Yeah, the security sky is falling.
Point 5 of the IBT article - "Users who want root access must purchase Android 5.0 devices that are not locked or bound to network carriers." - is hogwash.
You need an unlockable device, and in my opinion, preferably one that doesn't involve an exploit. That's Nexus or an HTC not on Verizon (sometimes AT&T) and possibly Sony with the same predicate.
So already the article is suspect - it liberally quotes chainfire without linking to what he actually said (click the link in the article, don't just trust it lol, it's nonsense), editorialized and not only got it wrong but got it technically wrong.
And best of all, finally found some buzzwords and an actual *Android* expert to quote to make the same point I've been hearing about for years - let's recite together:
Android is vulnerable.
Android is vulnerable to malware.
Rooting Android only makes it worse.
The truth is far less sensational.
1. All operating systems are vulnerable.
2. All vendors ought do more about that.
3. For best security you must have control over your own updates - that means admin access (the original term was superuser or supervisor access, and that's root on all unix variants), maintain a *proper* firewall, and don't let anyone else, including and especially the vendor, control your system updates.
If you don't know how to perform supervisor tasks, trust your vendor cautiously or learn how.
And ignore sensational articles lol.
Meanwhile as I'm sure everyone knows -
http://www.xda-developers.com/android/chainfire-roots-nexus-9/
To begin, that tells us what we should already know - if you can unlock your bootloader, you can inject root.
And in addition to unlocking, here's what he really said that the IBT article was going off of -
https://plus.google.com/app/basic/stream/z13fjtr4voemxt4ph04cjl1aoor5ezninhc
And what is the great kernel mod? Changing the ramdisk so that the su daemon runs at boot and therefore as root.
As for root apps (the whole point) being broken thanks to SELinux - perhaps. But I prefer to take chainfire's word for it -
"By far most root apps should be updateable for L without too much issue. There are indeed exceptions that will need some special care, but those are rare."
That was 3 weeks ago. Is it still true?
I don't know, I just know that that the actual, not prerelease, Lollipop has been rooted - on the new Nexus.
What does the future hold?
I have no idea.
I do know that some rules are never going to change -
If you root using an exploit rather than unlocking your bootloader first and that makes you happy, then you're being happy with an inherently non-secure and vulnerable device to begin with. If you get compromised by pirated apps or services or websites or attachments, then don't act surprised. Just be proactive about your own security procedures.
The biggest security vulnerability is and will always be us - users.
And what about supervisor access on SELinux? Does that go away on the desktop?
No. No it does not.
In the desktop world, SuperSU is called sudo. Here's a pretty decent write up about SELinux including what's changed for sudo -
https://wiki.archlinux.org/index.php/SELinux
^RIGHT THERE.
SELinux doesn't remove or destroy Linux sudo and it therefore does not have to remove or destroy Android sudo - what you all call SU or SuperSU.
So - does chainfire's method break down the strictures of SELinux? After all, it's a kernel and the internet is quoting chainfire that you have to change it.
Wrong. The kernel is bundled with the Android ramdisk (inside the boot image partition on probably most Androids). He changed the ramdisk, he doesn't burn down SELinux.
The security sky - still not falling.
Rooting Android - still needs an unlockable bootloader to do it right, same as it ever was.
Popular press, and now including Android news sources - still lying dumbasses who believe their trash and want you to as well.
Do we know how and where this whole freak out about Android security started?
Yes. Yes we do.
As you enjoy the following public service message with naughty language bits, remember what Adolf said about 80 years ago - to get people to believe a lie, make it a big one and tell it over and over and over.
From June of 2010 ok -
It's all about the bootloader.
The rest is just noise.
I have a CD called Time Warp: the opening track is my "torture test" for speakers to see what they're really capable of. But these have to bake in for at least 10 hours before I hurt them with this. So this weekend? Windows? Why clean 'em? Blow 'em out, baby!