Ed. Note: The story originally was published on Feb. 14, 2010. We've updated it with new information and present it again for those of you new to Android.
Each day more and more Android handsets are being sold, and that means users are faced with a major decision: To root, or not to root. Some of us will do it simply because we can, others will decide not to do it as they enjoy the phone as-is, but the majority of us will be on the fence about the whole idea of rooting.
Hopefully some of those questions can get answered and youíll have a clearer picture of the process and some understanding to make the decision a bit easier. Iím sure this wonít answer every question youíll have when considering whether or not to root your device, but hopefully this is a good start and a basis for further discussion.
What, exactly, is rooting?
Rooting your Android device involves adding in a small Linux application called ďsuĒ. It stands for SuperUser, and allows applications and commands to run with elevated permissions. Everything that runs code, whether itís an application or the user, has a permission level set by the operating system.
Why Linux? Well the heart of the Android operating system is the Linux kernel. You'll hear a lot of nerdy geek-speak about the Linux kernel, but all you really need to know is that it's what is interfacing Android to your hardware, and ultimately has complete control. When you stray outside the "normal" way of using Android and start entering commands directly, the kernel is who you're talking to.
The root user is the boss and can do anything (good or bad) on the device. From simple things like clearing the cache from core applications, to more advanced things like wirelessly tethering a laptop or iPod touch through your phone, root can do it. The su program is a sort of gateway that lets applications or users act as root while doing tasks.
OK, so why would I want to root my phone?
Good question! Maybe you donít. Everything in a Linux system is a file, or is treated as a file. Since Android runs on top of Linux, it acts the same way. Most of the files you will need to access or change are available to you without having elevated permissions. "Most" being the key term here. When you want to do things that affect or change the core software of your device -- like updating the version of Android on your phone, or adding a nice piece of software from another device -- you'll have to do it as root. Dream and Magic users have been running Eclair on their phones for a good while now, and itís because they have rooted their device. Rooting also gives you access to some handy software that you couldnít use otherwise. Things like a complete system backup or ad blocking software require you to root your device. Donít root your phone just for the sake of rooting your phone, but if you come across something you feel you could use or would like to have, then consider it. You'll find that the open source community is usually pretty helpful and encouraging new people to do new things is common. And when you get to the point where you can lend a hand to the new folks, pay it forward.
So it's like jailbreaking?
Pretty darn close. Jailbreaking an iPhone or iPod touch opens up things like using applications that arenít manufacturer-approved or changing the look and feel of the device. Android already allows this to a large extent. The changes behind the scenes are the same way. A lot of what you can do with a jail broken iPhone you can already do with your Android phone, but to really unlock everything youíll need to root it. The concept itself is identical. Youíre allowing things that usually wouldnít have root permission to have them.
Is it dangerous? Will it break my phone? Will it void my warranty?
It can be, It might, and Yes. By not allowing access to the superuser account, the manufacturer and your carrier have basically protected you from doing things that change the system and make it unusable. All it takes is one wrong keystroke to turn your shiny new Android phone into a plastic and metal brick with no connection. Most times this is recoverable, but not always. You have to decide how capable you feel you are, and how well written the instructions youíve found seem to be. Nobody will blame you if you decide against the risk, especially your cell carrier. All major carriers and manufacturers plainly state that altering or using unapproved software voids your warranty, and rooting falls into that category. While that seems a bit harsh, they need to be able to support the products they sell. For that to happen, they need to know exactly whatís running and what itís doing.
Apps that run as root need a little further consideration. You need to have a level of trust in the person who wrote the app first and foremost. Does the developer have other software available? Do the user comments (for Market apps) have anything that raises a red flag? Do the requested permissions seem a little odd? These are all questions you need to think about before you allow something to run as root. For a further level of security, think about installing an application that warns you anytime something tries to run as root. SuperUser Whitelist (Android Market link) is a great little app that does exactly that. If you decide to go on and root, ask users with the same device as you for a link to a version of SuperUser Whitelist that works with your firmware. Once installed, anytime something wants to run as root, the app intercepts and asks if you would like to allow it. Youíre given the choice to accept, decline, or grant the app in question full privileges each time it runs.
One last thing to touch on here. Many custom ROMs include some sort of SSH server. This can be a wonderful tool, or it can get you in hot water. This is what caused the whole ďRick-RollĒ episode with the latest iPhone jailbreak. The server sits and waits for an outside connection, and if that connection provides the right password full control of the device is turned over. In the case of the iPhone, users never bothered to change the default SSH password for root. A clever (or devious) group of users simply scanned for servers listening on the correct port, then attempted to sign in as root with the default password. Lesson learned, but this is easy to prevent. Ask other users of the ROM or firmware youíre thinking of flashing if there is a server listening, and if so how to disable it or change the default password.