Check this out : http://www.bbc.co.uk/news/technology-37005226
I have downloaded the Quad Rooter App: (https://play.google.com/store/apps/details?id=com.checkpoint.quadrooter) and it says my phone is vulnerable, I am running V10d latest security patch.
Should we be concerned?
you have to manually install a app for a app to exploit this. so you have to allow unknown sources and ignore any malware warning that google's verify app screen shows you in order to install it. so no. in actuality it might help several phones gain root access with a root exploit app that would take advantage of this to install root permanently
Don't you have to unlock your bootloader for Root access? As well as having to install third party apps from out side the play store?
I wouldn't worry. If you are careful with your apps you'll be fine.
@mikey_sk maybe u want to link to the source.
http://blog.checkpoint.com/2016/08/07/quadrooter/
Gesendet von meinem ONE E1003
Related
Well, hello. I'm most certainly a noob, although I do have experience with developing for android and using Linux on a PC system. I haven't done any rooting/unrooting/custom-firmware-flashing before, however.
I believe this question to be about Android devices in general and so I'm posting it here instead of a device-specific forum.
The short version of my question is:
Is it possible to install a custom firmware on my phone, but prevent apps installed in it from having root access?
The long version:
Having read about how the Android OS works, I understand that each app installed in a system basically has its own user account, and that's how privileges work: The OS simply doesn't allow this specific user/app to access other apps or hardware.
Unless I'm mistaken, rooting a phone makes all apps run under the same user account: root. Which means that all apps have access to every other app and all hardware on the device.
I found many web pages that explained that this is a security risk as malicious code could then use anything at all on the phone. This makes sense of course, that's why most applications on a Linux system don't run as root.
I understand why rooting the device is necessary to install a custom firmware on it, but what I haven't understood is why the device has to stay rooted afterwards. Isn't installing a custom firmware basically replacing the OS on the device? If so, couldn't I replace it with an OS that doesn't run everything as root but instead runs every app as its own user, like unrooted devices do?
I've searched this website and others for information on this but I haven't been able to find something that answers this question.
I found explanations for why unrooting is needed to install a custom firmware, but they didn't include why the resulting system can't be rooted.
I found guides on how to restore the original firmware on a device, which isn't what I'm looking for, although this process is called "unrooting" (the word seems to be misused here, but maybe that's just me).
I also found guides on how to trick certain applications, which won't run on a rooted device, into thinking that the device isn't rooted. However, the reason I'd prefer my device not to be rooted isn't to trick any applications but for security reasons.
What I'd basically like to do, is install custom firmware but, once that's done, ensure that applications I download from the Market or install directly don't have any more privileges than they've been developed to ask for. Is that not possible? I don't understand why not...
Gaining root access to your phone will not give a single app root privileges, for the most part you will use an app called superuser or supersu to allow or deny any app root access. (Sometimes baked into ROM)
But you have no worries, any app that you download from the market will not have root unless you give it
Sent from my Nexus 4 using xda premium
demkantor said:
Gaining root access to your phone will not give a single app root privileges, for the most part you will use an app called superuser or supersu to allow or deny any app root access. (Sometimes baked into ROM)
But you have no worries, any app that you download from the market will not have root unless you give it
Click to expand...
Click to collapse
Is that so? Thanks. It seems I was wrong at the very beginning of my logical process.
So, if I understand correctly, the lack of security isn't that anything installed has root access, but that it can have root access. Is that right?
Correct, even whatever custom ROM you are running has a built in app for lets say messaging, this will not have root access.
You just bow have the ability to do anything (mostly) to your device, but you don't have to
Sent from my Nexus 4 using xda premium
I wanted to start this thread because it appears the new Android Pay app will not work on rooted devices. It's not a device specific issue.
I was able to gain a small victory on my VZW MotoX 2014 unlock/rooted device. I disabled superuser within the SuperSU app and was able to add one of my CCs.
Thats where the good news stops. My phone does not work at retailers and I am no longer able to add any more CCs even with root disabled. There must be a fuse that triggers when the app discovers you are rooted.
I've tried xposed mods - Root Cloak and No Device Check with no luck.
I have not tried it at the store with the xposed mods, but I am not able to add any more CCs.
Thoughts?
I have kenzo cyanogen ROM installed (13.0-20160617 unofficial kenzo) I have used Lloyds banking app for a long time but tonight it tells me I can't log in as using a rooted or jail broken device. I haven't updated the app for a while or ran any other updates.
Is this room rooted by default? As I didn't think it was and I didn't think I had root.
Is there a way to fix it so I can use my banking app again?
It has a root option which you can enable. I can suggest trying root cloak but that also means you'll have to install xposed. Make sure root is turned off in dev settings and clear the cache/data of the banking app before trying root cloak. Otherwise you may have to settle for their website.
Root is off in the developer options. I wonder if the banking app can see the ROM or something else is not stock? Its frustrating as it was the reason I didn't root my phonephone/want it rooted.
I noticed that even installing an older version of the app I get same error so maybe something else has changed . if a system app has somehow updated and caused this? I am still on the original ROM from june. I haven't installed nightlies.
Either that or my account has somehow been flagged so even old app versions dont work(deleted data and folders etc from the app first.)
regarding ths problem - Im guessing its not looking at root as this is disabled, but it can see either an unsupported rom, or something else. Can i flash a different rom (prefereably not Miui) and regain the banking app? a rom that would be classes as supported?
I need help. Pretty clueless when it comes to technology. Bought new phone to use an app as my old one no longer supports the new updates.
New phone is Xgody LTE 4G with Android 6. The I want to use app does not work for security reasons? Browsed google using a few keywords. So far I've checked to see if the phone is rooted (not sure what this means) using Supersu app, no root found. Using SaftyNet the phone fails on basic integrity and CTS profile match, do not know what this means but I'm guessing it has something to do with the app not working.
I believe there is a work around. Have read something about Magisk which I think might hide whatever is on my phone from the SafetyNet tests and get the bank app working. The problem is I haven't a clue how to install this or what it is. Does anyone have a step by step guide how to do this, assuming the person doing the task hasn't got a clue? Any help appreciated.
jimmyshoottherunner said:
I need help. Pretty clueless when it comes to technology. Bought new phone to use an app as my old one no longer supports the new updates.
New phone is Xgody LTE 4G with Android 6. The I want to use app does not work for security reasons? Browsed google using a few keywords. So far I've checked to see if the phone is rooted (not sure what this means) using Supersu app, no root found. Using SaftyNet the phone fails on basic integrity and CTS profile match, do not know what this means but I'm guessing it has something to do with the app not working.
I believe there is a work around. Have read something about Magisk which I think might hide whatever is on my phone from the SafetyNet tests and get the bank app working. The problem is I haven't a clue how to install this or what it is. Does anyone have a step by step guide how to do this, assuming the person doing the task hasn't got a clue? Any help appreciated.
Click to expand...
Click to collapse
Which app are you trying to run?
TIDE banking app. Contacted TIDE and they've said my phone must be rooted but I checked with SuperSu and no root was found? This is all new to me, feel a little lost but I'm learning, slowly.
jimmyshoottherunner said:
TIDE banking app. Contacted TIDE and they've said my phone must be rooted but I checked with SuperSu and no root was found? This is all new to me, feel a little lost but I'm learning, slowly.
Click to expand...
Click to collapse
SuperSU might not be detecting root due to difference in su binary.
Try Root Checker Basic. You can get it from playstore.
jimmyshoottherunner said:
I need help. Pretty clueless when it comes to technology. Bought new phone to use an app as my old one no longer supports the new updates.
New phone is Xgody LTE 4G with Android 6. The I want to use app does not work for security reasons? Browsed google using a few keywords. So far I've checked to see if the phone is rooted (not sure what this means) using Supersu app, no root found. Using SaftyNet the phone fails on basic integrity and CTS profile match, do not know what this means but I'm guessing it has something to do with the app not working.
I believe there is a work around. Have read something about Magisk which I think might hide whatever is on my phone from the SafetyNet tests and get the bank app working. The problem is I haven't a clue how to install this or what it is. Does anyone have a step by step guide how to do this, assuming the person doing the task hasn't got a clue? Any help appreciated.
Click to expand...
Click to collapse
Try and actually root the phone and then install Magisk root instead of supersu and use magisk hide it, or install hide my root
phone not rooted according to root checker basic
jimmyshoottherunner said:
phone not rooted according to root checker basic
Click to expand...
Click to collapse
Is the phone brand new or is it secondhand?
The phone is new
Install magisk, it works.
Main question at the end of post.
I came across an app that said my device isn't rooted properly, when it is, or I thought it was?
Spyera is the app. For those not familiar, spyera is an app that is used to monitor devices, family members, employees, doesn't matter. Let's assume everyone owns the devices and those using the devices are aware. Not the point of the post.
spyera has a rooted and a non rooted version. The rooted version will not install on my devices. I talked to tech support and they are saying my device isn't a full root. Their software root algorithm says my phone isn't rooted. Basic root checkers and all of my apps requiring root seem to think my root is fine.
I have a few pixel 4xl device's and some samsung s21 ultras that are all rooted with magisk. All other root apps work fine.
This brings up my main question....is magisk a "full" root? Or is it something else?
Spyera tends to be a pretty reliable platform and if their software is saying I'm not rooted, I am curious what could be the reason.
Magisk is "full" root. If an app can't detect Magisk as a root solution it's poorly written.
And yes, that's a shady app... I'd be very careful with giving an app like that complete and full access to a device by giving it superuser permissions (or even install it in the first place). Also, doesn't sound like the company even knowns what they're talking about.
Thanks. And yes, very shady
@Didgeridoohan
Magisk ISN'T ROOT, it's a framework that allows to inject some functionalities into Android ecosystem.
jwoegerbauer said:
@Didgeridoohan
Magisk ISN'T ROOT, it's a framework that allows to inject some functionalities into Android OS.
Click to expand...
Click to collapse
And one of the parts of the Magisk suite of software is MagiskSU that provides root for Android applications... Sure, Magisk is more than "just" root, but when you talk about Magisk and root in the same context, generally it's understood that what you're actually talking about is MagiskSU.
But thanks for clarifying.