G2 Has an Anti-Rooting Rootkit, Not Good

This is not good.

Newest Google Android Cell Phone Contains Unexpected ‘Feature’ — A Malicious Root Kit. | NewAmerica.net (h/t MobileCrunch)

The short summary version: T-Mobile has added a rootkit to their soon-to-be released G2 Android phone that reportedly resets the phone to its original software after rooting.

It’s unclear if the rootkit undoes both custom ROM installations, like CyanogenMod, and application rooting like unrevoked (@unrevoked).

Since the phone is still unreleased, I doubt that an application root method has been developed yet.

So, why is this bad?  Android is provided for free by Google to carriers under an Apache license, and adding a rootkit that controls what can be installed on the device flies in the face of the openness of the license.

I’m not a licensing expert, but I don’t think T-Mobile has violated the licensing terms for Android. They are playing dirty pool, though.

More important is the consumer’s inability to modify the hardware to her/his liking. As New America states:

This would be akin to a computer sold with Microsoft Windows containing chip that prevented users from installing Linux or another operating system of their choice.

Recent exemptions made to the DMCA explicitly permit the jailbreaking and unlocking of mobile phones. It seems logical that this exemption would also apply to the installation of a custom ROM. Again, from a novice’s viewpoint.

I suppose the issue here is that modders will brick their phones and consume T-Mobile’s resources trying to get back to the factory default.

Still, this is a bogus argument. Undertaking a mod like this requires a pretty high level of comfort with technology. People who failed would most likely seek out T-Mobile’s assistance as a very last resort, if only to save their egos.

I speak from experience here.

Anyway, this is a big deal for the Android community. What do you think about the implications, repercussions, etc.?

Find the comments.

Update: CyanogenMod (@cyanogen) has requested that we stop calling this a “rootkit”. Lulz. This will not end well for T-Mobile, see many historical examples of corporations vs. motivated geeks.




  1. As some comments alluded to, networking is shared, and for the industry to mature, there needs to be enforced standards. Years ago, I advocated for two internets: a closed one, with very strong non-repudiability down to the hardware level, and an open one, for those who think they can survive in the wild west with some illusion of freedom. It looks like the motivation for commercial return supports that first one (my argument continues to be, it is an absolute necessity for commerce). Who would pay for the second?

    I think it’s less like a chip that won’t let you replace Windows, and more like a chip that won’t let someone drive your car off without using the right key.

    Looking at this stuff, my inner twilight zone imagines a social hack that makes people think something terrible is going to happen unless they do something terrible first – like the result of “The Last Night of the World” in the Illustrated Man movie.

    A work in progress:

    Let me out to the root hack
    Flash my prom with a game
    Give me some c-code and perl, hex, awk
    Don’t use a phone for dumb talk talk talk
    So it’s root, root, root for the rootkit
    If it don’t crash it’s a shame
    ‘Cause it’s L O L catz your out
    For some

  2. How is this like a chip that won’t let someone drive your car without the right key? As if the device presumes to know what software is correct for it? And how is it not like the Windows vs. Linux install analogy? The G2 is a small computer, not a car 🙂

  3. Two thoughts: 1) Seems like T-Mobile is taking a page from the Apple book, as in “we want total control over the experience you have with the device”. Not a good trend, as you pointed out. 2) On the upside, how long after release will it take from some hacker to release some type of exploit/workaround? “Openness” will prevail for those that want it.

  4. Re. 1) I think T-Mobile would be much less transparent about it, probably citing user protection or support issues. Unlike Apple, they’re trampling on the open spirit of Android. Which leads to a holy war with hackers, as you mention in 2. I doubt it will take long.

  5. I was referring to car keys with chips in them. Yes, exactly so the device knows what software is correct for it. All cars now have multiple computers, too, and yes, there is a commercialized hacker underground for it 😉

    I always do a double-take when I see (presumed) right wing hawks saying the same thing as me http://www.signonsandiego.com/news/2010/sep/23/secure-zone-suggested-to-counter-computer-threat/

    Whether such a lock-in chip is an anti-trust issue boils down to intent and conduct. Making the device software-specific is fine. Locking out competing manufacturers by using monopolist powers in an industry is not fine. It’s hard to make a monopolist argument when there are 3 or more major manufacturers (I’m referring to Android, Apple, RIM and http://blogs.forbes.com/greatspeculations/2010/10/13/windows-7-smartphones-can-give-modest-boost-to-qualcomm/ here).

    My sympathies lie with the hackers (in the proper old definition), by the way. This is just the way things go when you have to take large consumer populations into account. http://omnologos.wordpress.com/2007/03/31/spocks-principle-the-many-the-few-the-one/

  6. I know cars have computers in them 🙂 Mr. Goodwrench told me, and yes, I know there’s hacker underground. Let’s be honest, everything with a computer in it has a hacker underground.

    Pretty big difference between modding a phone and modding your car, since the latter compromises not only the owner’s safety, but that of others. I suppose if modding a phone could kill bystanders with lasers, that might qualify.

    Proceeding to links, may update after reading them.

Leave a Reply

Your email address will not be published. Required fields are marked *