Exploid Root, Should we be worried?

Discussion in 'Android Hacks and Help' started by GodfatherIP, Aug 23, 2010.

  1. GodfatherIP

    GodfatherIP Member

    Joined:
    Feb 22, 2010
    Messages:
    248
    Likes Received:
    0
    Trophy Points:
    16
    Ratings:
    +0
    So I have been following this whole DMUpdater Easy Root discussion about the new exploid root and I was curious about how worried android users should be about this exploit and what if anything can be done to protect your phone. From my understanding the DM team wasn't originally going to release DMUpdater with the exploid root because it would potentially provide hackers with a powerful bit of code they could use in malicious apps to take root access against a users permission thus allowing them to do basically anything to your device. Then the early version of DMUpdater got leaked with the exploid root and other apps popped up using this root method so now the DM team is going to put it back into DMUpdater. So from my understanding the source code for the exploid root will be or already is out there and malicious hackers could potentially exploit it. Now that our phones contains so much of our personal information how worried should users be about this? Will being rooted already help protect you since Superuser Permissions asks each time a program wants root access or does can the exploit circumvent this as well? Is this security hole something that can be patched in a custom rom? I'm not freaking out or anything but I am very curious about what this means for the security of the Android platform and what can be or is being done about it. Thanks to any knowledgeable people who want to chime in to educate me on the subject.
     
  2. greeknasty

    greeknasty Member

    Joined:
    Aug 9, 2010
    Messages:
    42
    Likes Received:
    0
    Trophy Points:
    6
    Ratings:
    +0
    i wouldnt think so
     
  3. furbearingmammal

    furbearingmammal Super Moderator

    Joined:
    Jun 16, 2010
    Messages:
    11,162
    Likes Received:
    372
    Trophy Points:
    513
    Location:
    Anywhere you're not
    Ratings:
    +455
    Current Phone Model:
    32GB Moto X Developers Edition
    Twitter:
    furryvarmint
    Should we worry? Not for the reasons your citing. The code for the exploid has been known for some time.

    The worrisome bit is if DroidMod releases their code for the DMUpdater because the code for that changes the exploid code in such a way as to allow any app on a rooted phone full access to the phone's system, potentially allowing a zombie army of rooted Droids to try to take over the internets and world.

    And that's my bag, Pinkie!
     
  4. DoctorDeDroid

    DoctorDeDroid Member

    Joined:
    Aug 4, 2010
    Messages:
    207
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Boston Area
    Ratings:
    +0
    So the issue is if the *code* for the root gets loose. i.e. others could write apps that incorporate it then?
     
  5. furbearingmammal

    furbearingmammal Super Moderator

    Joined:
    Jun 16, 2010
    Messages:
    11,162
    Likes Received:
    372
    Trophy Points:
    513
    Location:
    Anywhere you're not
    Ratings:
    +455
    Current Phone Model:
    32GB Moto X Developers Edition
    Twitter:
    furryvarmint
    Exactly. The exploid itself isn't that big a deal unless you're Motorola or Verizon. The modified code taken from it is.

    That's my understanding.
     
Search tags for this page

exsploidcode