What are Jailbroken and Rooted Mobile Devices?
Jailbreaking and rooting refer to removing software restrictions that are intentionally put in place by the manufacturer in order to access more applications and/or features. Jailbreaking is the term for this process as it happens on an Apple device, while rooting refers to this process as it happens on an Android device.
Jailbreaking. Jailbreaking an Apple device allows the user to install applications, extensions, and other software that is not authorized nor available from the App Store. The purposes of jailbreaking include device customizations, feature expansion, malware installation, piracy/hacking, and unlocking carrier active iPhones- as using a jailbroken phone allows a user to go from one carrier to another by changing the SIM card.
Rooting. Rooting an Android phone allows the user to obtain system administrator privileges which provides them with the ability to perform operations on their Android device that typically impossible. One privilege is the ability to uninstall any applications from the device, including proprietary programs that are pre-installed such as the browser, gallery, weather, and news widgets. Other privileges accessed through rooting are the ability to update the system to modify the device’s IMEI for tracking and blocking network connections, the CPU and GPU parameters, the Android operating system, and to modify the ROM, allowing users to customize the smartphone in order to increase the battery life or to add special features.
Jailbreaking and rooting introduce significant security risks as these processes disrupt the security protocols that are in place to protect the devices and associated software and applications. Important security updates may also not be received on jailbroken or rooted devices. Other risks include:
- Voided warranty
- Security vulnerabilities
- Shortened battery life
- Stability issues
- Unreliable data and voice services
- No longer receiving security updates to device and software
- Lost access to content
- Lost access to services
- Bricked phone
One of the first processes that Android malware undertakes on a device is to attempt to obtain root privileges, which suggests that a rooted Android device is highly insecure and, therefore, desirable to cyberattackers. Once an Android device is successfully rooted, malware can take a number of actions including deleting system files, stealing passwords, and modifying the firmware.
As jailbroken and rooted mobile devices present significant security vulnerabilities and concerns, it is recommended that these devices be blocked from corporate networks, or that corporate networks constantly monitor network activity to swiftly detect suspicious actions.