Computer scientists recently discussed several vulnerabilities that were discovered in Android bootloaders using...
the BootStomp tool. How do Android bootloaders work, and what are the risks of the vulnerabilities?
Android bootloaders work similar to a BIOS on a PC, as they enable the phone to look for a boot device and start up from it. Bootloaders also enable users to reset their device, unlock the bootloader and put the bootloader in fastboot mode to enable files to be sent from a computer -- typically to flash different official firmware or recoveries.
Vulnerabilities are typically caused when the device's bootloader is unlocked, as an unlocked bootloader enables the user to make many different changes to the device that the OEM would not typically allow. This can include flashing custom ROMs, sideloading programs, flashing recoveries and modifying system elements.
Most OEMs won't honor devices with problems if their bootloaders are unlocked, since a locked bootloader usually provides better protection against vulnerabilities. These vulnerabilities can prevent the device from booting up, programs from operating properly, and it can also alter the device's actions.
However, the standard user wouldn't have an unlocked bootloader, and even fewer people have root access, which some of these vulnerabilities require. These exploits would somehow need to gain root access to the Android device to make changes, and they could be devastating if that access is obtained.
There could be some cases of consumers buying used devices that come with an unlocked bootloader or that have been rooted, but those instances are rare. These exploits could possibly unlock the bootloader themselves, but this action would most likely require a reboot to do so.
The best way to stay safe from these vulnerabilities is to only install apps that you trust and to make sure that you know what apps you're giving administrative access to on an Android.
Ask the expert:
Want to ask Kevin Beaver a question about security? Submit your question now via email. (All questions are anonymous.)
Dig Deeper on Mobile application security best practices
Related Q&A from Kevin Beaver
Android Oreo replaced the allow unknown sources setting with a new feature that enables users to selectively install unknown apps. Kevin Beaver ... Continue Reading
Equifax's Apache Struts vulnerability was an example of a scan not being read correctly. Kevin Beaver explains vulnerability scans and how issues can... Continue Reading
Kaspersky Lab recently discovered an undocumented feature in Microsoft Word. Expert Kevin Beaver explains the risks and what to do if you come across... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.