Unauthorised root access

Previously I talked about how mobile devices are a generally safer and hard nut to crack. One such hard shell design is, that every mobile operating system deploys functionality to prevent or restrict actions like changing device settings or user installed apps, and such regular tasks. It does not mean that people have not found a workaround. There are various techniques out there that can be used to override this default operating system behaviour, also largely depends on the OS restriction on how far the user can control.

Overwriting restrictions on mobile devices

There are a couple of ways these restrictions can be overwritten. Like – Jailbreak for iOS and root for Android devices. Jailbreaking technique is used to override the kind of iOS settings that Apple never meant to allow the user to change. This is done so by installing an app on the user’s device. With this users can also install blocked apps without getting any notification of downloading or using such an app. Jailbreaking also allows the user to unlock various other functionalities.

Rooting on an Android device is similar to jailbreaking. It allows the user to have administrative access on the lowest level possible, where the user is able to configure any settings they want. Just like jailbreaking, this is also done so by installing an app or such a program to enable kind of functions that the users generally would not have permission to do so. Typically, these vendors do not suggest or accept rooting. In such a case, they may label the warranty as void if the user owns the device.

The main point of all of these is that these kinds of Jailing or rooting, or any such other techniques give a user full administrative access to the device. They can do anything they want to do with such access without you being aware of it. They can go to the extent where they block you from using your own device.

Dealing with unauthorised root access

A large corporation or organization uses some sort of MDM (Mobile Device Management) software to deal with such situations. Like detecting, and blocking devices that have been infected to the root level. In terms of the manufacturer or service provider, they may prevent a device from connecting to their services. But, other prices may come along with it which are immediate risks, like – multiple attempts could render the device as a brick, or lock the device completely until you restore the device from a backup. Which should remove the rooting/ jailbreaking on the process as well.