Why Rooted Android Smartphones are Actually More Secure!

I learned all this when i first started rooting on my old nexus 5. Rooting gets a bad reputation mainly because it gives complete control to consumers. Which is something corporations hate.

I'm running Resurrection Remix on my OnePlus 2 and my family thinks I'm stupid and I should stop goofing around with my phone I'd break or end up getting hacked but little do they know, I CONTROL EVERYTHING THAT HAPPENS ON MY PHONE UNLIKE THEM.

Thanks for clearing that up. I miss my rooted phones. Because of you and your channel, the first phone I've ever rooted was my T Mobile Samsung Galaxy Note 3!!

Careful Max, you may have just challenged a few hackers lol

I have to agree with you. You do make some of the best android tutorials on CZcams.

Because of you I started rooting my Androids since my Galaxy Note 1 (which BTW was my last Samsung)
GALAXY Nexus [Rooted]
Nexus 4 [Rooted]
Nexus 5 [Rooted]
Nexus 6 [Rooted]
Nexus 6P [Rooted]
Pixel 2XL [Rooted]
Thanks Max Lee for every single tutorial!
Stay high on Android! ✌️

Random Hacker: Challenge Accepted. 😂😂😂

Also you forgot that often custom kernels developers even for stock ROMs can easily include patches for security vulnerabilities before even it's being released by the OEM manufacturer this is especially useful for older phones that no longer receive OTA.

Small tip, there are custom ROMs for iOS, but Apple killed it. Those are called custom IPSW.

You've made a bit of an oversight though. In order to root (via Magisk), you need a custom recovery. If someone steals your phone, they can easily remove your lock-screen and any security methods you've put in place (e.g. FP, pattern, password, pin) via your custom recovery. They then have free access to all your data.
Even if you flash the original stock recovery to prevent this, since your bootloader is already unlocked, someone can steal your phone and just flash a custom recovery themselves via adb / odin or whatever.
Root makes your phone more secure in some areas, but less secure in others.

When the Galaxy S2 came out, I found your channel and learned how to root and flash custom rom.

Great video that really explains the concept of rooting. One thing you should have touched upon though is that the user needs discretion as to what is safe to install on their rooted phone. For the majority of people out there, rooting is probably less secure because they have no clue whether they are installing a sketchy app that requests root access, for example.

i'm still rocking rooted nexus 5 and i do play pokemon go on it.

Max another example is Cerberus. The app makes your phone way more secure than pure stock Android.
Remote control through the website
- Remote control via SMS (text messages) from another phone
- Automatic alerts
Remote control allows you to perform many operations on your lost or stolen device, like:
- Locate and track it
- Lock the device with a code
- Start a loud alarm, even if the device is set to silent mode
- Display a message that stays on the screen, and also make your device speak the message
- Take pictures, screenshots and even record videos, to identify the thief
- Get the location history, to see where the device has been in the past
- Wipe the internal memory and the SD card, to protect your personal data
- Record audio from the microphone
- Get a list of last calls sent and received
- Get information about cell phone network and WiFi network the device is connected to, and nearby WiFi networks
- Start a remote shell (SSH-like), to execute commands as if the device were connected to your computer with a USB cable

I went to my local cell-phone shop and I asked them to root my phone because rooting the LG V20 H915 was more than what I can handle. Even with a step by step guide. And the manager there strongly discouraged me from rooting because my phone could get hacked.
Thing is I've rooted many Samsung/HTC's phones using your guide and not once have I ever had a problem with them.

Its actually said, "Donde nos ponemos fufurufos con android"

Wow max,7yrs that has gone fast,still enjoying your vids, great video ,well informative

Trouble is, disabling boot verification means people such as bad police can install any app, maybe as system privileges. (through flashing storage or custom recovery)

Hey Max Lee, just wanted to give you a heads up that I was able to run Fortnite on my 2016 Xiaomi Redmi Note 3 Pro by using GL Tools, Build Prop, and Magisk Manager (used your previous tutorial) . Safetynet hasn't been working since this past week of August if not the beginning of August. However, I was able to run Fortnite without passing safety net. I know that's not very safe since Epic can probably detect that but it still works. Just wanted to say that it works whether safety net passes or not. Love your vids btw! Keep up the awesome work

I work in IT and used to be a programmer. It's pretty obvious to me that a Rooted and ROM'd Android device would be the most secure OS you could possibly have (more than Apple devices). Just about the only way you would get hacked is if you installed some malware as Root, then it's your own fault, not the OS

This makes so much sense talking about hackers , but what about the viruses and malware things , any idea on that , it really can help

Interesting video, but i feel like as long as people use their smartphones correctly, they shouldn't really worry about anything happening to it

Actually, I once bricked my OPO by installing a rom from XDA because multiple hackers managed to delete every solution to the problem before I got to the thread. The brick was so unbelievably strong that it corrupted my backup twice. I believe it happened before the launch of the OP3 , so it had to be a troll for sure. Who is gonna attack OPO users , the most friendly device ever hahaha. So yeah,it could happen with custom roms, but it's definitely less frequent than at least 5 years ago. I'll root any device from here to the future, it's so cool.

I agree with you. Only thing i got closer to getting hacked was I mistaklenly installed some adware.

I started flashing roms since my galaxy s1. Have never soft bricked or hard bricked a phone to date. I have used your tutorials over the years and its helped me a great deal. Currently running Teamexykings S9+ Port on my Note 8 with Notorious Kernel. Keep up the awesome work Max.

There's also a misconception between rooting and custom roms, hence your title is basically completely misleading.
Custom rom = Unlocked bootloader (nothing to do with root)
Root = Privileged Folder Access
You can have an unrooted custom rom or a normal rom with root.

Damn someone show this video to the banking people because they wont even let me use banking apps on my rooted phone.

I'm concerned with the bootloader locking and unlocking issue. (Correct me if I'm wrong)
I had few Android one and Motorola phones from 2014-15 so I've installed the resurrection remix and they are so good. But the funny part is it's so easy to get in the data if anyone found out that it's unlocked. Go to the twrp and access the whole data. Suppose I lost the phone and a person who knows how to deal with that can easily access that without my pattern lock. This is not hacking but the data will be vulnerable right.
Let's say if the data is encrypted! Erase the whole phone except internal storage and I'm inside with installing a new rom. (I've done that when the device bootlopped due to a Xposed module and the data was encrypted)

Please do some stuffs with Xiaomi, Motorola & Huawei Phones too. 🙂🙂

Great vid, Max Lee! I discovered your channel 2-4 years ago discovering rooting the S3 thus installing custom roms such as Cyanogenmod 13. I now have a rooted S6 running XtrestoLite and been solid with extended battery life and no security issues for over 2 years. Keep up the good Android content~

I agree that open source software is much more secure, however custom roms usually require unlocked bootloader and custom recovery. So if somebody has access to the phone they can simply bypass password protection and steal your data and get access to your accounts. Or just once you give root permissions to some shady app and same thing could happen. My conclusion is that rooted phones are secure in hands of people who know what thay are doing.

What accent is that Max?! It's not very British! Lol, kind regards as ALWAYS, Richard U.K

Please more of this kind random knowledge #HighOnAndroid 💪💪

When people say that rooted android phones are less secure, it's true... not in the sense of hackers targeting you or some large group of people, but as in, 2 identical phones, with the exactly same ROM but one is rooted while the other one isn't, the rooted one is less secure because it can run code which can affect your phone in such a way that it compromises information that the "hackers" want or purely destroy your phone
YES, having an open source ROM which everybody can verify is safer then one closed source, but that's just 1 piece out of a pie

Max, you've been the go-to guy for me these past 4 or 5 years whenever I've wanted to know how to root whatever phone I happened to own at the time. The knowledge you've shared has always been very straightforward and easy to follow. Thank you! However... I really feel you should have done the Gangnam Style dance as your opening for this video. That t-shirt is a hoot! :D

However, some root methods come from suspicious sources which are infected with malware and then that malware is installed into the phone allowing the infection and possibly a hack.

Some good points made here but :
-If the vulnerability is in aosp or the kernel, you're fucked anyway, and updates fix long standing vulnerabilities that have had more time to be exploited than any one that's introduced in the OTA.
- Not having root access to the device means that malicious apps won't do as much damage as easily since they'd have to first escalate to root themselves to escape the sandbox.
But turns out, people complaining about the safety of Android usually are the ones using outdated versions of MS Windows on a daily basis, making any argument instantly moot...

Dude you are Golden, been watching since 2012. Always enjoy your videos🔥🔥🔥🔥🔥

Rooting is secured, however having a selinux permissive and disabled data encryption on phone is prone to malwares and data thefts.

Just learning all of this and have been watching tons of videos and oh my goodness
Thank You for just the way you explain everything!!!!

Some of this is a bit inaccurate. If an oem version of Android (let's say "N") has a vulnerability, installing another cfw version of Android "N" wouldn't magically patch that vulnerability. Security flaws or fixes are tied to the version of Android you are using, not necessarily whether it's oem or custom.

"which means if there's a security flaw, someone will find it because it's open source, and it'll be exposed immediately, and patches will be updated immediately"
This is false though. Sure it'll likely be faster than OEM (especially compared to companies like Samsung) but generally slower than google or apple address security vulnerabilities. You're relying on hobbyist to update the kernels in a timely manner, which may work, but are likely slower than any company that cares about updating their proprietary software (Apple and Google)

I have been worried about the e-waste that we're generating for awhile now. Rooting allows us to continue to use our devices long past the manufacturers EOL. The only time that I have had a problem was with a jailbroken iPhone 3GS. Even then, I think that it was an app from the Cydia store.

One of the things I usually do when checking out a phone is whether there is (or will be) Lineage OS available for it. I like having an alternative to the OEM Android variant if it sucks (which it usually does).

Good point, why didn't I think of that?🤔 Actually I too have been rooting every single android device we have at home whether a phone or a tablet since the 1st smart phone I owned which was the original galaxy note 2011. Thanks man👍. You know, you were the my 1st guide into the rooting world and I've been following you since then☺️.

Sooo true, this info need to spread out cuz lot of articles on the internet are discouraging people to root their phone cuz of security breaches. Well the only security concern on rooted phone is safetynet like google pay and same secure apps like snapchat, pokemon go that won't run if they know the phone rom has been tampered/rooted

Your channel and web page have always been my only source for rooting since the HTC evo

I'm on Mi A1 (Tissot) using HavocOS, in my own perspective, root simply means to own my whole phone, both software and hardware, I'm so comfort in HavocOS, even this phone is Android One with it's pure android. Thanks for all moders...

Give me one of the smartphones
. Never got a smartphone. Couldn't afford. I love your videos though and wish to actually try the stuffs you be talking about. One day. Keep up the good work.

My Samsung device will probably never get an android Pie update. Now I'm using HavocOS as my daily driver and it's actually on android Pie. Which is also why I feel like my next android device is going to be Huawei is because they get better support and more recent custom roms.

I definitely agree, the ability to completely control every bit of software running on your device can always ensure a high degree of security. It should be worth noting though that if you do obtain root and you don't know what you are doing, you could VERY easily compromise the security of your device.
How do you personally secure your device when you run twrp and a custom Rom? I have a password on both twrp and "Before Android Starts" as well as when it boots, if I'm not mistaken. I have a "Verizon Galaxy S7" which is a great phone but it's a Verizon and it no play nice. I keep going back to my Nexus 6p running Project illusion ROM, 8.1 with substratum system-wide dark theme, Magisk, zANTI (to test my own network security only!), Camera NX (Pixel 2 app I think), and some Android P UI tweaks and some other stuff. It's got "Smart Pixels" to turn off like 75% of the pixels which makes a huge difference with battery life....and it's nice in low light situations. Project illusion ROM is by far my favorite right now, although I do like RR, but like what this ROM offers a lot.
I thought RR got discontinued??? Maybe that was just for my device? Idk. Either way, I'd love to hear how you personally secure your rooted devices.
I will never not root, every Android I own that can be rooted....is rooted, even if I don't "need" root for any app in particular....i just gotta do it 😆

Are there any side effects to your phone? Like storage, battery, and slow downs

I rooted my first phone ie nexus 4 with the help of Ur tutorial. Ever since I'm obsessed with rooting.. Thanks to you I'm learning a lot of things on android.. Cheers bro 😊👍

*him talking in different language* Me: "awh shit, here we go again"

I think many people love your Spanish 😂 greetings from Mexico I peak Spanish, this is the best channel of Android and root environment 😀

In your explanation you primarily referred to rooted phones with a custom ROM. But obviously you can always stay with stock and still us a rooted phone. Maybe you can elaborate on that in terms of security?
If (IF) I'm going to buy the Note 9 around Christmas time I hope good rooting methods will be available as well as functionality for the Xposed framework, which otherwise would be a deal breaker. I won't change to a custom ROM for quite some time though.

I have been rooting androids since xperia x8 and its one of the best thing to do on android device

Nice video.
I am experimenting with my old android devices and have a lot of fun :D.
Cause of you I started rooting my Devices and when I broke one I always found a way out.
Ty.
Love you're vids.
Edit: My first rooted device was a LG Optimus 2 :D.

Oh the days when i rooted my Galaxy Nexus.. good days

I have been rooting my phones since the Samsung galaxy S launched. The reason was the Samsung bloatwares. After the S4, I was fed up with Samsung bloats and never bought another samsung again. I do agree with your point, but the issue is many apps ( most of the banking ones and few others) are detecting root. Sure you have magisk and safety net for it to pass, but it's becoming more and more tiresome to keep up with the updates, sometimes I just have to quickly do my banking stuffs but I can't cause I didn't update the module and google broke the patch.

Brilliant video. I've recently come back to rooting my device. For a while I felt by having Google devices I wouldn't need to root, but I love tinkering with these devices. I missed the Xposed framework.

Idk why buying a device that will, at most, receive 5 years of updates is the norm with phones and somewhat for Windows.
Linux/AOSP support is damn near forever, and better for almost everything besides maybe ease of use, and the difference in ease of use is at it's smallest (arguably negative) it's been now, and the possibilities are endless and FREE!

Hey lee Sir, i dont know why i didn't subscribe. you but you will never knew that i rooted my first fone in back 2012 with your video and i following you last many years, im your biggest fan bro, i wish one day to meet you and say you Thanks You Sir, you are my teacher last many years i have a lot of respect for you Sir.

I’ve been rooting android phones since the Samsung galaxy s2! Also followed your videos and guides since. Good times.

Dude...I still remember when you helped to root my Note 3 International version whenever I got it a few days after it launched :D

the problem though isn't with updates though, it's with apps that "require" rooting that have malware on them, though that's only a problem if you get them without looking them up and checking what's inside

years ago we never had virus -hackers etc etc its crazy ..

great video. I rooted my OnePlus 6, it was the first phone I rooted so I bricked it a few times, but your vids helped me get back on track. however the problem is that safety net check would not pass and then Google pay doesn't work. and sometimes when when safety net check passes, Google pay still doesn't work. I've unrooted many times to try to see which app causes, but no use. that's the only reason my OnePlus 6 is unrooted now,or else I would root it and put stuff I like on there. not much of a custom rom person as I like oxygen os a ton but I want iOS emojis and I want stereo speakers lol

Hey there, I watched so many of your videos and Iv'e learned more from you than from anyone before. I have a Samsung galaxy S8 Exynos and I really want to root it. It has all the requirements you mentioned in your video on rooting this particular phone. I got as far as downloading the 6 files I need to root it, but for some reason I am so scared lol!! The thing is, I don't know enough about phones to root it by myself. Im afraid I make the wrong choice in terms of custom roms etc. I do however watch that video of yours often so when the moment arrive, I will do a proper job of it. Your videos are phenomenal, gives a person alot of creative ideas and damn addictive lol!!! ( in a good way) Greetings

I think the only way such a statement would be true is if they meant the end user was significantly more likely to destroy their own phone. :P
Back in the early days of rooting, I sure had a few sweaty nights trying to fix something stupid I had done. :|
Good chat, Max!

I have no clue about rooted phones or custom ROMs. Do you have a step-by-step walkthrough on how to do it on Note 8?

It's a smart explanation to all android user. Thank you very much. May I ask if you have rooted Samsung galaxy A6 2018 edition? It's my daily drive. And I want to secure my android phone. If there is a chance you can help me I'm very thankful for your help. I'm a high on android fan of yours.

Your are one of the best CZcamsrs the only guy who made me root back in 2013

Great vid man. Very informative. I'm going to try rooting my note 8 using your guide... I bricked my s7 using an (apparently) inferior method... Can't wait to get a custom ROM on my note...

Only problem is when a rooted phone with unlocked bootloader is stolen and if that thief knows about TWRP recovery and root.. He can easily access all my data stored in my phone.. Is there any way I can lock TWRP with paasword or anything??

Nice job. Good points. Always enjoy your work - been with you since my Note 2 days.

Max still breaking it down... Been down with you brother since day one max!!!. Are you and Kevin still golfing in Chicago? Stay cool 😎

My wife thinks im dumb for having a box full of old phones, freedom at its finest

My very first phone that i rooted back in 2012 was a samsung galaxy 5, ran a CyanogenMod.

Not that true about custom roms, often they would make a stable "good" rom and put on xda, then subsequent updates are on their website, thats bad, really bad. Custom roms are Wild Wild West let alome the bugs from crappy side programmers just like factory programmers, some cant even make camera or Bluetooth worksin those shit roms.

Man.... u must be from the future....so blown away. You are really knowledge about this stuff!,

BUT, what about the flip side, mal-ware can more easily be downloaded AND installed by mistake by an unskilled user. Right?

Thank you bro, now i can justify rooting a smartphone,there was a time when i was left out with out words against my friends who keeps on saying that rooted phones are a security issue

This is me watching ur video for the first time.. and I immediately subscribed after completion of the video.. u make pretty good videos and keep 'em up..

Hi new subscriber here. I want to clear if it is true that you lost your phone warranty once you rooted your device? And why some technicians hate to fix your phone when it is rooted?

Android devices using custom ROMs and/or root certainly are not any less secure than those receiving security patches every month or so.
My S4 Mini and S5 Plus also run LineageOS and I love the idea of having something like that ever since I have got my first smartphone back in the Ginger Bread days, a poorly performing Huawei Ideos X3 (when they were still new to the market) that barely could anything but indeed ran better with CyanogenMod 7 than it did with Huawei's own ROM.
However, I stepped back from using root as some programs and games just won't show up in the PlayStore for me anymore and unlike all the positive feedback, things like Magisk actually turn my devices into battery suckers without the benefit of hiding the custom ROM or root aspect.
I also question if I'd go through all that if I'd buy another phone now, given that companies like Motorola and Nokia are pretty close to if not if even using stock ROMs on their products with official support.
That's certainly a step in the right direction, too bad though that many do not see things that way.

Nic topic..no one has covered
Max we are waiting for your OnePlus 6 G cam reveiew..u have promised they you will do the review soon .

I do agree that rooting does not make a device essentially insecure, but I don't trust custom ROMs and I would never recommend them. Usually there are many devs and helpers involved in the project and God knows what they can include in the code. It can be a tracker to make some money or even a keylogger. If LG or Samsung does that to you, you can sue them, but how can you sue an Indian guy you met on XDA?
That's why I tend to stick with big brand with reputable names even for apps.

I don't root my NOTE8 because Samsung pass and secure folder will not work.

Hi, a great video, do you use banking related apps on rooted phone?, i am planing to use a rooted phone as my daily driver that's why asking, also best practices to do related to security (install anti virus etc?).

Excellent example of the Dunning-Kruger effect. I hope people won't take this guy too serious.

What's your favourite smartphone company?
Edit: is rooting your smartphone safe for mobile banking? I'm still watching the video as I type this, so sorry if you already discussed this.

Finally someone talks sense ...by the way ...any update on the s9 custom rom that u previously installed .. did they make the camera work like with the stock features (except the aniemoji😋)

I'm still using my galaxy s3 from 2012 running android 9 via resurrection remix, it's fine as long as you don't do heavy task 😄 rooting is totally awesome but for those who don't know about this stuff i suggest to do proper research on your own specific phone before rooting and exploring custom roms.

With Root you can also reinforce some corners.

😍😍
That's why I buyed a old but powerful phone (Lenovo z2 plus)for same price of a new but week phone(redmi note 5) I choosed custom rom over stock rom and I hate skins😅

Very informative, useful and with a great sense of humor video - like always 👍 Stay awesome, bro!

nice video, can u post more elaborated video about why shared open sources are safer?

Rooting your phone for full user control also means you are taking away all safety checks which are there to ensure user, or someone spoofing to be the user, doesn't get to access critical system functionality. Also, you cherry-picked possible exploits that could occur, only focusing on OEM-based hacking. For example, a malicious file downloaded externally which would have to work to bypass system protections would have its work made a lot easier if it just had to seek permission of gaining root access. Basically you are tearing down multiple layers of thick concrete walls, and changing the flimsy gate to another flimsy gate with a different design. Much easier to tear down the flimsy gate without blasting through the walls.

That’s a good video , I do agree with your points , but could you tell me why does some payments app then don’t support it ? Like google pay in India (although it’s working with Magisks hide ). I was a custom rom user with 3t but had a bad experience :P with the phone suddenly crashing and stuff I did run some of the stable roms available and also my battery time was shot my max usage was like 1.5_2 hours straight , so when I recently bought the poco phone I decided not to unlock . Not bashing your video would rather love to know why the payment app disagrees with unlocked boot loader and also I have read many a articles that rooted phone can be vulnerable to malware or similar things because they have root access to your device .p.s I did everything properly on my 3t while unlocking and flashing , nobody could help me over at Xda and no matter how many clean flashes I did my phone ad problems and also I would love to know more about how unlocking you device is safe than not being locked. Cheers mate 😄✌️