Not Implementing Rooted (Jailbroken) Device Detection
The mobile application stores some data elements locally. This data is stored at the ‘root’ level. Only system administrators have access to functionality and data present at the root level. On a non-rooted device, the user is asked if he/she wants to give specific permissions to an under-installation mobile application. Such consent isn’t sought in a rooted device (Jailbroken device). It is a set process to grant permissions. Any person or program that accesses the device can access the root level. Let’s have an example to understand a possible consequence of installing an application on a rooted device.
If a device is rooted then it does not require it’s a user to grant access permissions to new applications. An application is installed on the device and its data is stored on the device locally (Such information is stored at root level). If an application developed by an attacker also gets installed on the same device then the intruder’s app has access to the root level. The malicious app would access the legitimate app’s data, and the attacker would make malicious use of it.
Thus, a mechanism for checking whether the device is rooted should be present in applications. Under-installation apps shall alert users in case the device is rooted. There are multiple ways of verifying if a device is rooted. Some of these are listed below:
- Check for the presence of apps that need the device to be rooted.
- Using command-line tools like ‘su’ & ‘id’ for checking the ‘uid’.
- Read/write access to internal folders like /data, /proc etc.
- Checking OEM keys to be OEM supplied