Custom ROM Safety

HyperDroid

New member
Feb 22, 2012
2
0
0
Has anyone assessed the risk associated with usage of a custom ROM (e.g. inclusion of malware by the developer)? Is it possible for a developer to include something malicious in a ROM? What precautions can be taken to ensure that this does not happen? Are people reading every line of the source code, if it is open?
 
The risk is there with any app you run including the ones in the market. This goes for all electronic devices from phones to computers.

I think an easier question would be what are trying to protect? From there a person can make choices on what to run and what not to run.

And no, I doubt many are looking at all the lines of code for bad guys in ROMs.

Dave
 
I think an easier question would be what are trying to protect?

My privacy, for one. Maybe it is silly to let my smart phone have access to all of my personal information, health history, and financial transactions, then install a "sweet custom ROM" that may have been written by a mischievous 14-year-old, without asking any questions first.

Maybe it isn't. How do you decide how much to carry around on your phone? Does that decision change when you add more software to your phone?
 
To likes of the more popular Roms (Euroskank CM10, BB, etc.). What assurance do flashers have that there are no malicious motives deeply rooted in these ROMs?

Sent from my Galaxy Nexus using Android Central Forums
 
Short of teaching yourself code, you have to act as though all are troubled. But does it matter? Verizon is selling all your information and exact location to third parties. Does that matter to you? verizon.com/privacy. Do you know that several apps in the market start your camera up to look around so as to better send you advertisements?

My advice for reasonable precautions would be to lock the boot loader again once you are finished rooting and ROM'n. Turn off all antennas you are not using such as bluetooth and wifi. Do not download apps from outside of the big name markets like google and amazon. Just assume everything you do, everywhere you go, and everything you type is public information. If you can be okay with that then using these phones will not be an issue.

Is your custom keyboard logging all that you type and sending it off? Android is full of holes such as the new addition of NFC devices.

What info do you not want to get out that isn't already out somewhere else already?

Dave
 
Thanks for info. I'm just concerned that I'm more vulnerable unlocked and rooted vs locked. I want to minimize picking up a virus whether it be surfing the net or clicking on videos within YouTube. Does being unlocked/rooted make me more at risk if I click a link or download something vs locked and not rooted?

Sent from my Galaxy Nexus using Android Central Forums
 
As for myself i just DL any good anti-virus malware program like Norton etc just as i do my CPU. Then hope nothing gets in. as for the phones developers for custom roms i dont think they'd be around to long if they were caught with their hands in the cookie jars. cool out man its just a phone. True some of the programs I dl seem to be to nosey but i have a choice and some i just dont dl.. I'm not a gamer so what i do DL is to amuse me ..
 
Thanks for info. I'm just concerned that I'm more vulnerable unlocked and rooted vs locked. I want to minimize picking up a virus whether it be surfing the net or clicking on videos within YouTube. Does being unlocked/rooted make me more at risk if I click a link or download something vs locked and not rooted?

Sent from my Galaxy Nexus using Android Central Forums


Yes and no... on your Nexus you should unlock, then root, and then lock. You can lock the bootloader again and maintain root. I have only heard of remote software hacks done to unlocked bootloaders. I have seen hardware accessed software hacks done to unlocked bootloader phones.

I think it is great you are concerned and want to learn how to be safe. But as our other friend said, it is okay to relax a little. You credit card is more likely to be stolen by your waiter when he takes the card to the back than you are to have your credit hacked via your phone.

Dave
 

Forum statistics

Threads
958,683
Messages
6,977,445
Members
3,164,119
Latest member
vinod681