05
May
image

Note from Artem: The post's author, Justin Case, also known as jcase in the Android community, is an xda Elite Recognized Developer, AP team member, and an all-around knowledgeable guy when it comes to Android's internals. When he speaks, I tend to listen.

The Android world was slapped in the face when well-known developer AndreiLux made a post in the XDA Galaxy S4 forum titled [Info] Rooting will be impossible on newer stock kernels.

His post has caused some unwarranted drama in the community, and I wish to set this subject straight as much as I can. AndreiLux is pointing out a new feature in Samsung Galaxy S4 kernel called CONFIG_SEC_RESTRICT_SETUID. This feature helps prevent processes (like malware, exploits, or su) from changing a normal user to root (or system, etc.) user by using SETUID. His title can be easily misunderstood by those who are not well-versed in Android development, but his information is basically correct.

This new feature does not stop users from rooting. Samsung has long been a silent champion of the developer community. The vast majority of their products are unlocked and allow users to install custom firmware, with the exception of some Verizon and AT&T products, and they are one of the speedier manufacturers with releasing kernel sources.

AndreiLux tells us installing a custom kernel will still allow us to have root access on our Galaxy S4. So what does this new feature really do? It tries to prevent malware from abusing exploits like Exynos-abuse to gain root, and a consequence of that is disrupting how Superuser works on our phones. Solution? Install a kernel with the feature disabled and give up some security for more freedom.

Bottom line, Samsung is trying to protect the average user from malicious activity, while still giving our community the access we want (ability to root our phones). If you complain about this feature, then you should lose the right to complain about Android security missteps in the future.

My two cents.

Update: XDA Recognized Developer jeboo posted a 1-byte binary patch to disable CONFIG_SET_RESTRICT_SETUID.

tl;dr: The latest Exynos Galaxy S4 kernel update makes your phone safer, more secure, and ultimately doesn't prevent you from having root.

Justin Case
Justin Case is a 30yr old father of four. He has an ever changing array of Android devices, and an eye for mobile security.
  • http://www.facebook.com/profile.php?id=667754408 Harry Campbell

    Futile attempts in my opinion, If we want to root it we will root it!

    • Jaime Larios

      Did you even read the article?

      • Derik Taylor

        I don't think he read it...

        • andy_o

          I don't even think he finished reading the title.

    • http://twitter.com/TeamAndIRC Justin Case

      Read the article.

    • http://www.facebook.com/joseph.millhouse.3 Joseph Millhouse

      Did you bother to read this? Can you read?

    • From Everyone

      aaaaaaaaaaaand facepalm

    • Tomi Golob

      Don't worry ,I bet people close to you love you as if you were normal

    • squiddy20

      Wow. You didn't even read the tl;dr. Seriously, CAN you read?

  • https://twitter.com/#!/thedeusexmakina [J. B. cyruz]

    Good article, thanks.

  • http://twitter.com/trickedoutdavid David Margolin

    @Justin Case -- love your name

  • DeadSOL

    It's brilliant! We can have it if we want or get rid of it if we don't want it! Simple! :)

  • Blair Ginley

    Undoubtedly the most accurate and non BS Android news site there is. I love reading the factual stories here

    • http://www.techmansworld.com/ Michael Hazell

      I've been looking to AndroidPolice for over a year for my Android news. I have been very satisfied looking to them for news!

  • http://twitter.com/TeamAndIRC Justin Case

    I wanted to leave this comment of the post, as I am not entirely positive that I am correct.

    It may be possible for a version of su to disable these added protections at run time, and then allow it to function normally. One of the superuser authors would need to step in and comment on this, maybe we can get Chainfire to.

  • Alan Shearer

    "tl;dr: The latest Exynos Galaxy S4 kernel update makes your phone safer, more secure, and ultimately doesn't prevent you from having root."

    Just no! Please, android police, do not do that again. If someone thinks it is to long, to bad for them. Reading is a virtue we should all cherish.

    • http://twitter.com/TeamAndIRC Justin Case

      eh my bad, it was mostly a "if you didn't understand anything at all" comment

      • Alan Shearer

        I dunno, just comes across as unprofessional on such a popular and well respected news site. Maybe change it from tldr to post script or something :P Nothing personal meant of course. Article itself is well written and understandable.

        • http://twitter.com/TeamAndIRC Justin Case

          Unlike the rest of the writers, I am not a professional writer. I'm just a geek that likes security and Android.

      • John Longson

        More people appear to support your tl;dr than not -- that says a lot. Keep up the good work and nice summaries.

    • http://www.androidpolice.com/ Artem Russakovskii

      Eh, I like to have tl;drs sometimes, especially for more involved posts not everyone may understand. In fact, when I added a tl;dr in my last article, some people thanked me for them.

      We'll consider tl;dr for each article on a case-by-jcase basis.

      • ssj4Gogeta

        Yeah, add them Justin case someone doesn't want to read. But only on a case-by-jcase basis. Also, don't forget to match them with esac's.

    • http://www.facebook.com/profile.php?id=100000003999549 Mike Harris

      "Reading is a virtue we should all cherish."

      Spelling is too.

  • felipecn

    It won't prevent you to root it if you have a unlocked bootloader, right?

    • http://twitter.com/TeamAndIRC Justin Case

      nope

      • felipecn

        Can you flash a different kernel with locked bootloader?

        • http://twitter.com/TeamAndIRC Justin Case

          Depends on the OEM, and if it is signed or not.

          • http://www.androidpolice.com/ Artem Russakovskii

            I think we are talking about Samsung here. And a non-ATT/Verizon case.

          • http://twitter.com/TeamAndIRC Justin Case

            Ok, no you could still flash a signed older kernel without the protections?

          • http://www.facebook.com/PradeepVizz Pradeep Viswanathan R

            Agree, you could. However the kernel might not be compatible with the ROM

  • http://twitter.com/lewisanderson78 Lewis Anderson

    your 2 cents aint worth a damn. All they are doing is making it impossible to use a different os on it. You can call it what it is. I will just go to phones that allow rooting. In my opinion they shouldnt be allowed to stop you from being admin and changing os it is your phone when you buy it but business have paid off our judges so much money to let them screw the people in america when it comes to our property.

    • http://twitter.com/TeamAndIRC Justin Case

      Please try and comprehend the post, you lack any understanding on what this does and your comment shows it. It prevents nothing of what you mentioned.

      • andy_o

        It's called the Dunning-Kruger effect. It's one of the most sadly common, though entertaining, effects on the Internet.

        • DeadSOL

          Hey, thanks for sharing the name of the effect! I can't believe that I didn't know that!

          • http://www.facebook.com/profile.php?id=1745689461 Hal Motley

            I also didn't know either!

          • andy_o

            If you like that, look up the Peter principle.

          • DeadSOL

            Thanks! I'm learning something new every day! :D

        • lljktechnogeek

          There's a subtle but critical difference between Dunning-Kruger and bullheaded stupidity: in the case of the former, the person actually knows something about the subject being discussed, just not anywhere remotely close to the amount they think they do.

          What I'm saying is that this guy is probably the latter.

          • andy_o

            Maybe I don't know about Dunning-Kruger as much as I think I do.

          • lljktechnogeek

            i see what you did there

    • EH101

      Did you even read the entire article? You can still root just fine as long as you flash a patch or kernel with the feature disabled. This does nothing to hurt people who want to tinker with their phones and protects the average everyday user. Sounds like you fall into the latter.

    • http://twitter.com/Telanis_ Telanis

      No, they aren't. Read the article you ignorant fuck.

    • s44

      You have literally no idea what you're talking about.

    • Rob

      Seriously? (oO)

    • squiddy20

      Yet another moron who apparently can't even read the tl;dr...

      Also, different OS? Last I checked, Touchwiz/Nature UI is still Android. It's not like it magically hopped over to being iOS, BBOS, or WP7/8. What an ignorant dolt.

      • http://www.facebook.com/PradeepVizz Pradeep Viswanathan R

        LOL :)

    • http://www.facebook.com/profile.php?id=1745689461 Hal Motley

      I was tempted to upvote your post because it is so humourous. XD

      Though I didn't do that at all, but I will reply to your post in a meaningful, concise manner.

      Seriously, though we will always have access to root as long as the bootloader is unlocked/unlockable and there is a usable download mode, we can flash a modified kernel, new recovery image (such as ClockworkMod Recovery) and a custom ROM (like CyanogenMod) if desired. We still can do that, hell it's what I did to get CM working on my Samsung Galaxy S II.

      All these Samsung security enhancements do is prevent malware from gaining root access and tampering with the root partition of the device. Surely that's a good thing?

      • JohnCorleone

        Its not good if you want to deoxex a Samsung Stock ROM, possibly theme it darker or invert all of the apps then go back and re-odex the ROM. SAMOLED screens use more battery than the others which is why they are so color rich. Inverting the apps and theme gives up to 40% more screen on time. Also SuperSU by Chainfire is pretty well protected. Plus its ironic that more and more of our personal information is being logged and kept even at the Carrier level now

  • Tomi Golob

    I demand peanuts

  • Tomi Golob

    *shakes fist*

  • fzammetti

    Granted, it's not anywhere near as dire as it was made out to be at first, but is it really the none-issue it's made out to be here?

    Correct me if I'm wrong, but isn't this saying you can't root stock? That's a capability we ARE losing, no?

    Personally, this is the way I run my GS3 now and I prefer it that way frankly since I've had not entirely positive experience with custom ROMs/kernels/etc. in the past. Even if it's just a minor patch over a stock kernel, that's by definition no longer stock, right? I'd rather not have to do that.

    Like I said, it's not that big a deal, clearly not the disaster it seemed at first... but not innocuous either, right?

    • http://twitter.com/TeamAndIRC Justin Case

      It stops you from using su with a stock kernel that includes this protection (for now, I think it is possible to work around this within su). You have to remember, the VAST majority of phone users are more concerned about their phone working, being secure and staying safe than having su installed (this includes me, of all people). The opinions/rights of a few shouldn't out weigh the security of the whole.

      By installing su, you are no longer really stock, and have opened up a large security hole as is. Flashing a custom kernel (or an older stock one without these additions) should be a minor inconvenience. These custom kernels can be stock source, minus these security additions, they don't have to have all the "enhancements" that most have.

  • Designer_Science_Kathy

    With 700 *THOUSAND* apps... I really don't need to root anymore. Why? I gain an additional 0.001% additional apps? I just don't need that extremely minor "benefits".

    • http://twitter.com/TeamAndIRC Justin Case

      I've got to agree with you. I haven't needed root on my phone at all since 4.0. adb backup, built in screen shot, improved VPN access, I'm good.

    • http://www.androidpolice.com/ Artem Russakovskii

      The only root apps I still use are Titanium Backup or Carbon/Helium, and a root enabled file manager in case I want to get at things that are visible to root only. Related to that, I still use ROM Manager to trigger nandroid backups and restores.

      I think everyone would be able to find at least one more app to enjoy in our apps for rooted users series too.

    • Paul M

      I have a full Linux image on a partition on my memory card, so I use root shell to mount it and chroot in.
      I can then start up regular Linux processes like sshd, httpd etc.
      However I think I am unusual in doing this! But it is cool too!

    • umataro42

      Its not the quantity, its the quality. A minor benefit to you, is a more significant one to someone else.
      Not counting root management apps (like Root Toolkit, Nandroid Manager, SuperSU), I find other apps like Greenify, Light Flow, Titanium Backup, SetCPU, StickMount and root access on ES File Explorer to be helpful enough to make it worth rooting. Or being able to use carrier blocked apps like Google Wallet on Verizon. But I also have a Galaxy Nexus which from what I've seen is much easier to unlock and root than an S3.

  • Ahmad Samhan

    chainfire....

    • http://twitter.com/TeamAndIRC Justin Case

      Is on vacation, and it also happens to be his birthday today!

  • jeffmd

    It is these post that separate AP from everyone else. Def one of my new favorite sites to browse daily.

  • andy_o

    Samsung has long been a silent champion of the developer community.

    How accurate is this? I keep hearing conflicting statements. Didn't Andrew Dodd do a multipart post series on how Samsung was awful to developers on the Exynos 4? Then I read news that with Exynos 5 it was going to be better, but I also seem to recall some shenanigans there. I've lost track on where we are now.

    • http://twitter.com/TeamAndIRC Justin Case

      Some developers were upset that Samsung was not releasing ALL of their proprietary Exynos related source code. This code was not governed by an open source license, and there was no legitimate right for anyone but Samsung to have it. They did end up releasing some of it, but not all of it.

      Considering what % of their devices are unlocked, and how fast they release Kernel source, I believe it is accurate.

    • http://www.androidpolice.com/ Artem Russakovskii

      Compared to Motorola and even HTC, Samsung has always tried to provide unlockable bootloaders and encouraged community development IMO. The Exynos fiasco was unfortunate but I hope they fix all outstanding issues to make the community happy.

  • S3 user

    They still haven't fixed the emergency contact issue yet. It's good that they are tightening up security but (from memory) these exploits have been available for a couple of months now and probably should have been patched by now.

    • S3 user

      Also for those that are wondering a previous exploit can be used to root the s3

      • http://twitter.com/TeamAndIRC Justin Case

        How could you root the S3 with the emergency contact issue? I've looked at it and see nothing but a potential lock screen bypass.

  • Andrew Dodd

    One small comment: This "feature" will make rooting of devices that have it and a locked bootloader (since compiling a kernel and/or jeboo's binary patch will result in a kernel that fails signature check) EXTREMELY difficult. So far, it looks like current bootloader locks are bypassable, but if an OTA locks Verizon and AT&T devices down further, it means users will not only be unable to flash self-compiled kernels, they won't even be able to root their device.

    • http://twitter.com/TeamAndIRC Justin Case

      Indeed, it is obvious those carriers do not want their models modified. Canadian I337M (practically identical to AT&T) and the European GT-i9505(Qualcom, some LTE bands) and GT-i9500 (Exynos, No LTE) would both work on AT&T. I know Verizon has had unlocked variants of the S3 available I think, possibly they do it again?

  • Andries Spies

    I think this has nothing to do with user protection. Instead they want to lock down the phone and force their customers to buy a new phone 6 months down the line instead of just updating the OS with the latest from Google.

    • http://twitter.com/TeamAndIRC Justin Case

      Andries, did you read it? It doesn't lock the phone down to the user...

  • Liz Mcmanus

    All of your comments are well and good, and I agree that this is a good thing for the average user, but instead of bashing each other over the head and calling people expressing their frustration names, could someone post a helpful link that will point to a root method that will get around it? I have been researching this since the normal root methods failed for me, and this is the first thing I have seen that doesn't tell me I'm screwed by that update. Simply telling people that it wont prevent root access without further info is not helpful. I am not new to rooting, have successuflly rooted an HTC Thunderbolt, a Droid Bionic, a GS3, and a galaxy tab 2, but I am not a dev. I have no idea how to manipulate the binary patch linked above and I have not been able to find instructions on how to install a kernel with that feature disabled as the author suggested. I have the Sprint L720 GS4. Without having Dev level knowledge and the ability to compile my own kernal, how do I root this device?

  • http://www.facebook.com/katherin.mathew Katherin Mathew

    Hai all, Here is a perfect and simple steps to root Android galaxy s4
    smartphone.please follow the instruction to root your android device
    with fast procedure.This rooting procedure will only root the Samsung
    Galaxy S4 I9500 running on XXUAMC6 Jelly Bean Android 4.2.2. Not for
    other models.

    http://www.android-trick.com/2013/05/steps-to-root-galaxy-s4-on-android-422.html

  • Longcat

    Seeing the loss of freedoms being championed is sad. And for what? To block malware from using exploits? Give me a break!

    Taking away setuid root does prevent you from having root when the boot loader is configured to only execute Samsung-signed kernels. Guess what carriers request Samsung to do? Lock down the boot loaders.

    Which comes first, the flash or the root? It's been the root with the S3, and for good reason. It allows us to flash without using Odin.

    I doubt it's going to stop here. Soon enough, Samsung phones are going to be as unrootable as Motorola or HTC.

Quantcast