CyanogenMod Creator Tells Android Users to Rethink Rooting
July 29, 2013 11:22 AM
comment(s) - last by
Google's modifications make root less powerful in Android 4.3, and that's good says Steve Kondik
Power users have long rooted their smartphones to gain access to capabilities not available to locked devices. Apple, Inc. (
actively fights rooting
; Microsoft Corp. (
) allows it, but
only for developers
; and Google Inc. (
) and its OEM partners mostly
condone and support rooting
But the key issue with rooting is that it
opens the device up to new attacks
(one of the justifications Apple often gives for fighting rooting).
Steve "Cyanogen" Kondik -- a Washington-area Android developer whose CyanogenMod replacement firmware is currently used by
over 5 million Android users
-- points out that new APIs from Google make keeping root privileges active in aftermarket mods (like CyanogenMod) less essential. He
introduces some new and much needed security features which not only restrict setuid binaries on the system partition (su), but also limit the capabilities of processes. In the current architecture, even if you could get elevated privileges, you can't do anything out of the ordinary. Root in the shell via ADB is all I use, and it still works just fine.
Steve "Cyanogen" Kondik [Image Source: Google+]
In other words, Google is restricting root for security reasons. But Mr. Kondik
Android's open source make this a virtual non-issue:
This isn't a problem for me, since I use CM. When there is a situation that I'd need root, I just modify the system to accomodate what I'm trying to accomplish in a secure way.
A few good use cases for root are:
* Firewalls and network software, potentially requiring raw sockets.
* Managing the DNS resolver
* Tweaking various sysfs nodes to control the kernel
All of these can be done without exposing root, and they can be done in a very secure way.
CyanogenMod is aiming to provide alternatives to full blown root access.
In a follow-up post, he continues to push his philosophy that deep firmware fan mods (such as his own CyanogenMod framework) are a superior alternative to using a stock ROM and simply leaving exploit-granted root privileges open. He
Now you can write your app and a whole new class of applications that you couldn't do without using the root sledgehammer before. Yeah, it's harder, and you need to learn the system architecture a bit, but the result is much better and more importantly it's not a gaping security hole.
I might be exploiting this as an opportunity to sell the ideas behind CM, but I think it's a powerful concept. If your app needs to do something that normally can't be done, you can easily bend the system to your will and do it right.
Android 4.3 cracks down on root's capabilities.
For those users who want root he reassures that he will continue to support it, writing in
yet another follow-up
Just to be clear- I have no intention of removing root from CM. What I want to see is the common use cases supported by the platform so that we can write more powerful apps.
But it's clear that he feels that leaving root open is a dangerous proposition, even for your average power-user. He also feels that regimented privilege extension via new API frameworks are a superior alternative.
Steve "Cyanogen" Kondik 
This article is over a month old, voting and posting comments is disabled
RE: Cool stuff.
7/29/2013 1:59:24 PM
I picked one up on Friday and I am pretty happy with it. Best Buy must have received a bad batch because I went through two before finding one that didn't have a bad OS that kept erroring. A little nervous about that but otherwise loving it. I haven't needed to root it yet but I may eventually.
It seems pretty fast thus far. The anand review actually indicates that this thing is running an underclocked Snapdragon 600.
The only thing I wish this thing had was an active digitizer a la the Note 8.0. If these two devices could be combined it would be the perfect table in my opinion. I would definitely pay more for that. Otherwise I'm pretty happy.
"We basically took a look at this situation and said, this is bullshit." -- Newegg Chief Legal Officer Lee Cheng's take on patent troll Soverain
Best Buy Steals Google's Thunder, Already Taking Pre-Orders for New $229 Nexus 7
July 24, 2013, 7:24 AM
Quick Note: CyanogenMod Hits 5 Million Users
May 16, 2013, 1:42 PM
Developer Finds Security Hole in Galaxy Note II, S2
December 17, 2012, 8:31 PM
Microsoft's Windows Phone Jailbreak Partner Considers Calling it Quits
January 2, 2012, 9:35 AM
HTC Begrudgingly Allows Bootloader Unlocking
December 30, 2011, 10:33 AM
Apple’s iPhone 6 to Get NFC Payment Capabilities, September 9 Event Confirmed
August 28, 2014, 11:43 AM
Samsung Announces Tizen-based Gear S Smartwatch That Can Make/Receive Phone Calls
August 28, 2014, 12:00 AM
LG Announces G Watch R Smartwatch, Will Launch in Q4
August 27, 2014, 11:45 PM
Archos Offers $99 WinPhone, $150 x86 Win8.1 Tablet, Android Trio
August 27, 2014, 7:07 PM
HTC Desire 510 Officially Announced, May be First 64-Bit Android Smartphone
August 27, 2014, 3:50 PM
Report: Apple to Unveil "iWatch" at iPhone 6 Event on September 9
August 27, 2014, 2:00 PM
Most Popular Articles
Microsoft's Surface 2 Tablet Family Gets a $100 Price Cut
August 25, 2014, 1:16 AM
Report: Microsoft to Announce Windows 9 on September 30
August 21, 2014, 11:20 AM
From HULC to FORTIS: the Evolution of Lockheed Martin's Incredible Exosuit
August 22, 2014, 12:45 PM
SpaceX Falcon 9-R Rocket Suffers Malfunction, Self-Destructs During Test Flight
August 23, 2014, 9:36 AM
Owner of "Decepticon" Maserati Ordered to Appear in Court This Thursday
August 25, 2014, 7:55 AM
Latest Blog Posts
Space Terrorism is a Looming Threat For the United States
Apr 23, 2014, 7:47 PM
Facebook Aims to Provide Internet to "Every Person in the World" with Drones, Satellites
Apr 1, 2014, 10:20 AM
Retail Mobile Sites Experience Outages in Light of Simplexity's Bankruptcy
Mar 14, 2014, 8:48 AM
Tesla vs. BMW: Who Has the Safer EV?
Feb 1, 2014, 2:56 PM
Justice Leaks Details of Next HTC One Two Flagship Phone
Dec 5, 2013, 4:04 PM
More Blog Posts
Copyright 2014 DailyTech LLC. -
Terms, Conditions & Privacy Information