Safety of Root Files

[jinx#AC]

This may have been asked in previous posts but through searching this forum and other forums on the web I haven't been able to satisfy my thirst for this knowledge.

I am interested in rooting my phone (Samsung Fascinate / Verizon), mostly for sh**s and giggles but also to do some tweaking in the future. I have read numerous guides all over the Internet.

Anyway ... I'm looking through the files and while I trust the SDK released from Google I'm hesitant about that files included to assist with the rooting process.

What is ADB (Android Debugging Bridge?) -- is this a modified version of an original Google app? If so, are there any inherent security flaws that I should be aware of and do anyone know if there are any?

The same question applies to RAGE.bin (what is this, what does it do?).

SU (What is this? Where did it come from? How do I know what it's doing)

And Superuser.apk (what is this and where did it come from? How do I know what it's doing)?

Did these all originate from Android/Google and were then modified? I'm a little uncertain as to what is going on with this process.

It's seems to me, being that I am in a Risk Management field, someone who developed these apps to assist with the rooting process could easily slip in some malicious code that leaves the phone vulnerable to outside exploit and attack. I may be paranoid too.

But mostly, I'm curious. Could someone please help enlighten me?

Danke!


I went ahead and rooted the phone but now I cannot remove the root. Every time I try and remove Superuser.apk it says No such file or directory. From Mac Terminal or Phone Terminal with properly mounted rw access.

What gives I never like to be trapped in something and I Feel like this phone is now trapped in Root mode.

 

[joebob2000]

This may have been asked in previous posts but through searching this forum and other forums on the web I haven't been able to satisfy my thirst for this knowledge.

I am interested in rooting my phone (Samsung Fascinate / Verizon), mostly for sh**s and giggles but also to do some tweaking in the future. I have read numerous guides all over the Internet.

Anyway ... I'm looking through the files and while I trust the SDK released from Google I'm hesitant about that files included to assist with the rooting process.

What is ADB (Android Debugging Bridge?) -- is this a modified version of an original Google app? If so, are there any inherent security flaws that I should be aware of and do anyone know if there are any?

The same question applies to RAGE.bin (what is this, what does it do?).

SU (What is this? Where did it come from? How do I know what it's doing)

And Superuser.apk (what is this and where did it come from? How do I know what it's doing)?

Did these all originate from Android/Google and were then modified? I'm a little uncertain as to what is going on with this process.

It's seems to me, being that I am in a Risk Management field, someone who developed these apps to assist with the rooting process could easily slip in some malicious code that leaves the phone vulnerable to outside exploit and attack. I may be paranoid too.

I have asked all the same questions... the scary thing is that there seem to be very few people even thinking about such risk. This is a telltale sign that the risk of malware is understated. If you dig hard enough you will find the developers responsible for the root tools and other code, they all seem to be upstanding in the community for what it's worth. Will you root and ever again have a warm and fuzzy feeling that your phone and all it's apps are wrapped in an encrypted blanket? No, sadly, that's not the droid you're looking for.

I went ahead and rooted the phone but now I cannot remove the root. Every time I try and remove Superuser.apk it says No such file or directory. From Mac Terminal or Phone Terminal with properly mounted rw access.

What gives I never like to be trapped in something and I Feel like this phone is now trapped in Root mode.

edit: are you careful to capitalize the S in Superuser.apk? I was able to follow same instructions forward and backward when I un-rooted my phone, the only thing to be careful of is the directory you are currently in (try going into /system/app before you rm it) and remember correct capitalization is 100% essential in Unix.

 

[jinx#AC]

Thanks for the follow up. I hate to wrongly assume anything which is why I ask but I still have a little of the impetuousness of my youth floating around in my brain which is why I pulled the trigger before getting a response. Shame on me.

I was never able to remove the root/superuser access using any of the terminal write ups found online. I actually endedup using a Task Manager to "uninstall" the SuperUser app and then I deleted SU and Busybox and tested whether or not I still had root function (app-private, Root Manager) and they all failed.

For me it was important to be able to get the phone back to a non-rooted/superuser status in case I need to send the phone back. Right now I'm not 100% sold on Verizon's service or the phone.

My battery life is crap and when I make phone calls from inside my house it sounds like a rotary telephone calling out. Luckily I have 30 days and I only paid $0.01 for both phones.

 

[jinx#AC]

The other funny thing about Superuser.apk was that after rooting the phone the file DID NOT exist ANYWHERE on the phone that I could find.

I searched every directory it could have been in with terminal commands and even with Root Manager's amazing "search" function and it could not be found. I used superuser.apk, Superuser.apk, SuperUser.apk ... nothing worked.

How could an .APK be on the phone and running and yet inaccessible to root/superuser access but still be able to be uninstalled by a Task Manager app?

That's odd, no?

 

[Ytaay]

The other funny thing about Superuser.apk was that after rooting the phone the file DID NOT exist ANYWHERE on the phone that I could find.

I searched every directory it could have been in with terminal commands and even with Root Manager's amazing "search" function and it could not be found. I used superuser.apk, Superuser.apk, SuperUser.apk ... nothing worked.

How could an .APK be on the phone and running and yet inaccessible to root/superuser access but still be able to be uninstalled by a Task Manager app?

That's odd, no?

That definitely is odd. Perhaps you weren't actually rooted to begin with; that would explain your symptoms. On my rooted device SuperUser.apk can be found under /system/app/.

 

[joebob2000]

How weird... I don't have the original system running right now (i have since backed up that and moved on to a "super clean" rom which took care of all my battery life worries) but on this system I can easily find and manipulate Superuser.apk.

Did you try doing something like `find / > /sdcard/allfiles.txt` and searching that file from your computer? The adb shell can be a slow pain to work with, this is a handy way to see the whole filesystem.

I was in almost the same boat you are; paranoid about a phone that needed its security provisions be broken in order to make the most out of it. If you are really bothered by this then I wouldn't have any regrets suggesting you take the thing back and get a D2 or hold off for the "nexus s" that is coming, either handset will be more "googlerific" and require less rootkit style manipulation.

Personally, I got hooked on the form factor and after a few hours (many many hours) of diligence tracking down what files came from who (most info is available at the xda forums) I got to the point where I trust the rooted platform enough to live with it.

 

[jinx#AC]

I totally dig the form factor of the Fascinate and I really love the Android platform and it's openness. I'm willing to take on the inherent risks offered by an open source market place. I do my due dilligence when it comes to downloading apps and I'm a pretty low end/non-power hungry user. I generally stick to apps I know come from "trusted" sources: facebook, twitter, google maps, google voice, etc and use 3rd party apps when I've read a boat load of reviews and check their security status.

Anyway, back to superuser.apk. As far as I can tell I was definitely rooted. I had access to /app-private and Root Manager worked, Titanium Backup (lite) and a number of other "root" only apps.

I did an ls -l of /system/app and printed it in Word and looked through it. superuser.apk did not exist (under any case) but was definitely present in my apps "graphic" folder and was "uninstallable" via a Task Manager utility.

Once I uninstalled it, deleted SU and Busybox, those apps that previously worked under root access ceased to work.

UNUUUUUUSUALLL!

Bob, do you mind if I ask which ROM you're referring to? I moved all of the bloat ware to my SDCARD (.apk.old) into it's own folder to help speed up the Fascinate and it seems to have worked a bit.

Ive been at work for two hours and I'm already down 25% battery and I've only done light reading of a few articles and a couple of FB and Twitter posts. Unacceptable. Sending the phone back for a new one

 

[Ytaay]

I totally dig the form factor of the Fascinate and I really love the Android platform and it's openness. I'm willing to take on the inherent risks offered by an open source market place. I do my due dilligence when it comes to downloading apps and I'm a pretty low end/non-power hungry user. I generally stick to apps I know come from "trusted" sources: facebook, twitter, google maps, google voice, etc and use 3rd party apps when I've read a boat load of reviews and check their security status.

Anyway, back to superuser.apk. As far as I can tell I was definitely rooted. I had access to /app-private and Root Manager worked, Titanium Backup (lite) and a number of other "root" only apps.

I did an ls -l of /system/app and printed it in Word and looked through it. superuser.apk did not exist (under any case) but was definitely present in my apps "graphic" folder and was "uninstallable" via a Task Manager utility.

Once I uninstalled it, deleted SU and Busybox, those apps that previously worked under root access ceased to work.

UNUUUUUUSUALLL!

Bob, do you mind if I ask which ROM you're referring to? I moved all of the bloat ware to my SDCARD (.apk.old) into it's own folder to help speed up the Fascinate and it seems to have worked a bit.

Ive been at work for two hours and I'm already down 25% battery and I've only done light reading of a few articles and a couple of FB and Twitter posts. Unacceptable. Sending the phone back for a new one

Strange for sure! Hope you have better luck with the replacement phone.

Just curious, what method did you use to root?

In regards to "super clean", that's JT's (JT1134) Super Clean ROM, a very popular ROM for the FASN8 that you can find within ROM Manager, Download ROM. I've been running it for a while and find it to be quite stable. The "super clean" part basically means all the vzw crapwarez have been stripped out for you, plus a few nice tweaks here and there. For more info search in these forums and xda ([ROM] Super Clean De-Binged DI01 + AOSP apps - Updated 10/30 Version 0.4 - xda-developers

 

[jinx#AC]

As for the rooting process, I'm a mac user so I used the Mac tutorial provided by this forum.

I have terminal access as you b/c Mac OSX is built on a Linux kernel. So, the rooting process was seemless. No issues rooting.

I asked a friend who did his root (via PC) and he said he had the same issue. Couldn't find the file to unroot and he has vastly superior coding skills than I.

Oh well ... I know how I can back out of if since I need to ship the phone off eventually. That's all that matters. Un-root, wipe phone and ship it.

 

[joebob2000]

Strange for sure! Hope you have better luck with the replacement phone.

Just curious, what method did you use to root?

In regards to "super clean", that's JT's (JT1134) Super Clean ROM, a very popular ROM for the FASN8 that you can find within ROM Manager, Download ROM. I've been running it for a while and find it to be quite stable. The "super clean" part basically means all the vzw crapwarez have been stripped out for you, plus a few nice tweaks here and there. For more info search in these forums and xda ([ROM] Super Clean De-Binged DI01 + AOSP apps - Updated 10/30 Version 0.4 - xda-developers

That's correct, the JT super clean rom is a de-bloated system based very closely on the carrier build but lacking everthing that sucked about it. I tried a de-bloat twice, following a lot of guidance here on the forums, and just never got much of a battery life bump. I switched to JTs rom and my battery life increased DRAMATICALLY. I don't know if he has secret-stealing sauce baked into it to make the phone run on the energy of my violated privacy, or what, but it sure does work.

As far as your question about superuser.apk, I don't know for sure but I don't think it's technically necessary to have it on a rooted phone. All you need is the binary that actually escalates the privileges, `su` (and to a lesser extent busybox.) Superuser.apk is, as far as I know, just the GUI that lets you manage the settings and the log. So, I guess its possible that you didn't have it to begin with, or it got lost/deleted already, but you still had a rooted phone until removing su and busybox. Bottom line, as long as su isn't on there your apps won't be able to get root (and the opposite is true; with SU and nothing else, they can.)

 

[Sublym1]

It takes a lot of time, patience and research to get where you want to on this phone. Even after rooting, removing bloatware, swapping out roms & kernels, something 'new and improved' always comes out. Not to mention the fact that everyone is still waiting on FROYO for the Fascinate while Gingerbread rolls out on other carriers. In the end, it's all up to you.

At first I was skeptical about rooting and flashing custom roms & kernels. Although after reading about it in here and over @ xda, plus checking out the #samsung-fascinate channel @ irc, I've taken comfort in knowing that we have a bunch of great developers that have put a lot of work into what they do for us, the Fascinate community.

As for me personally, the Fascinate is a really great phone. I've done pretty much everything that I can to get it where it's at now & I must say that I'm satisfied (for now).

 

[Ytaay]

That's correct, the JT super clean rom is a de-bloated system based very closely on the carrier build but lacking everthing that sucked about it. I tried a de-bloat twice, following a lot of guidance here on the forums, and just never got much of a battery life bump. I switched to JTs rom and my battery life increased DRAMATICALLY. I don't know if he has secret-stealing sauce baked into it to make the phone run on the energy of my violated privacy, or what, but it sure does work.

As far as your question about superuser.apk, I don't know for sure but I don't think it's technically necessary to have it on a rooted phone. All you need is the binary that actually escalates the privileges, `su` (and to a lesser extent busybox.) Superuser.apk is, as far as I know, just the GUI that lets you manage the settings and the log. So, I guess its possible that you didn't have it to begin with, or it got lost/deleted already, but you still had a rooted phone until removing su and busybox. Bottom line, as long as su isn't on there your apps won't be able to get root (and the opposite is true; with SU and nothing else, they can.)

Good answer joebob, I think you're right about the superuser.apk, etc. Fits the symptoms: still has root but can't find superuser.apk. Going fwd though, if one wants to give su rights to new installed apps that need it, you'll need that .apk/GUI. There's prolly a work around but it's prolly a PITA too.

 

[Chris3D]

I tried a de-bloat twice, following a lot of guidance here on the forums, and just never got much of a battery life bump. I switched to JTs rom and my battery life increased DRAMATICALLY.

I recently gave BlackHole a try, since it sounded like it promised an even cleaner system than JT's, but after a week or so testing, I was consistently topping out at about 1 day per charge. Flashed back to JT's, and I'm back to nearly 2 solid days. No idea how he did it, but it incredibly efficient in the battery dept.

 

[Ytaay]

I recently gave BlackHole a try, since it sounded like it promised an even cleaner system than JT's, but after a week or so testing, I was consistently topping out at about 1 day per charge. Flashed back to JT's, and I'm back to nearly 2 solid days. No idea how he did it, but it incredibly efficient in the battery dept.

Chris what kernel are you using? And what are you doing in those two days (e.g., browsing, game playing, phone calls, msging, etc)? Nearly 2 days is really good.

 

[Chris3D]

Chris what kernel are you using? And what are you doing in those two days (e.g., browsing, game playing, phone calls, msging, etc)? Nearly 2 days is really good.

Stock kernel, and normal use over the two days - probably 1 to 2 hours of calling, 20 to 30 text messages and a bunch of e-mail checking and web browsing. I'm not on the thing constantly, but I don't hold back using it when I need\want to.

I am on my second Fascinate... I sent the first one back because of the dismal battery life, but I hadn't rooted and was stock everything. I picked up another, rooted and debloated and improved the battery life quite a bit, but the biggest difference was definitely switching to JT's rom. I've tried different kernels too - JT's non-voodoo as well as one of the early StupidFast ones, but in both cases, battery life suffered over stock.

Since you're obviously comfortable rooting, and if you're well within your 30 day window, I'd recommend installing ClockworkMod, backing up your system and then flashing JT's SuperClean. Try it for a few days and if it works for you, great, if not, just flash your backup back and send the phone back.