Originally Posted by apple2005
Thanks once again. At the moment, I can't Afford to put myself into trouble. I don't know how to do that? And further many people are complaining of the moded Roms as well. So I want root only at the moment.
One of the things that I just love about the Android OS is the simple but powerful security implementation. When a person "roots" an Android device, they override a signifcant amount of that protection in exchange for some other benefit.
I repeatedly get the impression when reading posts from various users that many don't really understand that the risks imposed by rooting may be much higher than those of installing custom ROMs. The worst thing a custom ROM can do is brick your device, but rooting an Android device can "brick" your personal security if not managed very judiciously.
Considering the wide variery in experience levels of users with respect to Android and Linux internals, it seems reasonable to include a note with the "rooting" tip in this thread to warn of the risks, which are not limited to merely bricking your device. I suspect that most users who "root" their devices do not understand the risk, and so are less likely to be able to protect their private data, or prevent the installation of malicious software in their devices. All it takes is one app to install a worm. Once the worm installed, you could delete the carrier app, but the worm would remain as part of your system, indefinitely. You'd go about your business using credit cards, paying bills, banking, etc., feeling perfectly safe for days, weeks, months, and then wonder why your accounts were suddenly being used by criminals located 4000 miles away. A worm may do little more than act as a nuisance, help someone steal your identity, or make you and your device unwitting accomplices in criminal activity. The options are endless.
Your risk is greater when you are personally using root access also. I have been a "root" user on various *nix systems for many years, and I have seen significant problems caused merely by accident when root users were just slightly inattentive, even some who were fully aware of the risks -- including myself. This form of risk is less costly though than the malware type, because it is merely of the bricking sort.
I was thinking of writing a more detailed post about this, but I figured that by now a number of folks had probably already done that, and I was right. I found this blog on the topic to be very simple and quite accurate: The dangers of rooting your Android phone | Android and Me
This is worth reading also: https://www.securelist.com/en/analysis/204792222/Mobile_Malware_Evolution_Part_5
When you root, you do a part of the job that the hacker would otherwise have to do before attacking. It's true that hackers can use methods similar to what you use to root your device to gain access anyway, but that takes more specific effort than is required for attacks on devices that are already rooted. Restated, generic attacks can be used on almost any rooted device, where instead for non-rooted devices, more difficult device and version specific attacks are needed. There is apparently already some older malicious code out there that reverts to just using existing root privileges if an attempted crack at rooting does not work on a given device.
Giving root privilege to an app produced by a person you don't know is like giving a complete stranger a master key that works on your car, your house, your bank, etc. Malicious software can be very stealthy... so sneaky that you may never know that you have been attacked.
If you do root, understand the risk so you have a better chance of protecting your security. If all you use the tab for is browsing, Angry Birds, and solitare, maybe you can throw caution to the wind. If you use it for more sensitive tasks, realize that you are always going to be at greater risk than if you had not rooted, and be very stingy and cautious about giving apps such access.
For any dedicated "rooters" who might read this: Please don't misunderstand my point. I think that it is very cool that there are so many great ROMs available, and that rooting is an option. I plan to root one of my devices and try a custom ROM when I get time. The point of this is merely to inform/remind folks of the risk, not to berate what can be a reasonably safe and rewarding practice if managed very carefully. ...but this particular post of mine is not intended to point out the many rewards, because that seems to be well covered already. This is merely to balance that a little more by warning of some potential costs. I just thought that potential root users should also see more than the typical "brick" or voided warranty.