• Popular Android game checks for Root
    22 replies, posted
It has been discovered that a popular Android game, Pocket Frogs, asks for root on startup,. Further investigation has revealed this s due to the ad-provider w3i having this code in ther library: [code] protected boolean isRooted() { try { if (Runtime.getRuntime().exec("su") != null) { return true; } return false; } catch (IOException ex) { return false; } } [/code] [img_thumb]http://i.imgur.com/q6JeL.png[/img_thumb] My question is, Why would the advertisment company need this information.
Intrusive ads? Rootkit installation?
[QUOTE=Thund3rdome;33563864]Intrusive ads? Rootkit installation?[/QUOTE] The code dosnt seem to do anything other then check for root apparently
Couldn't the devs possibly check for Superuser, then inside the app abuse that?
[QUOTE=Thund3rdome;33563968]Couldn't the devs possibly check for Superuser, then inside the app abuse that?[/QUOTE] The app code is what was decompiled, to look for what it did with super user. that code is from the code decompiled.
Atleast it isn't running a "su rm -rf /"
[QUOTE=Fatal-Error;33564165]Atleast it isn't running a "su rm -rf /"[/QUOTE] I have that command running cronjob every 30 seconds, speeds up sytesm by 20%
[QUOTE=ripple3000;33564401]I have that command running cronjob every 30 seconds, speeds up sytesm by 20%[/QUOTE] Yeah, likely for the 10 seconds before everything goes dead
Just click deny. And the Battle.net Mobile Authenticator uses root for some reason. I don't know why, but whatever.
[QUOTE=PvtCupcakes;33566705]Just click deny. And the Battle.net Mobile Authenticator uses root for some reason. I don't know why, but whatever.[/QUOTE] The Iphone version checks for jailbreaks to show a notice about how your device is less secure jailbreaked and might compromise your account security. I imagine they do the same on Android.
[QUOTE=sippeangelo2;33567131]The Iphone version checks for jailbreaks to show a notice about how your device is less secure jailbreaked and might compromise your account security. I imagine they do the same on Android.[/QUOTE] Yeah, it does that too. I don't know why it asks for root permission though rather than checking for the su binary.
[QUOTE=PvtCupcakes;33566705]Just click deny. And the Battle.net Mobile Authenticator uses root for some reason. I don't know why, but whatever.[/QUOTE] The point is even if you click deny, it still has logged you have root access, and sent it to the advertiser. [editline]4th December 2011[/editline] [QUOTE=PvtCupcakes;33567748]Yeah, it does that too. I don't know why it asks for root permission though rather than checking for the su binary.[/QUOTE] I believe it is checking for a SU binary that can be called by the user, not just the prescence of any old SU, could be wrong though.
Couldn't they run [code]which su[/code] to see if the binary is there? I'm not experienced with android rooting, but I think that the problem is caused because su is "called".
[QUOTE=Boris-B;33568893]Couldn't they run [code]which su[/code] to see if the binary is there? I'm not experienced with android rooting, but I think that the problem is caused because su is "called".[/QUOTE] I believe the problem is advertisers are greedy, they want true information that can't easilly be blocked. the Which su method could be blocked easy by a market app that installed a custom which that ignored SU.
[QUOTE=nekosune;33568617]The point is even if you click deny, it still has logged you have root access, and sent it to the advertiser. [/QUOTE] Not sure how having root on your phone helps an advertiser sell stuff to you. :v:
[QUOTE=PvtCupcakes;33569009]Not sure how having root on your phone helps an advertiser sell stuff to you. :v:[/QUOTE] They could (in theory) gather more information about you with it.
IIRC every app on android has a private storage space that is only visible to it. If you have root access you can most likely have access to that information.
[QUOTE=PvtCupcakes;33569009]Not sure how having root on your phone helps an advertiser sell stuff to you. :v:[/QUOTE] For one it would put you in the more technical market, so instead of "Free memory download" apps, they may show "Proffesional Root Explorer" app adverts.
WhatsApp seems to be able to check for root without requesting permissions, Maybe they're trying to get people to remember the decision and put in malicious code later? Of course, from a paranoid person's point of view.
Every app has a folder in /data/data/ which contains data specific and private to that app. For example, saves, settings, and cache for Angry Birds are stored in /data/data/com.rovio/angrybirds/. Apps cannot access other apps' /data/data/ folders at all, unless they have root permission. Then they can use a root shell to cd, ls, mv, rm, anything in another app's folder.
Aren't there either phone apps or pc apps that can strip the ads out of phone games and phone apps yet?
[QUOTE=P320;33580176]Aren't there either phone apps or pc apps that can strip the ads out of phone games and phone apps yet?[/QUOTE] Yes, you can block ads in a rooted Android.
I noticed the Blizzard Authenticator app doing the same. Allowing it makes it tell you that it could be unsecure to root and someone could steal your auhenticator key.
Sorry, you need to Log In to post a reply to this thread.