Root Hackers urge all EVO 4G owners to root device citing security flaws

[I[E]

Remember how jubilant we all were the first time the EVO 4G was successfully rooted? We

 

[Biggest Fro]

So, what you are saying is..

If we root, it makes it easier for hackers to get access to our phone?

Not sure if I'm understanding...

Also, couldn't the "Hackers" just hack into already rooted devices (Ex: Hero)?

Sounds like a huge hype to get people to not root. I'm calling Bs.

Also pointing out, this is your first post, and you're already saying there's hackers everywhere.

 

[PDong]

The exact opposite actually.

I read more than the blurb earlier. The unrEVOked guys believe that root does help with the security, but there were still major flaws, that Sprint had access to a lot of data that they really shouldn't, (not that they would use it) but most importantly, a bad app could leave you vulnerable...

So, their word was, root the device and be very careful what you accept.

 

[Android 17]

How exactly does root help with security? I've always read the opposite.

 

[PDong]

"Mastracci suggests that EVO 4G owners root their device"

I think it's an idea of you choosing which apps you have, and thereby can send back data. Rooting to remove some bloatware or crapps, or whatever.

Logically, since it's an open source OS, rooting or not makes no difference to the actual security of the device, except that you could inadvertantly remove a program that's helping to secure it.

(this is how I understand it)

 

[suprmallet]

Or deliberately remove a program that is making your system unsecure.

 

[ab500]

SenseUI is really nasty in the fact that HTC likes to push it into every nook and cranny of the OS, which is one of the reasons why they have such a hard time producing updates in a timely manor.

It seems they have just left a rather large hole in the device's security. Not good PR for HTC, who insists on Sense being so deeply integrated into the OS, nor Sprint who is opposed to rooting.

I'm not sure how rooting your phone will make the exploit less likely to happen though, unless after root the superuser elevation dialog pops up and will warn the user if someone is trying to use the exploit.

 

[I[E]

So, what you are saying is..

If we root, it makes it easier for hackers to get access to our phone?

Not sure if I'm understanding...

Also, couldn't the "Hackers" just hack into already rooted devices (Ex: Hero)?

Sounds like a huge hype to get people to not root. I'm calling Bs.

Also pointing out, this is your first post, and you're already saying there's hackers everywhere.

You're right, that's exactly what I said.
The term "hacker" does not always have a negative connotation.
Had you bothered to read the article before posting you would have realized that it was about people in the android community trying to help fix security flaws opened by Sprint's customizations.
The end-user having root access also allows further customization outside of what Sprint wants, like being able to remove carrier apps you'll never use.
Yesterday's OTA did close up the vulnerabilities the "hackers" warned about, but also blocked the exploit used to root the phone.

I wasn't saying, "Root the phone and put on your tin-foil hat, hackers are coming!" Just trying to pass on information.

 

[sjwaste]

This sounds like an unqualified statement. They could very well be right, but they offer no explanation, other than "all your base belong to Sprint" unless you root.

The community could use some PR help. I'm still not sure what to make of this message. Unless someone articulates what the vulnerabilities are, through which avenues my data is exposed, to whom, and how rooting helps me, I'm really not apt to do it.

They could be right, but they communicate poorly.