Nmedia - Fotolia

Q
Problem solve Get help with specific problems with your technologies, process and projects.

Android bootloader: How does it work and what is the risk?

Several vulnerabilities were recently discovered in Android bootloaders via the BootStomp tool. Kevin Beaver explains how they work and what risk these vulnerabilities present.

Computer scientists recently discussed several vulnerabilities that were discovered in Android bootloaders using the BootStomp tool. How do Android bootloaders work, and what are the risks of the vulnerabilities?

Android bootloaders work similar to a BIOS on a PC, as they enable the phone to look for a boot device and start up from it. Bootloaders also enable users to reset their device, unlock the bootloader and put the bootloader in fastboot mode to enable files to be sent from a computer -- typically to flash different official firmware or recoveries.

Vulnerabilities are typically caused when the device's bootloader is unlocked, as an unlocked bootloader enables the user to make many different changes to the device that the OEM would not typically allow. This can include flashing custom ROMs, sideloading programs, flashing recoveries and modifying system elements.

Most OEMs won't honor devices with problems if their bootloaders are unlocked, since a locked bootloader usually provides better protection against vulnerabilities. These vulnerabilities can prevent the device from booting up, programs from operating properly, and it can also alter the device's actions.

Unlocked bootloader impacts users

Unlocking a bootloader would not be caused by a standard user. Even fewer people have root access, which some of these vulnerabilities require. These exploits would somehow need to gain root access to the Android device to make changes, and they could be devastating if that access is obtained.

An unlocked bootloader enables the user to make many different changes to the device that the OEM would not typically allow.

There could be some cases of consumers buying used devices like phones that come with an unlocked bootloader or that have been rooted, but those instances are rare. These exploits could possibly unlock the bootloader themselves, but this action would most likely require a reboot to do so.

The best way to stay safe from these vulnerabilities is to only install apps that you trust and to make sure that you know what apps you're giving administrative access to on an Android.

Ask the expert:
Want to ask Kevin Beaver a question about security? Submit your question now via email. (All questions are anonymous.)

This was last published in January 2018

Dig Deeper on Mobile application security best practices

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

How do you think that the BootStomp tool will benefit companies and devices in the future?
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close