The Open-Source Classroom

Pwn Your Phone

Shawn Powers

Issue #222, October 2012

Whether you want to install a custom theme or just get rid of apps installed by your carrier, rooting an Android phone puts you in charge.

I've owned two different Android phones since they first were released, and I eventually rooted both of them. My Droid (original) was such a popular phone that rooting it was very simple. I used my rooted Droid until it wore out and rebooted every time I slid open the keyboard. My second Android phone, the Samsung Galaxy S2, is the phone I have right now. It actually was quite a bit more challenging to root, but in the end, I couldn't resist the lure of total control. Sadly, no amount of rooting can supply a hardware keyboard for my S2, but at least I can run whatever ROM I want on it now. Before I go into how to root an Android device, it's important to discuss why you might want to do so, or why you might not.

One of the most common questions I get via e-mail or Twitter is how to root an Android phone. As you can see by the size of the following article, that's not a question easily answered in 140 characters. So, in this article, I talk about rooting an Android device and then describe the process for installing a custom ROM. It's complex, sometimes frustrating, and it can be dangerous if you don't do your homework in advance. If that doesn't scare you off, read on.

What Is Rooting?

Rooting your phone simply means gaining access to the underlying Linux (Android) operating system with root privileges. It's basically the same thing as having sudo access to a Linux desktop. By default, your phone will give you only user-level privileges, which means you can't run programs requiring superuser access to the underlying system.

There is some confusion regarding what rooting actually gives you. If you root your phone, you'll still be running the same firmware. Your phone won't look any different, apart from a new app called “superuser”, which will allow you to give certain applications elevated privileges. From a functionality standpoint, rooting your phone gives you the ability to run applications that wouldn't otherwise work, but it won't completely transform your phone like a custom ROM would do (more on that in a bit).

Rooting Your Phone, the Pros:

  • Some useful apps, like backup apps, will work only with root access.

  • Some apps, like Tasker, work with unrooted phones, but they do much more if your phone is rooted.

  • Rooting is the first step toward installing new ROMs.

  • Overclocking and underclocking are possible only with root access.

  • Having a rooted phone implies some geek street cred.

Rooting Your Phone, the Cons:

  • Rooting most likely will void your warranty.

  • Some apps (Amazon video streaming, for example) will not work on a rooted phone.

  • Rooting is the first step toward potentially bricking your device.

  • Using some root-requiring apps (Wi-Fi tethering, for example) may cause fees from your wireless carrier.

I Want Root!!!

Unlike Apple's iPhone, the Android world is full of multiple vendors, multiple devices and multiple procedures for rooting. Heck, even my Samsung Galaxy S2 comes in different models for different carriers, all with slightly different ways to do things. There just isn't a single “way” to root an Android device. To add more frustration to the mix, the methods and even the feasibility of rooting often depend not only on the hardware, but also on the specific version of the Android OS installed on the hardware. For example, I upgraded my Galaxy S2 to the official AT&T version of Ice Cream Sandwich. For quite a while after that official upgrade was released, rooting wasn't possible for folks who upgraded using official channels. This means that before attempting to root your phone, it's important to research your exact model phone and the exact version of Android you're currently running.

Luckily for Android users, there is a large and active community of users for almost every device available. A quick trip to androidforums.com usually will turn up a thread dedicated to rooting a particular phone or tablet. Be careful with generic Google searches, because it seems there are unending blog posts and forum entries claiming to have the newest and best rooting methods. Unfortunately, those well-meaning blog posts aren't always updated when a less-dangerous or more-reliable method is developed. Sticking to sites like androidforums.com or forum.xda-developers.com is a good way to keep up on the latest developments with regard to the world of hacking and rooting.

But My Phone Looks the Same!

The superuser app is all well and good, but apart from opening up the possibility for root-requiring apps, rooting a phone doesn't change the way it looks. For that, you need a new ROM. Unfortunately, installing a custom ROM is a complex endeavor for some devices, and not all devices even support custom ROMs. What is a ROM, you ask? Basically, in the Android world, the terms “ROM” and “firmware” often are interchangeable. The actual Linux operating system with all its applications and sometimes kernel usually are packaged together in a downloadable ROM file for a particular phone or tablet. One of my favorite custom ROMs is the open-source CyanogenMod (Figure 1). Because hardware is so different across devices, it's important to get a ROM file specifically created for your exact model. This is one instance where buying a particularly popular phone is a boon, because those devices usually are supported first.

Figure 1. Even the boot screen of CyanogenMod is cool.

Once your phone is rooted, you need to make sure you have a recovery system that supports custom, unsigned ROMs. The system recovery is a part of the Android device that acts a little like the system BIOS of a computer system. Most times, when you root a phone, a custom recovery program is flashed too. That isn't always the case, however, so it's important to make sure you have a recovery program flashed onto your system that supports custom ROMs. The most popular recovery program by far is ClockworkMod, available at www.clockworkmod.com. It can be very challenging to flash ClockworkMod onto your rooted phone by hand, so I highly recommend the program Rom Manager from the Google Play store. The free version of Rom Manager includes the ability to flash a custom recovery program, so unless you run into problems using Rom Manager, it's hard to find a reason to use any other method. If you want a one-stop method for installing complete ROMs, the paid version of Rom Manager can make that process painless too. If you don't want to shell out the dough, however, using ClockworkMod to install ROMs is dead simple.

Before You Begin

You've read the warnings, but you've seen CyanogenMod in action, and you really think a custom ROM is for you. Before I talk about flashing, let's quickly look at the pros and cons.

Custom ROM—the Pros:

  • Most custom ROMs are compiled for specific devices and often are optimized for better battery life or faster performance.

  • Custom ROMs eliminate all the pre-installed applications your carrier forces you to keep on your device.

  • If you want to tweak the look of your phone, most ROMs support elaborate customizations.

  • If a rooted phone gets you geek cred, a custom ROM makes you a guru.

Custom ROM—the Cons:

  • Installing a custom ROM almost always is tricky.

  • If you're not comfortable with troubleshooting, installing software on your computer or pulling out some hair, custom firmware may not be for you.

  • Although it's rare nowadays, it's still possible to brick your phone.

  • You almost assuredly will lose your carrier's support if something goes wrong; carriers won't help and will have no pity.

Cross Your Is and Dot Your Ts

If you still want to install custom firmware, go to the Web site to get the ROM. Again, I really like CyanogenMod (www.cyanogenmod.com). Once you locate the specific ROM file for your exact device (remember, even the Samsung Galaxy S2 has several different models, all needing different ROMs), put the zip file on the root of your SD card. Then, make sure it's the correct ROM. Yes, I realize I keep saying that, but fixing a phone that won't boot due to flashing an incompatible ROM can be very frustrating. Anyway, once you have the zipped ROM on your SD card, boot the device into recovery mode. Most phones have a certain method for booting into recovery mode, usually consisting of holding down certain buttons while booting. But, because you already have Rom Manager installed, simply choose “reboot into recovery” from the menu (Figure 2), and your phone or tablet should reboot directly into ClockworkMod.

Figure 2. Rom Manager is a great tool, and one of the few apps I buy without hesitation.

Once ClockworkMod is loaded, navigate the menus using some combinations of buttons on your phone. Often volume up/down will traverse the menus, and the home button will select. Depending on your device and the version of ClockworkMod, you may have other buttons or the touchscreen with which to navigate. Before you flash your new ROM, you need to make a backup! Thankfully, ClockworkMod has the backup feature built in, and in the event of a failure, as long as you can reboot into recovery mode, you should be able to restore your phone to the backup.

Now that you have a backup (you do have a backup, right?), navigate the ClockworkMod menu to find the “install zip from sdcard” option, and locate the ROM file you saved onto your SD card. You'll get the option of whether to wipe the data directory, and often with brand-new ROMs, it's a good idea to get a fresh start.

After your Android device is flashed, it will reboot and, hopefully, load the custom ROM you flashed from your SD card. If something goes wrong, you'll need to go back to the forums and try to find someone who had a similar problem or even post a question yourself. (I urge you to search long and hard before posting though. I've never had a problem that was unique to my setup, and it seems someone always has made a similar mistake and posted about it.)

Success!

If everything went well, you now should have a pretty great Android system without all the bundled apps your carrier originally installed. You've also made it so that if you go to your carrier for support, the customer service rep will laugh at you and possibly accuse you of doing horribly nefarious things by installing a custom ROM. The advantages outweigh the disadvantages for many folks, so if you have a few spare hours and a willingness to put your beloved Android device at risk, rooting and installing custom firmware can be a great way to breathe new life into a tired phone.

In closing, although most devices available require the bootloader to be unlocked (that is, rooted) in order to gain access to the underlying system, there are a few limited exceptions. If you want an Android tablet with root access out of the box, and a vendor who thinks custom ROMs are a great idea, check out the review of ZaReason's ZaTab in the September 2012 issue of Linux Journal. ZaReason doesn't try to lock you out of your own device, and that deserves praise (www.zareason.com).

Shawn Powers is the Associate Editor for Linux Journal. He's also the Gadget Guy for LinuxJournal.com, and he has an interesting collection of vintage Garfield coffee mugs. Don't let his silly hairdo fool you, he's a pretty ordinary guy and can be reached via e-mail at info@linuxjournal.com. Or, swing by the #linuxjournal IRC channel on Freenode.net.