How can an application detect if you have a rooted device? - Droid Incredible Q&A, Help & Troubleshooting

I am currently testing out Good for Enterprise, it is an application that syncs your work email/calendar to your cell phone. One of the security policies they have implemented will not allow the application to run on rooted (android) or jailbroken (iOS) devices. Since I am testing it this rule doesn't apply to me, however, if they ever kick me off the Dev environment I would still want to use the app.
Does anyone have an idea on what the application may be using to detect rooted devices? If we can identify what it is looking for/checking, how easy would it be to spoof the application into thinking it was a stock/non-rooted device?

More or less, just deny it root access if it asks.

It could be looking for blocked host files.
||A noble spirit embiggens the smallest man||

I'm curious too. Maybe it looks for the superuser app? One anti virus I tried knew I was rooted too.
Sent from my Incredible using XDA App

Related

Wifi hacking App ?

has a feature like this??
would love to get it
thanks...
not really, altought there is something i found, a automatic searcher for not secure wifi points..
search for "penetrate" on the market...
Sorry, but if I was to find out someone was hacking into my secured network, there would be some serious ass kicking going on.
Additionally, this is considered illegal... unless using it solely for the purpose of testing the security of your own network
Sent from my HTC Desire using XDA App
"wardrive"
There is this app "wardrive", of course it only preforms wardrive operations but it does it very nicely!
I have looked at some forums for apps for WEP-cracking, injecting and similar actions for Android, but there don't seem to exist at the moment.
People talked about booting a Debian/Slackware/Backtrack distro, and I for one would love backtrack tools like aircrack-ng etc on our devices.
But all in do time, I think it will appear when the platform is more mature. Until then, we can map with the wardrive app and use our lappies for the more serious stuff. For fun, here in Sweden these kinds of apps is not illegal

Friendly advice for Frozen ROM flashers

My anti-virus (Microsoft Security Essentials) detected the rage againstthecage file as an unwanted program and offered to delete it. This will cause you a problem flashing, especially if your AV program just silently deletes the file. Check that it does not delete the file.
Posting here because I am not authorized to post in Dev forum
Sent from my SPH-D700 using XDA App
I noticed that as well when I was trying to apply CWM3. I manually dragged the file over, then it'd finally stick, but I still had problems applying and it wouldn't recognize the phone. I had to open Essentials and tell it to ignore the file in a dropdown box, then I was finally able to flash CWM.
This is a problem for all android and has been for awhile. Most av see this as a back door virus and in a way it is.
Sent from my SPH-D700 using Tapatalk
This is a very common thing. For me personally, I haven't used antivirus in years because of things like this. Anything from a/v messing up the htc mogul unlocker to it deleting some torrented (legal) software. I just stick to windows firewall and spybot with registry defender.
Sent from my SPH-D700 using XDA App
Any root exploit *IS* technically a *VIRUS*... Based on the fact that it is an *exploit* to backdoor features not specifically released and gain access to software features not typically deployed to the public..

Barclays Pingit doesnt work for root users.

Ive recently downloaded the barclays pingit app for my dhd and the app has a built in checker to see if your phone has root access and denies you access to the app if you are.
does anyone know a way of tricking the app into thinking im not rooted, ive been waiting for a barclays mobile app for android since ive been on android and now they have one i cant use it.
thanks,
Nathan
Yes I want to do this also; I am wondering if I could temporarily turn off Super-User on my SGS2, would I then be able to configure Pingit, hoping to turn SuperUser back on and then run it OK.
maybe
could always try renaming the SU folder. This will temporarily unroot the device, but you might need to do that by adb. The only reason the app is blocked from rooted devices is to protect you though. If you forced your way passed security and were frauded then banks arent so kind at refunding you if you are a victim of fraud.
I believe the app will be opened up to rooted devices later on, I know the beta pingit worked on rooted devices, but crashed. Might have been due to me using ICS though.
Spoken to Barclays about this
Ok, so after a couple of usual answers from the normal ill informed call handlers, I was told that "not many people use a rooted device"
Barclays I guess are not that bothered about missing out on a sector like myself, that run An It support company, and are small enough to not be able to afford Pdq machines, and wont to provide an alternative payment method to its customers. Given the nature of our business, it wouldn't be surprising that we would have rooted out devices...!
Anyway after much moaning, I still could not get a "real" reason why the Barclays developers, are worried about rooted devices..the only answer I was given was "the developers dont want rooted users changing or seeing their work" !!...
So the point of this reply is to post the email address I was given to email barclays about the lack of support for the app on a rooted phone.
I was told to put PINGIT in the subject field and send it to [email protected]
Who knows if enough people email them, they may realise its worth allowing the app onto rooted devices.
Chris
reppo28 said:
So the point of this reply is to post the email address I was given to email barclays about the lack of support for the app on a rooted phone.
I was told to put PINGIT in the subject field and send it to [email protected]
Who knows if enough people email them, they may realise its worth allowing the app onto rooted devices.
Chris
Click to expand...
Click to collapse
Good idea Chris, I have used this wording in my message to them;
“Pingit is just what I have been waiting for! However you have made it so I can’t use it on my fantastic Rooted Samsung Galaxy S2; I will not be giving up my phone to get Pingit, no I will simply change banks to whom ever first offers the same type App.
Goodbye Barclays”
PINGIT
I emailed Barclays (as per email address above), and was given this response:
It is not possible to download and use the Barclays Pingit App on rooted android phones and Jail broken Iphone as they could allow other
applications running on the devices to capture the five digit security passcode that is used to access the Pingit App which may result to fraud.
If we come across any phones that are being attempted to download the app through by passing this option they will be blocked for security
reasons.
Consequently at this present moment in time, we have no plans to allow either rooted or jailbroken phones to access the app.
Click to expand...
Click to collapse
Wouldn't a keyboard app capture that security key on unrooted devices, too? If so, surely logic follows that unrooted phones with custom keyboards should also be blocked.
The irritating thing about their explanation is that the root check happens after they ask for all your details. Security fail.
OK I got it working with the following step.
Install SuperSU
Install Voodorootkeeper.
Using Root explorer or similar. Go to sys/apps Rename superuser.apk to superSU.apk
Run Voodoo rootkeeper and temp hide root.
Pingit it should now work.
PayPal works beautifully on rooted phones, which in my mind is reason enough for other financial institutions to follow their lead!
Sent from my Desire HD using Tapatalk 2
gcarter said:
PayPal works beautifully on rooted phones, which in my mind is reason enough for other financial institutions to follow their lead!
Sent from my Desire HD using Tapatalk 2
Click to expand...
Click to collapse
PayPal isn't a bank/building society and isn't regulated by the FSA. That means they don't have to follow "best practice" with regards to security. Barclays have tried to minimise all possible avenues for fraud.
Does the Pingit app use its own build in keypad or does it use whichever keyboard you have installed and selected?
It's own keypad.
Humma78 said:
OK I got it working with the following step.
Install SuperSU
Install Voodorootkeeper.
Using Root explorer or similar. Go to sys/apps Rename superuser.apk to superSU.apk
Run Voodoo rootkeeper and temp hide root.
Pingit it should now work.
Click to expand...
Click to collapse
This didn't work for me. Any ideas how else this can be achieved?
I take it there is no workaround?

[Q] App to view and control phone on computer.

Delete
Or you could... You know... Pay attention in class and leave the Faceplant Twitscape til after school...
Sent from my SPH-L900 using Tapatalk 2
Skripka said:
Or you could... You know... Pay attention in class and leave the Faceplant Twitscape til after school...
Sent from my SPH-L900 using Tapatalk 2
Click to expand...
Click to collapse
I guess that's for the best...
Two ways to do this...root and no root...
I was looking for the same to provide support to clients. There are two ways I've found to do this...
1) My Mobiler:
Not sure if ypu guys remember this from the good old WinMo days, but My Mobiler is now available for Android users for some time. Must be rooted and config is a little tricky on Samsung phones (easy on HTC and Moto), but once you get it working it's great for local control via USB or WiFi, or remote control via VPN or some other virtual network. Google it. Unfortunately you have to be rooted so not for everyone.
2) Teamviewer:
For Samsung devices only...no root required, free! One click install! Works great on GN2, GS3, and GN10.1 (those are the only three I tested, may work with others). Just go to the Play Store and search for Teamviewer Quicksupport. With free Teamviewer app on desktop or another Android device, any user with a compatible device can send you an invitation to allow you remote control desktop sharing of their device. According to Teamviewer, this only works on stock rom. I'm running stock MA7 rooted on my GN2 and it works great. Easy reliable connection, setup couldn't be simpler, and Android to Android remote control is great. And since no root is required, if you happen to buy a Samsung smartphone or tablet for your mom or dad, it's a great way to help them out when they call you for help!

Question Why do companies fight Android (P6P) rooted while not Windows OS?

Need some feedback from the community. What the title says. I can download Hulu on Windows 11/10 (desktop computer with unlocked processor and root permissions of the OS) and watch everything through my account but with Android P6P rooted, it's a PAIN IN THE ASS to watch hulu through the app.
I just don't understand the logic here. Can someone explain the difference?
rester555 said:
Need some feedback from the community. What the title says. I can download Hulu on Windows 11/10 (desktop computer with unlocked processor and root permissions of the OS) and watch everything through my account but with Android P6P rooted, it's a PAIN IN THE ASS to watch hulu through the app.
I just don't understand the logic here. Can someone explain the difference?
Click to expand...
Click to collapse
They are different things. I am not an expert but I know that android is linux based and windows isn't. There are different techniques used to display things, get root access, use the internet/apps etc. Also, the processor comes unlocked and it is meant to be that way unlike the phone which comes locked.
stelmilt said:
They are different things. I am not an expert but I know that android is linux based and windows isn't. There are different techniques used to display things, get root access, use the internet/apps etc. Also, the processor comes unlocked and it is meant to be that way unlike the phone which comes locked.
Click to expand...
Click to collapse
Fair point, my computer comes with an unlocked processor, but the phone comes with an unlockable bootloader, but that's a pretty weak argument with over the top restrictions from these vendors. It seems like they all have a vision in the future and that's everything behind a server wall in the future I bet and you are just a dumb terminal with a data pipe.
I guess another side point is how do you check which level of widevine you have? If memory serves me, on A13 if you don't have the proper level apps don't show movies like Hulu. Has this been solved for A13 on P6P?
Further review of doing identity check, I am getting an HDCP disconnected error when using hulu. Seems like the Hulu apk is looking for HDCP connect status.
Yep, Windows is a very different animal. Even with UAC (User Account Control) that has existed since Windows Vista, the main account of a Windows PC is still an Admin and effectively has root control. You can store Word documents in the Windows\System32\Drivers subfolder if you want. This kind of thing happens by accident all the time. It's pretty crazy, really.
I think even "Standard" (non-Admin) Windows accounts have far greater permissions than they would for some aspects they would on a Linux-based device. I think Standard users can still store things in the wrong places, but probably not as many wrong places, and they can't access other users' folders.
In the end, streaming services operating on a Windows PC have to operate without as strict conditions because the computer is already "rooted" as it comes from the manufacturer.
rester555 said:
Need some feedback from the community. What the title says. I can download Hulu on Windows 11/10 (desktop computer with unlocked processor and root permissions of the OS) and watch everything through my account but with Android P6P rooted, it's a PAIN IN THE ASS to watch hulu through the app.
I just don't understand the logic here. Can someone explain the difference?
Click to expand...
Click to collapse
There is ZERO difference, except EXPECTATION.
Because the software vendor CANNOT expect any desktop/laptop to not provide elevated privileges on demand, but STUPID FRIKKIN GOOBLE built it with these fundamental restrictions in as expectation.
I have hulu bought, but I can't watch it, so I ended up getting a modded apk
tl;dr; because android and Linux are open source
Whenever the app is starting either in windows or android, the only thing it can reach out it's an operating system. The app has almost no privileges over the OS while the OS has ALL over the app. Since the app wants to work with its own data that shouldn't be leaked, the app somehow must ensure it can trust the highly privileged OS before it brings the data into it. How an app can ensure? Well, with certain assumptions it can.
Windows is a proprietary OS with proprietary drivers. All drivers and critical binaries in the OS are passing Microsoft's signing to ensure they aren't modified and their developers are known. OS and drivers are all binaries which makes them hard to be modified or at least such modification would require abnormal resources like expertise, time, money, and knowledge. Windows passes different certifications, security audits, and under permanent attention from security researches. Such things as audits are trying to ensure the OS applies all available security measures and is using available hardware to protect the system and apps from intrusion/modification, thus enterprises trust it. Considering the all above, you, as an app developer, can easily assume: I can trust Windows as its binaries can be hardly modified as it leverages hardware to secure everything, so whenever our app will ask the OS to provide a hardware protected storage for the data, the app will get it.
The all above applies to the stock Android as well, and apps trust such systems. The only difference here is that app developers know that Android and Linux kernel are open source and anyone can modify them and flash into the phone. Now, how an app can ensure it runs on the OS that can be trusted? The app can do that by checking whether the OS is rooted or not. If it's rooted, the OS is certainly somehow modified. The app's devs are assuming that highly privileged modified OS can fake/emulate secure storage and steal the app's data from the less privileged app.
If you wish here is an analogy: Windows is a Ritz Hotel and Android is AirBnB. While they are serving the same purpose: host you as a guest, they are different, and you'll deal with them differently as a guest. Ritz has reputation, a license to run a business, and no one can fake a Ritz hotel. When you stop in a Ritz hotel, you can 100% be sure you can trust it and there are no hidden cameras in rooms as well as you can expect a decent service. Absolutely different story with AirBnB. In AirBnB everyone can be a host, and this brings a problem with a trust to a random person. Once you stop in Airbnb apartments, you highly likely will try to find a hidden camera to understand whether you can trust the host or not.
PS: as per my knowledge, some banking apps aren't running on rooted phones due to same reasons
burned-donut said:
tl;dr; because android and Linux are open source
Whenever the app is starting either in windows or android, the only thing it can reach out it's an operating system. The app has almost no privileges over the OS while the OS has ALL over the app. Since the app wants to work with its own data that shouldn't be leaked, the app somehow must ensure it can trust the highly privileged OS before it brings the data into it. How an app can ensure? Well, with certain assumptions it can.
Windows is a proprietary OS with proprietary drivers. All drivers and critical binaries in the OS are passing Microsoft's signing to ensure they aren't modified and their developers are known. OS and drivers are all binaries which makes them hard to be modified or at least such modification would require abnormal resources like expertise, time, money, and knowledge. Windows passes different certifications, security audits, and under permanent attention from security researches. Such things as audits are trying to ensure the OS applies all available security measures and is using available hardware to protect the system and apps from intrusion/modification, thus enterprises trust it. Considering the all above, you, as an app developer, can easily assume: I can trust Windows as its binaries can be hardly modified as it leverages hardware to secure everything, so whenever our app will ask the OS to provide a hardware protected storage for the data, the app will get it.
The all above applies to the stock Android as well, and apps trust such systems. The only difference here is that app developers know that Android and Linux kernel are open source and anyone can modify them and flash into the phone. Now, how an app can ensure it runs on the OS that can be trusted? The app can do that by checking whether the OS is rooted or not. If it's rooted, the OS is certainly somehow modified. The app's devs are assuming that highly privileged modified OS can fake/emulate secure storage and steal the app's data from the less privileged app.
If you wish here is an analogy: Windows is a Ritz Hotel and Android is AirBnB. While they are serving the same purpose: host you as a guest, they are different, and you'll deal with them differently as a guest. Ritz has reputation, a license to run a business, and no one can fake a Ritz hotel. When you stop in a Ritz hotel, you can 100% be sure you can trust it and there are no hidden cameras in rooms as well as you can expect a decent service. Absolutely different story with AirBnB. In AirBnB everyone can be a host, and this brings a problem with a trust to a random person. Once you stop in Airbnb apartments, you highly likely will try to find a hidden camera to understand whether you can trust the host or not.
PS: as per my knowledge, some banking apps aren't running on rooted phones due to same reasons
Click to expand...
Click to collapse
That is all hogwash. They harass owners of mobile devices *because they can*, which is exclusively connected to expectation and not security.
As for your example of a custom compiled kernel, THAT IS NOT ROOT. That's just a custom compiled kernel.
96carboard said:
As for your example of a custom compiled kernel, THAT IS NOT ROOT. That's just a custom compiled kernel.
Click to expand...
Click to collapse
It’s not a “just”. Kernel is the most privileged part of the whole system and “just custom compiled” for app developers means “it’s no longer a kernel signed by the manufacturers we trust as they have contracts with vendors supplying a DRM subsystem and this unknown kernel has endless power over the system and who knows how it was altered”. Thus “just custom compiled android” with “just root functionality” is the same thing from the app’s perspective. Google for “android verified boot” and you’ll learn why “just custom compiled kernel” breaks the chain of trust.
PS: in past I was a developer of a linux multimedia devices that had supported the same thing to play drm media. Without proper drm support which requires a verified boot no one will allow you to join the US media market and import your devices. If Hulu app would allow to play a licensed content on devices without drm+verified boot — the Hulu immediately would be kicked out from the market by other players.
burned-donut said:
tl;dr; because android and Linux are open source
Whenever the app is starting either in windows or android, the only thing it can reach out it's an operating system. The app has almost no privileges over the OS while the OS has ALL over the app. Since the app wants to work with its own data that shouldn't be leaked, the app somehow must ensure it can trust the highly privileged OS before it brings the data into it. How an app can ensure? Well, with certain assumptions it can.
Windows is a proprietary OS with proprietary drivers. All drivers and critical binaries in the OS are passing Microsoft's signing to ensure they aren't modified and their developers are known. OS and drivers are all binaries which makes them hard to be modified or at least such modification would require abnormal resources like expertise, time, money, and knowledge. Windows passes different certifications, security audits, and under permanent attention from security researches. Such things as audits are trying to ensure the OS applies all available security measures and is using available hardware to protect the system and apps from intrusion/modification, thus enterprises trust it. Considering the all above, you, as an app developer, can easily assume: I can trust Windows as its binaries can be hardly modified as it leverages hardware to secure everything, so whenever our app will ask the OS to provide a hardware protected storage for the data, the app will get it.
The all above applies to the stock Android as well, and apps trust such systems. The only difference here is that app developers know that Android and Linux kernel are open source and anyone can modify them and flash into the phone. Now, how an app can ensure it runs on the OS that can be trusted? The app can do that by checking whether the OS is rooted or not. If it's rooted, the OS is certainly somehow modified. The app's devs are assuming that highly privileged modified OS can fake/emulate secure storage and steal the app's data from the less privileged app.
If you wish here is an analogy: Windows is a Ritz Hotel and Android is AirBnB. While they are serving the same purpose: host you as a guest, they are different, and you'll deal with them differently as a guest. Ritz has reputation, a license to run a business, and no one can fake a Ritz hotel. When you stop in a Ritz hotel, you can 100% be sure you can trust it and there are no hidden cameras in rooms as well as you can expect a decent service. Absolutely different story with AirBnB. In AirBnB everyone can be a host, and this brings a problem with a trust to a random person. Once you stop in Airbnb apartments, you highly likely will try to find a hidden camera to understand whether you can trust the host or not.
PS: as per my knowledge, some banking apps aren't running on rooted phones due to same reasons
Click to expand...
Click to collapse
A custom kernel is not the same thing as root. In classic Linux and UNIX, root is a user account that can do pretty much anything (even delete the entire OS if you know what flags to pass to rm, I will not go into what they are). Root is present on a lot of Linux distros until disabled, and all variants of BSD.
Next time do your research before acting like you know what you're talking about, there will always be someone who actually knows that will take you down a peg.
dragynbane222 said:
A custom kernel is not the same thing as root.
Click to expand...
Click to collapse
You didn't read my comment carefully. I did say:
burned-donut said:
Now, how an app can ensure it runs on the OS that can be trusted? The app can do that by checking whether the OS is rooted or not. If it's rooted, the OS is certainly somehow modified.
Click to expand...
Click to collapse
The app doesn't care about the rooting itself, it has only concerns about whether it can trust the whole system or not. If the system is rooted → it came from an unverified source → it's likely somehow modified because it's open source → no trust. The rooting is only a red flag because none of stock Androids have it. Nowadays, there could be other options to check whether the chain of trust is broken or not, so apps could decline to work even if there is no rooting at all but custom kernel had broken the chain.
dragynbane222 said:
root is a user account that can do pretty much anything even delete the entire OS
Click to expand...
Click to collapse
That's no longer true. The Linux kernel (and Android particularly) has the SELinux subsystem that can be tuned up to prevent a root user from doing that. Kernel has absolute privileges, and kernel can manage what's allowed to the root user. Next time, do your research before acting like you know what you're talking about.
burned-donut said:
It’s not a “just”. Kernel is the most privileged part of the whole system and “just custom compiled” for app developers means “it’s no longer a kernel signed by the manufacturers we trust as they have contracts with vendors supplying a DRM subsystem and this unknown kernel has endless power over the system and who knows how it was altered”. Thus “just custom compiled android” with “just root functionality” is the same thing from the app’s perspective. Google for “android verified boot” and you’ll learn why “just custom compiled kernel” breaks the chain of trust.
PS: in past I was a developer of a linux multimedia devices that had supported the same thing to play drm media. Without proper drm support which requires a verified boot no one will allow you to join the US media market and import your devices. If Hulu app would allow to play a licensed content on devices without drm+verified boot — the Hulu immediately would be kicked out from the market by other players.
Click to expand...
Click to collapse
What are you on about? That has nothing to do with this discussion.
burned-donut said:
it's likely somehow modified because it's open source
Click to expand...
Click to collapse
Being open source has NOTHING AT ALL to do with whether or not it is modified.
96carboard said:
Being open source has NOTHING AT ALL to do with whether or not it is modified.
Click to expand...
Click to collapse
Sorry, no wish to continue a discussion after such confident but fallacy statement. Good luck.

Categories

Resources