'Legitimate' rooting apps paving way for malware

Companies that create tools for "rooting" Android phones may be within the law, but they may be inadvertently paving the way for malware developers

android apps gears productivity
Thinkstock

Companies that create tools for "rooting" Android phones may be within the law, but they may be inadvertently paving the way for malware developers.

According to a paper presented this week by University of California professor Zhiyun Qian, the developers of commercial root apps work hard to break the security of Android devices -- and then malware developers either piggyback on those exploits or figure out how they work and incorporate them into their own apps.

Somewhere between 27 and 47 percent of all Android smartphones are rooted, said Qian. This allows users to get rid of pre-installed apps that are otherwise impossible to remove, to personalize their phones beyond what is allowed by the official limits, to get better backups, or better power management tools.

"In the U.S., jailbreaking is legal," he said. "It's actually a legitimate business to distribute these exploits. It can be used to do good things."

In practice, however, it means that users are, in effect, hacking into their own phones.

"I'm launching an attack against my own device," Qian said.

To continue reading this article register now

  
Shop Tech Products at Amazon