Originally Posted by globatron
First let me start by start by saying I agree that everyone has a right to do what they want. I advocate neither position in this ( rooting or not ) I have provided support for S-OFF and rooting and tried to make it as strightforward and safe for people as possible but would never push pople who don't ant to down that route. I do however take issue with the (mis) information below.
This is completely inaccurate. Rooting is the process of obatining root. In the case of using a vulnerability to obtain root access on a closed device this does require an exploit, however on an unlocked or S-OFF device it is simply installing additional software that allows for root acess to be used. Depending on the method used and when/where it is applies it may or may nor present a security issue.
A device rooted in recovery mode for example does not provide for an additional security threat in normal usage.
Not inaccurate, just doesn't apply to all models as it pertains to risk level, but for the majority of devices an exploit must be obtained. I can provide examples if you like. Although I have seen your work and have no doubt you know your stuff. A recovery exploit is still an exploit and is just as risky, recovery can brick you if you're not careful, so can hboot and radio security.
Is root not obtained by back dooring the device so to speak? I've had this conversation with devs regarding other devices. As a quick example, HTC patched the Thunderbolts root method and I was quite pissed about it, xoomdev, a dev I respect greatly, told me while blocking root sucks, plugging exploits is the responsible thing to do. This "exploit" was how the Thunderbolt obtained root. The "process" of obtaining root is taking advantage of security vulnerabilities in the device on the path to gaining super user access and permissions. In fact, some root programs tell you to disable your anti-virus before proceeding. If exploits weren't being exposed then all phones could essentially be rooted the same way, different vulnerabilities, different root methods.
Some companies make it easier than others, HTC unlock and MOTO dev for example. In thoses cases you're right, a simple install and or adb commands and you're well on your way, but that doesn't apply to all models and all devices. The Flyer is lucky enough to be supported by HTC unlock (I think), my comments weren't Flyer specific but general. HTC kinda left the door open here but other models required quite a bit of elbow grease.
I AM NOT advocating against rooting. I feel it's necessary for some devices, I have examples there too. I've rooted and ROM'd several devices. And I would NEVER tell someone what he or she should do with a device they spent their money on, although I've suggested a few times
. Rooting is fun and I love the devs on xda, I've just kinda lost interest in it. It's not just about security that's just one example.
Moving on....I think.
Sent from my HTC_Flyer_P512_NA using Tapatalk