Your Android Root Manager May be a Backdoor for Hackers - Magisk, KernelSU, etc. скачать в хорошем качестве

Your Android Root Manager May be a Backdoor for Hackers - Magisk, KernelSU, etc.

Risks of Rooting Android? Magisk, KernelSU, & aPatch Could be a Backdoor for Hackers ~~~~~ Hi! Don't forget to like the video, subscribe to the channel, and hit the "Thanks" button on this video, if you can, and join our channel community here -    / @explainingandroid   Report - https://zimperium.com/blog/mobile-thr... Video Description ~~~~~~ Whether that's Magisk, KernelSU, APatch, or any of the others. Don't think they are and will always be secure because vulnerabilities do slip in from time to time And if you aren't there to update the framework then your device and all of the personal data you have on it could be accessible to those malicious hackers. #android #magisk #apatch #kernelsu #androidroot Alright, let's start with a quick refresher on why this is such a big deal. When your phone is unrooted, Android operates on a principle called a "sandbox." Every app lives in its own little box, with strictly limited permissions. It can’t read another app's data or mess with the core operating system. This is Android's biggest strength when it comes to security. But when you root your phone? You tear down those walls. You grant "superuser" or "root" access, which is the highest level of privilege possible in operating systems like Android and Linux. It's really what allows you to customize every corner of your device. The problem is, you’re now relying almost entirely on your root framework apps, like Magisk or KernelSU, to be the gatekeeper. What happens when this framework can be bypassed? While this article was published this month, it's highlighting a vulnerability within the KernelSU application from mid 2023. So this isn't a video telling you this app or that app is not safe. Instead, I just wanted to show how a vulnerability like this can be found. . .and what it means if you don't update your stuff ASAP. Some security researchers at Zimperium found a critical flaw in KernelSU, specifically in versions up to 0.5.7, but this type of flaw is a warning for the entire rooting community Modern rooting tools like KernelSU are clever. Instead of just placing a file on your system to gain root access, they directly patch the heart of Android, the kernel, to create a secret back channel for root commands. To make sure only the legitimate KernelSU manager app can use this channel, it performs three security checks. It checks if the app is in the right place if it has the right owner and most importantly, it checks the app's digital signature to confirm it’s the real, official KernelSU app and not some imposter. And here’s the flaw. The signature check was lazy. Instead of carefully verifying the signature of the app that was asking for permission, older versions would just checked the first base.apk file it could find associated with the process. This allowed a malicious app to manipulate the system and put the real KernelSU manager's signature in front of its own. The kernel sees the legitimate signature, thinks everything is fine, and grants full root access to the malicious app. Game over. Your phone is completely hijacked. And this isn't just a KernelSU problem. The researchers noted that nearly every rooting framework has had similar authentication flaws at some point. A recent Magisk vulnerability allowed an app to impersonate Google Mobile Services to gain privileges. It's a constant cat-and-mouse game. Rooting your Android smartphone fundamentally changes its security posture. You are the sole person responsible for its safety. That means two things are absolutely non-negotiable. The developers of KernelSU patched this vulnerability as soon as they were notified. Running an old version of your root manager is like leaving your front door wide open. Whether it’s Magisk, KernelSU, or your custom kernel, check for updates regularly. The attack we just discussed only requires you to install a malicious application. So a good line of defense here is to not download sketchy APKs from untrusted websites. If this video was informational and helped you to better understand the importance of keeping your root frameworks up to date. Summary ~~~~~ 1. Intro [00:00] 2. Why Security Ends Up as a Double-Edged Sword when Rooting Android? [00:46] 3. KernelSU Vulnerability Explained [02:16] 4. Conclusion [05:42] As an Amazon associate, I may earn a commission on sales from the links below. The Gear I Use ~~~~~ 5W "Slow" Charger - https://amzn.to/2OaUMV8 Fast Charger - https://amzn.to/3rtBsC6 MicroUSB Cable - https://amzn.to/38dkpeM USB-C Cable - https://amzn.to/2OqlTvi TPU Cases - https://amzn.to/38g9b9w USB-C to 3.5mm Dongle - https://amzn.to/3rVt7c3 USB-C to 3.5mm DAC - https://amzn.to/3CyksSJ NVIDIA Shield TV - https://amzn.to/4cZFaJz Telescopic Controller - https://amzn.to/3uDrvY9