Should a refurbished phone come rooted?

[TheBigChill]

Well, here's my first post.

I recently bought an HTC First (dubbed the Facebook phone) because I got a great deal on it (refurbished "Like New" by ATT) and it runs stock Android beneath the Facebook skin.

Anyhow, I was poking around in the App Drawer and saw that SuperSU was installed. Now, it's been 5 years or so since I've toyed with rooted devices, but I immediately recognized it as a super-user / rooting App.

I contacted the seller and asked why it was rooted, and he replied "I'm not sure why it's rooted, but maybe my supplier does this to unlock the phones. Is it causing problems?" It doesn't seem to be causing issues, and the phone is very good in all other respects. I'm also not totally averse to having it rooted, but just found it odd that it came that way. The phone was supplied to me in an ATT Box, with screen cover, bag, charger, etc, all marked in official ATT Refurb packaging.

Frankly, I already wanted to update the camera to at least 4.2 and make some other useful tweaks, but should I be concerned? Thanks!

 

[Rukbat]

You can install SuperSU on an unrooted phone - that doesn't root the phone. (Having su in the /system folder does.) Either run a root checker or connect it to a computer, run adb, run shell, then run su. If su is not there, the phone's not rooted. If you get a # prompt, the phone is rooted.

You don't root the OS (which is what gets rooted - the OS, not the phone itself) to unlock the phone (which has nothing to do with the OS).

On a good note, HTC doesn't void the warranty for rooting (if the phone is in warranty).

And no, a refurb shouldn't come rooted. The fact that SuperSU was still on the phone says that they didn't do much to refurb it - they should have reflashed the ROM, at least.

 

[TheBigChill]

I forgot to add that I confirmed root access with Root Validator App. Also, I don't have developer tools on my computer

I was under the impression that a phone returned to the ATT store within 14 days could be considered a refurb, and following a physical inspection a Factory Reset, can be resold as "Like New".

What am I risking with just keeping the phone as-is, or perhaps unrooting via SuperSU?

 

[raptir]

It probably wasn't noticed by the tech doing the "refurbishment" and a factory reset isn't going to remove root since SuperSU is installed to the System partition.

Most likely, the person rooted the phone and returned it and that's the end of that. In theory though, if the previous owner was more nefarious they could have pushed spyware to the system partition using root. Even the stock keyboard could (potentially) have been replaced with a modified version that has a keylogger. I'd say the likelyhood is low though. I'm not sure what I would do in your case.

 

[TheBigChill]

Nefarious intentions is exactly my concern. I also find it unlikely, but am thinking of key-loggers and the likes, monitoring my actions. Would using the SuperSU "Unroot" option alleviate this?

Not really sure where to go from here. Again, I'm not totally root averse, as I wouldn't mind loading 4.3 or at least newer camera software. Not quite sure what to do now.

 

[raptir]

Nefarious intentions is exactly my concern. I also find it unlikely, but am thinking of key-loggers and the likes, monitoring my actions. Would using the SuperSU "Unroot" option alleviate this?

Not really sure where to go from here. Again, I'm not totally root averse, as I wouldn't mind loading 4.3 or at least newer camera software. Not quite sure what to do now.

Again, I think it's unlikely but I'll post my thoughts assuming it is "hacked."

Just unrooting wouldn't do it. Once an application is installed on the system partition it has full access to everything your system does. So if a keylogger was put on there, unrooting would do nothing to stop it. The only way to truly get rid of it would be to flash a factory image, if one is available for the phone.

 

[TheBigChill]

Again, I think it's unlikely but I'll post my thoughts assuming it is "hacked."

Just unrooting wouldn't do it. Once an application is installed on the system partition it has full access to everything your system does. So if a keylogger was put on there, unrooting would do nothing to stop it. The only way to truly get rid of it would be to flash a factory image, if one is available for the phone.

Thanks. Now, here comes the question you knew was coming.... What would you do?

The seller will take it back, but that leaves me phone-less again for a bit. I was considering a Nexus 4 or this, and chose this because it has LTE. Anyways....

 

[Rukbat]

1) Whether a phone that was bought, taken to the parking lot, then returned - all within 10 minutes - can be sold as new, or even whether one programmed by the store personnel then the customer changes his mind can be sold as new - varies by state law. In some states, if you buy it, it's not new. In others, if it's fully rebuilt, no matter how used it is, it's new.

2) What would I do? Not risk it and return it. Once a phone is rooted, anything can be done to it. (You can even have it repartition itself do it's a useless piece of junk - or install an app that emails someone every keystroke.)

Would you rather be phoneless for a few days or risk being bank-account-less with a huge balance on your credit cards? (And your identity stolen, maybe.) I'd rather use my 10 year old "it takes pictures!" phone for a while than risk my security. When my phone went in for repair, it got totally, government-grade, wiped. Then I repartitioned it and reflashed stock firmware. The NSA could probably still recover something from it, but the cost/benefit ratio would be ridiculously high. I do not now, nor have I ever, had a bank account with 8 figures in it.

 

[TheBigChill]

I suggested that the seller of this phone open his other units, and see if SuperSU is installed. Also, if so, that he contact his supplier and inquire as to why these are rooted. His response:

"I did open it and see that they were all installed supersu and contacted the vendor and they said they were installed just to unlock the units with out having to pay to do it by Imei. I can assure you there is no key logger or anything installed."

Can rooting give you the option to unlock a phone without paying for an unlock code? I'm calling B.S. on this claim...

 

[solquiff]

Hi, this might help clear things up.

I got an unlocked phone in January and had Super SU app on it but never paid attention to it until last week when I investigated it. I got a bit concerned as I never downloaded it and thought it was just a pre installed app that was of no use. Anyway, after reading many many articles online from people saying rooting and unlocking a phone are unrelated - I went to 4 shops that unlock mobiles and that kind of thing. 2 of them were very open about it and said they frequently rooted phones before unlocking them to avoid paying for an unlock code. One of the workers even showed me his phone which had super su installed, he said he rooted his to unlock it. In another shop the guy said he had never heard of it and he 'always' used a code (i could tell he was lying). In the 4th shop they guy did say he rooted phones to unlock them but then backtracked after i started asking more questions..he seemed a little nervous.

These 4 shops were all within a 0.5 km radius of one another so it is quite clear that rooting is being done before unlocking phones to save on the codes. Some are more open about it than others. Whether or not the root is really needed I dunno, but they are doing that way unless they get a code..so it obviously works whatever it is they are doing.