Android is based on the Linux kernel, so right from the start, tinkerers and power users were interested in gaining root access to make changes and graft on new features. In the early days, this was a fairly simple procedure on most devices. There were several apps and tools that could root almost any Android phone or tablet, and you’d be ready to truly master your device in mere minutes. As Android became more capable, the allure of rooting has diminished somewhat — it’s also much harder and riskier than it used to be.
So what are the advantages and risks of rooting these days, and why are some devices resistant to rooting? Let’s see if we can’t figure it out.
The advantages of rooting
Gaining root access on Android is akin to running Windows as an administrator. You have full access to the system directory and can make changes to the way the OS operates. As part of rooting, you install usage manager (SuperSU is the main one right now). These tools are basically the gatekeeper of root access on your phone. When an app requests root, you have to approve it using the root manager.
So what can you do with root specifically? Let’s say there’s a system app that you really don’t like seeing, but it can’t be disabled through the standard method. With root you can run an app like Titanium Backup to delete or permanently hide the app. Titanium can also be used to manually back up all the data for an app or game so you can restore it to another phone. Want to change the way your device’s CPU behaves or alter the system UI? Those also require root. Ad-blocking software on Android needs root access as well (it modifies the Android hosts file to block known ad servers).
Android has more built-in backup smarts than it once did, but having root access ensures you’ll never lose anything again. Not only can you restore “deleted” files, you can make full backups of your apps and system. That’s handy in case your tinkering breaks something, and you have to repair the OS.
The risks of rooting
Rooting your phone or tablet gives you complete control over the system, and that power can be misused if you’re not careful. Android is designed in such a way that it’s hard to break things with a limited user profile. A superuser, however, can really trash things by installing the wrong app or making changes to system files. The security model of Android is also compromised to a certain degree as root apps have much more access to your system. Malware on a rooted phone can access a lot of data. Again, you need to be careful what you install.
For this reason, Google does not officially support rooted devices. There’s even an API called SafetyNet that apps can call on to make sure a device has not been tampered with or compromised by hackers. A number of apps that handle sensitive data will do this check and refuse to run on rooted devices. One of the most prominent examples of this is Android Pay — it cannot even be opened on devices that fail the SafetyNet check. If losing access to high-security apps is a big deal, you might not want to mess around with rooting.
Root methods are sometimes messy and dangerous in their own right. You might brick your device simply trying to root it, and you’ve probably (technically) voided your warranty doing so. Depending on the company, you might still be able to get a device repaired if you damage it attempting a root, but that’s not a guarantee.
Starting in Android 5.0 Lollipop, system updates for some phones (like Nexus and Pixel devices) will only work on stock unrooted devices. This is because of a change to the way Android processes the OTA file. Updates now patch the entire system directory as a single blob, so any changes or extra files (i.e. root) will throw off the verification and the update will abort.
On other phones and tablets, virtually every OTA update you get will wipe out root and block the method from working again. If having root access is really important to you, you might be left waiting on older buggy software while you beg for a new root method or a modded OS update.
Why is rooting so much harder than it used to be?
If you’ve been using Android for a while, you’ve probably noticed gaining root access on most devices is much harder than it once was. There were exploits years back that could root almost any Android device in a few minutes, but that’s much less common now. The last essentially universal exploit was Towelroot in mid-2014, but Google patched that rather quickly.
The reason these exploits are patched so quickly now is that having active exploits on your system is actually a bad thing for most users. These are security holes that can be utilized by malware to take over a device remotely and steal data. Google and the device makers are being responsible when they shut down root methods after they are disclosed. After 2015’s Stagefright issues, there are monthly security patches for some devices like the Pixel and Nexus phones. Carriers and OEMs are also better about rolling out these monthly patches on a semi-monthly basis to patch flaws. Sometimes, that includes root exploits.
Android is more secure, and it takes more work to break that security in a way that can grant root access. As a result of this cat-and-mouse game, root exploits are often pretty involved. You might have to push files to your device over USB, enter terminal commands, and flash modified files.
The effort needed to find, test, and develop exploits of this nature is a big part of the reason some popular devices don’t even have public root methods. That’s not to say there aren’t exploits in these devices, but they’re far too valuable to be given away freely to the community. If you peruse XDA, you might come across one of the many root bounty threads where users pledge thousands of dollars to anyone who can offer a working root method for a phone. This works sometimes, but it’s notoriously hard to collect on these bounties and a few thousand dollars isn’t actually terribly much for a solid exploit.
Anyone who does security testing and research on Android will tell you there’s real demand for non-public exploits among security and forensics firms. A modder could make several times the theoretical value of a root bounty on XDA by selling an exploit to one of these companies. A universal exploit like we had back in the day could be worth tens of thousands easily. Most people just won’t give that away for a pittance.
So should you do it?
If you’re primarily interested in Android because you want to tinker, you should figure that in when you choose a phone. Don’t get something hoping that root method will be released, because you might be waiting a long time for a messy exploit that gets patched right away. There are some devices that are relatively friendly to rooting, like Nexus and Pixel devices. They have unlockable bootloaders and can be rooted without much trouble. They also have system images that can be used to restore the device in case something goes wrong.
If you’re not familiar with Android’s tools and how to fix issues with a command line, you might want to give this some thought. Root can be a lot of fun to play around with, but it can also lead to plenty of frustration as you try to fix errors caused by overzealous modding. The added issues with security lockouts via SafetyNet should also give you pause.