking away the power from the user for the device they purchased

I disagree with that. Not having root doesn't mean it's inherently anti-user. I use GrapheneOS without root and am still in total control of my device.

mckenzba10mo ago

1 more reply

donkeybeer10mo ago

I am not understanding what you are trying to say. Nobody runs daily apps as root on desktop linux either. Root here means ability to not necessarily actually doing something as the root user.

I don't know anything about Android permission system is built atop linux, what does it mean when you say giving an app 'root permissions'?

witnessmeOP10mo ago

j / k navigate · click thread line to collapse