NNSquad - Network Neutrality Squad
[ NNSquad ] New Android Phone (Falsely) Accused of Containing a "Malicious Root Kit"
New Android Phone (Falsely) Accused of Containing a "Malicious Root Kit"
http://lauren.vortex.com/archive/000764.html
Greetings. An article published yesterday is mischaracterizing the
situation with Android and the new T-Mobile (HTC) G2 by claiming
the phone includes a "malicious root kit" -- a very scary (but
false) assertion ( http://bit.ly/c80Dzs ).
This sort of hyperbole does nobody any good. Here are the facts as I
understand them.
First, it's important to know that while Android is an open source
operating system, it does not require (as far as I know) that any
given hardware manufacturer (or cell phone carrier) permit user
modifications of the OS itself. In fact, carriers and manufacturers
have considerable latitude regarding the degree to which they wish to
"lock down" their hardware.
And indeed, most Android phones to date have been locked down to one
degree or another, resulting in various tricks being used to bypass
those locks to allow rooting (for installation of custom OS builds
[ROMs], etc.) But the point is that most Android phones did not come
out of the box with the ability to openly install such modifications
(the N1 can be viewed as an exception).
Now, I really *like* rooted Android phones. I want to have complete
control over my phone whenever possible -- just like PCs. I still use
a very long-in-the-tooth Android G1 that is on its last legs -- I
rooted it way back and I run the "CyanogenMod" custom ROM (which I
highly recommend).
What's going on with the G2 (essentially the HTC Vision, it appears)
is that initial experimentation suggests that HTC is using a firmware
rewrite system to replace "/system" mods with the "official" firmware
upon reboot. It is too early in the hacking process for anyone to
state definitively that this mechanism will not be defeated -- it's
fascinating how many ways cryptographic signature locks can be
"incompletely" implemented.
If the G2 is actually using this kind of firmware protection system,
it will be very similar to modern TiVos, which employ a (very
difficult but not impossible to replace) PROM chip to create a "chain
of trust" that eradicates attempts to modify the system. Obviously,
the likelihood of a practical "chip replacement" solution (as far as
most potential users are concerned) for devices at the cell phone
integration level is fairly small -- but I would dare not say
impossible.
The good news is that "temporary" root access on the G2 has been
achieved -- the problem is that associated system changes get wiped
the next time the phone is started. Temporary root may however be
adequate for running of certain programs that need root access for
best functionality (like backup programs) -- though much more is
indeed required for the running of alternative system builds.
This trend toward locked-down systems is being driven both by support
concerns (users who have screwed up their "unlocked" devices may still
want support, want to return for refunds, etc.) and by security
concerns.
Note that the latter issue in particular is reportedly already being
discussed by Intel and others in terms of creating CPUs and systems
for PCs that would operate in the context of cryptographically-signed
software, potentially bringing a similar level of lock to the PC world
(at least in theory).
Personally, I find this trend to be very disturbing. It has serious
negative implications for user freedom and (perhaps surprisingly to
some observers) major negative implications for privacy and security
as well -- since users will no longer necessarily be able to run the
OSes and applications of their choice, vetted to their own standards
against security and privacy exploits.
In any case, I am unsure if I'd be willing to use an unrooted G2 on a
routine basis -- but the calculus on this score can be different
depending on expected usage patterns and other factors for any given
individual. I don't necessarily expect the same level of modification
friendliness on a cell phone as on a PC -- even if I'd prefer them to
be similar in this respect, all else being equal.
But calling what's apparently going on with the G2 a "malicious root
kit" is simply wrong. We can use the Wikipedia definition of
"rootkit" for now, which is on the mark:
"A rootkit is software that enables continued privileged access to a
computer, while actively hiding its presence from administrators by
subverting standard operating system functionality or other
applications."
This clearly does not apply to the G2's OS protection system as
currently understood. In fact, one could argue that the G2 may have
implemented an "anti-rootkit" -- since the mechanism appears designed
to prevent the installation of "nonstandard" OS functionality by
protecting the "official" code from modification.
So let's try to at least keep this discussion in the realm of reality.
I don't like locked-down systems. I like user choice. I'd prefer the
G2 be fully modifiable, and I'm (wait for it ...) "rooting for it to
be rooted."
But it's inappropriate to be referring to the G2's (or TiVo's, for
that matter) OS protection systems by the term "malicious root
kits" -- and the use of such inaccurate terminology in such cases
does not advance the cause of user software freedom.
Even when -- especially when -- we disagree with a technology policy
approach, it's very important that we attempt to avoid hyperbole and
less than rigorously accurate statements -- both of which can be used
by others as weapons against our points of view.
--Lauren--
Lauren Weinstein (lauren@vortex.com)
http://www.vortex.com/lauren
Tel: +1 (818) 225-2800
Co-Founder, PFIR (People For Internet Responsibility): http://www.pfir.org
Co-Founder, NNSquad (Network Neutrality Squad): http://www.nnsquad.org
Founder, GCTIP (Global Coalition for Transparent Internet Performance):
http://www.gctip.org
Founder, PRIVACY Forum: http://www.vortex.com
Member, ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com
Twitter: https://twitter.com/laurenweinstein
Google Buzz: http://bit.ly/lauren-buzz