Pinterest Stumbleupon Whatsapp

Some manufacturers are making it more and more difficult to root your Android device (and some carriers are making it impossible), but there are still a lot of people who enjoy nothing more than shaking off the shackles and customizing their phones Want To Customize Your Android Device, But Not Sure Where To Start? Want To Customize Your Android Device, But Not Sure Where To Start? Android’s openness is one of its greatest strengths and makes it possible for most devices to be modified in a number of ways. Customizing your device can add new features and make it feel like... Read More .

Despite the popularity of rooting, there are several reasons why you shouldn’t root your device. I’m not here to discuss all of them — in this article I want to focus on the security aspects.

What risks are you opening yourself up to by giving yourself root access?

1. Update Problems

Rooting your device will almost certainly render it unable to receive over-the-air (OTA) updates. Some apps try and bypass this shortcoming, but given the way rooting now works, it’s becoming harder and harder to circumvent.

Root Android Update

But what’s the problem?


Aside from missing out on some fun and important new features, you’re leaving yourself vulnerable from a security standpoint.

Phone manufacturers will typically push out several new security patches Android Gets A Security Update To Better Sniff Out Malicious Apps Android Gets A Security Update To Better Sniff Out Malicious Apps Rolling out to all phones and tablets running Android 2.3+ is an update to the Verify Apps feature that will now continuously check apps for malicious activity, keeping your Android device even safer. Read More each year. They’re not doing this for the good of their health — they’re doing it because the patches close dangerous, and previously unseen, security vulnerabilities.

For example, Google’s most recent update to their Nexus devices closed a loophole that could have allowed hackers to remotely execute code within the kernel. Affected devices would be permanently compromised; the only way to repair them would be to reinstall the operating system.

2. Can You Trust a Custom ROM?

Okay, lots of people don’t install custom ROMs — they just want to keep the vanilla operating system and delete all the manufacturer-specific bloatware.

But some people will install custom ROMs 6 Reasons You Need to Be Using a Custom ROM 6 Reasons You Need to Be Using a Custom ROM Custom ROMs are the best thing about having an Android phone! Don't miss out! Read More , either by choice or by accident. When I rooted my first Android phone — a Samsung Galaxy 2 — I accidentally installed a custom ROM without realizing. I was new to the process and simply followed the wrong set of instructions. Plenty of people will make similar errors.

Let me make this clear: custom ROMs are not all bad. But it’s foolish to think they are as robust, secure, and as frequently updated as the vanilla OS.

Google, Motorola, Samsung, Sony, et al all have mega budgets, and hundreds of people developing, testing, and refining their products. They can react quickly to any new threats and roll-out out updates to protect the vast majority of their user base. The guys behind custom ROMs have no such power.

And then there is the issue of deliberately malicious ROMs. Again, if you’re au fait with the rooting process and its surrounding community you’re unlikely to become a victim. But the vast majority of people don’t really understand the processes behind what they’re doing — they’re just following some step-by-step instructions they found online. People have been, and will continue to be, caught out.

3. Giving Root Access to Apps

If you’ve ever rooted one of your devices Take Control: Android Rooting Guide Take Control: Android Rooting Guide As of the writing of this guide, approximately 80% of the world's population owns their own cellphone. Out of those, 1.08 billion are smartphones. Read More , you’ll be familiar with some apps requesting root access via a pop-up message.

And I bet there have been many occasions where you blindly clicked on “Allow” without stopping to consider what you’re actually doing.

Root Superuser Request App

By allowing an app to have root access, you’re giving it access to your phone’s entire operating system. This totally bypasses all the built-in security that Android offers and lets it see sensitive data that’s stored deep inside your OS.

Apps with root access can also install other software without your knowledge. This software can include programs such as fake keyboards, key-loggers, and fake email apps. And they all have one goal in mind — to steal your personal information and feed it back to cyber-criminals.

4. Malware Threat

As I’ve written elsewhere on this site, anti-virus apps for Android 6 Android Security Apps You Should Install Today 6 Android Security Apps You Should Install Today Android security apps - capable of blocking malware and phishing attempts - are necessary if you wish to run a safe and secure smartphone. Let's look at some of the best Android security apps currently... Read More are largely obsolete. There is a reason that all the market leaders in the sector now advertise their products as security suites; they need to bundle more features to make them worthwhile.

These apps are largely obsolete for one reason: the vanilla Android OS is now really secure. Google have added more and more features down the years, and Android 7 is the most robust edition so far.

Rooting your device will evade lots of these OS-level security features. You’ll be instantly more vulnerable to worms, viruses, spyware, and Trojans. These can be delivered in the form of drive-by downloads, malicious links, and infected apps. One slip and you’ll be exposed; the device won’t be there to bail you out.

Tell Us Your Stories

These four points are not scaremongering, they are legitimate and real concerns that you need to be aware of. The worst thing you can do is take a “it won’t happen to me” approach — tens of thousands of people have done that, and tens of thousands of people have been caught out.

I’m not trying to dissuade you from rooting. There are some awesome benefits to unlocking 10 Amazing Android Customizations Worth Rooting For 10 Amazing Android Customizations Worth Rooting For Haven't rooted your device yet? Once you get a look at all this awesome root-only customizations, you might change your mind. Read More your device’s full potential. But you need to be aware of the downsides so you can make an informed decision.

As ever, I’d love to hear your stories. Did you root your device and later regret it? Have you been unlucky enough to be infected by a virus on your device? Are you still inclined to take a hands-off approach to your device’s security?

You can leave your thoughts, feedback, and tales in the comments section below.

  1. David
    October 31, 2016 at 10:57 pm

    I'm sorry but this entire article demonstrates a complete lack of security knowledge. Rooting your Android can a tool to making it entirely MORE secure. CyanogenMod is great alternative to the stock ROMs. Just because it's rooted doesn't mean every app will automatically get root privileges. There are a ton of things you can do to harden it, that can't be done on stock ROMs. You can get rid of the bloatware and spyware that comes bundled with phones. Manufacturers are slow to push out Android updates so you're able to get security updates a ton faster on CyanogenMod.

    Saying that you're automatically vulnerable to malware is patently false, and shows how little you know about rooting and security.

    • Dan Price
      October 31, 2016 at 11:57 pm

      Of course you *can* make it more secure, but it's not a direct benefit of rooting and not easy for an average user. What percentage of people who root are taking those extra steps? Very, very few.

      At the moment you root, you are instantly more vulnerable to malware (unless you take the aforementioned extra steps) - I don't believe that statement to be false.

      "Just because it's rooted doesn't mean every app will automatically get root privileges" -- not sure where I say or suggest that?

      • Doc
        November 2, 2016 at 2:02 pm

        "'Just because it's rooted doesn't mean every app will automatically get root privileges' — not sure where I say or suggest that?"

        It's implied that rooting your device lets EVERY program have root access, even though operating systems like Windows and Linux require explicit permission just like Android does in the "superuser" picture you included. Your article seems to imply "we (often) blindly clicked on Allow," when that's not the case, either. If you root your device, you're taking control of it - along with the consequences. Just like every Windows (Visa and up - UAC prompts), Mac OS, or Linux user, ever.

      • Bill
        November 23, 2016 at 4:45 pm

        Reading your article, it does seem implied that root access will be given to apps - you fraise it as blindly taping allow. Who is this article aimed at? Getting root access (especially nowadays) isn't that easy & I can't imagine people doing it, to then 'blindly tap allow' - moreover which malicious apps are people downloading that request this access?

        I don't see how you came to this buzzfeed-esque list of 4 reasons, when you could have 1 simple and concise reason...which you actually touched on in the article - the possibility to give malicious apps root access to your system. Also the OTA updates, that is a right pain.

        Could you also clarify your following paragraph please?
        "You’ll be instantly more vulnerable to worms, viruses, spyware, and Trojans. These can be delivered in the form of drive-by downloads, malicious links, and infected apps. One slip and you’ll be exposed"

        Specifically, how would being rooted, on a browser (with no root access) make you more exposed than being on a stock system?

        Anyway, I need to go - i just downloaded an app called "FREE movies and games 100% FREE and hot singles near you" and it's requesting root access.

        *tapping allow blindly*

Leave a Reply

Your email address will not be published. Required fields are marked *