What can a company possibly gain by making Android phones hard to root?

Question

As someone who recently got a HTC Hero, I had to jump through several hoops to get root access on the phone to install custom firmware. Now, Android is open-source and fairly easy to build and hack on an emulator. It seems to be against the spirit of open-source to lock down a phone so you can't hack the phone itself.

Now, often, there are understandable (though not always justifiable) reasons for locking a device down. For example, it might have proprietary software on it or you might want to retain control of the platform. However, Android by its open-source nature makes such concerns moot. Everyone and their dog has access to the userland code, and HTC is forced by the GPL to release kernel sources for each of their devices.

So, I fail to see any motivation for alienating the hackers, when there is no possible benefit (in my mind) to be had from doing this. Any idea why a company would want to do this? Is it just short-sightedness or am I missing possible commercial implications of this?

EDIT: Here's an example of just how hard HTC is willing to work to make their devices unrootable.

Back in the early days of Android, rooting was easy. You had several options - you could flash stuff via the bootloader, you could flash an engineering bootloader, you could use kernel exploits - there were many ways of getting the low level access to your device that - in fairness - I think we as paying customers are entitled to. As time has progressed however, the manufacturers have made things harder and harder. The Desire is not a straightforward phone to root, for many reasons, including...

a 'perfected bootloader' that doesn't allow flashing or booting of any images (even HTC signed ones)

a RUU flash process that does not allow downgrading of the bootloader to earlier versions

a kernel (that as yet does not have publicly available source) that as yet has no known exploits

a new protection method previously seen on the HTC Tattoo that protects key partitions from having write access. Even with SU access, it is not possible to write to the boot, recovery or system partitions.

From here.

Answer 1

For simplicity. Most of the time, no code for rooting needs to be implemented as most users (read: unsophisticated 'normal' users) won't need to do such things. I dunno if this works (I don't have an android phone) but does SSH work?

Answer 2

It makes customer support simpler and cheaper - if you can root the device you can break it.

Answer 3

Prevent root access to your phone is in the interest of the carriers. By preventing you to become root, they think this would improve security and protect them of a abusive behaviour.

This Question was asked during the last android conference.

Answer 4

I would imagine one of the reasons that a company might make its phones hard to root is to keep its customers happy. And by its customers I mean the networks who buy the phones to the sell on to to consumers, not the consumers themselves.

For example, custom ROMs often add tethering which is something that many networks don't want their users to do (unless they've paid extra).

Answer 5

Some carriers like to put some additional restrictions on their phones, such as preventing tethering, allowing only their own GPS-enabled software on it or other "interesting" restrictions that are meant to enhance their business income.

Those carriers have an interest that there's no way to circumvent those restrictions or they would lose a lot of their income (at least they think so).

HTC has an interest to sell to those carriers as well and a big selling point is "you can put all the restrictions you want on them, they can't be circumvented" (basically because that's what almost all other handset producers promise).

Answer 6

Because they provide warranties and support for the phones, they want to make them difficult to misconfigure.

Answer 7

A base reason is that phones are different from computers in that they communicate over regulated spectrum. This means that the modem part of a smartphone must be able to follow the network specifications in order not to cause interference with other devices on the network. To guarantee this there is a type approval process with entities like the FCC. A phone that has not passed type approval is not allowed on the network. A lot of the radio characteristics of the phone are defined in software and to guarantee the functionality of the phone the manufacturers must have ways to show that the software running on the phone is the same as the software it was tested with during type approval.

That said, a smartphone has separate CPU:s for modem software and application software. This means that it would be possible to allow greater freedom on the application side but it is not easy to do. To complicate matters it is often the application side that is responsible for loading and verifying the modem software. If you replace one it may be hard to guarantee the other.

Warranties and the fact that carriers want control are also reasons for making hard to replace the application software. But an important part is that manufacturers to this to comply with radio regulations.

I hope that in the future there will be manufacturers that are able to separate the different software images on their phones in a way that gives hackers freedom to do what they want on the application side while making sure that the modem side behaves correctly on the network in all cases.

Answer 8

Piracy. It is easy to grab an (paid) .apk on a rooted device and throw it online for anyone to use.

Answer 9

It is to protect proprietary code running on the device from piracy as well as preventing malicious code from running without gaining permission from the user.

Answer 10

Preventing root access provides a number of advantages for the carrier and hardware manufacturer.

The most often-touted benefit is security. Without root access, a malicious app (or a user who over-estimates their technical abilities) can cause your personal information to be accessible to third parties, reconfigure the hardware/OS such that the device is inoperable, or perform actions that cost the user money without the user's knowledge (for example, an app that secretly dials overseas toll numbers and racks up huge charges). Locking the user and their apps into a limited-rights user account makes these types of problems much less likely to happen. This is the same reason why your user account on a desktop PC is most likely not the system administrator account. By helping prevent this source of problems, the carrier and hardware manufacturer eliminate a wide array of customer support calls and (more importantly) improve the public's perception of the quality of the device and service (since a "virus disables thousands of Motorola Droid phones" headline makes Motorola look bad, even if the virus is to blame). Depending on locale, this might also open up the carrier or manufacturer to legal liability in some cases, such as the identity theft of a user by malicious third-party code that was running as root (and doing things that the device was not even attempting to prohibit).

Another reason is contractual. Many phones, when they are first released, are only available to certain carriers for a period of time. Those carriers pay a hefty premium for their exclusive access windows. If a user could freely root the device, it would be easier to modify the phone for use on other networks, bypassing the exclusivity that the carrier paid so much to ensure. If the phone manufacturers didn't take reasonable steps to make it difficult to do this, then carriers would be much less likely to enter into an exclusivity agreement, which means the manufacturer would lose the extra money that such an agreement would bring.

Rooting a phone can also give the user information about and control over the hardware that the device manufacturer never designed them to have. When the user has limited permissions, device testing gets much simpler. Anything that requires root access can skip detailed user tests and safeguards because only the static system software will be able to access it. Also, some hardware makers use "tricks" to reduce manufacturing costs that could damage their profitability if widely known. For example, some companies that sell multiple versions of a particular product (such as a "light" and a "normal" version) actually use the same hardware in order to save manufacturing and inventory costs. The "light" version would use the firmware/software to under-clock the hardware and disable certain features, making the device appear to be a different hardware model. If the customers discovered this and had root access, they could buy the less expensive "light" model, patch the software to remove the hardware-limiting features, and end up with the more expensive model of phone for the price of the cheaper model. I remember having a CD-RW drive that did this; once someone discovered that the slower, "budget" version of the drive could be converted into the faster model by software, it was only a matter of time before a hacked driver was released that "upgraded" your drive and saved a lot of people about $40 by not having to buy the more expensive model.

Sometimes, firmware/software can contain inactive, incomplete code that wasn't finished in time to make it into that release. Some of this code may refer to features that have not been announced or technologies that have not been fully patented or have not passed the appropriate regulatory tests. If a user has root access and can activate this code, then the phone manufacturer runs the risk of being held liable for disclosure of trade secrets, selling devices that do not meet regulatory guidelines, etc.

Some carriers and device manufacturers get paid to periodically "push" content onto your phone. For example, several people I know all had a "Watch NFL Games Live" application suddenly appear on their Blackberry devices one day. Whoever created that app paid to have it force-loaded onto customers' devices, and these "content-pushing" fees are an important revenue stream for many companies. Giving the user the ability to disable the remote loading of content would shrink the number of users exposed to the media in question and thus reduce the fees they could collect from the content creator.

And of course, root access is blocked to ensure that proprietary revenue streams remain intact. If you sell an app in the Android market, Google receives a commission of the sale price. If a phone was easily root-able, the Marketplace app could be replaced with a version that is run by another company that collects slightly lower commissions. Google uses the Marketplace income stream to fund Android development (among other things), and losing their "app store" traffic could change Google's mind about the idea of an open-source smartphone OS. Similar profit motives also exist from the carrier's point of view, as other answers here have mentioned (dis-allowing apps that replace services that the carrier charges extra for, etc).

All that being said, I still don't like the lengths to which manufacturers go to prevent users from having any real control over their devices. I understand why carriers and manufacturers want to lock down devices as much as possible, but if I find a bug or a badly-designed part of the software and fix it, what's wrong with letting me run the fixed version on my own phone (provided that I'm made fully aware that I won't receive any official support, and there's a fast, easy way for customer support to detect modified software)? For example, you may be familiar with a Windows utility called TweakUI. This app adds an extra control panel that gives the user control over a wide variety of system settings that they would otherwise be unable to change. If a power user wants a higher degree of configurability, they can download and use this utility. A normal user would not need such a tool and would not install it, safely preventing them from accidentally mis-configuring their system. Why not have an official "advanced tweaking console" app that can give similar advanced setting to power users. In many cases, this could give the user the extra capabilities that they would normally root their phone for while still retaining the benefits of running as a non-root user.