How can Android's Copy Protection check if the device is rooted?

Question

On http://developer.android.com/guide/publishing/licensing.html, under section "Replacement for Copy Protection" it says:

A limitation of the legacy Copy Protection mechanism on Android Market is that applications using it can be installed only on compatible devices that provide a secure internal storage environment. For example, a copy-protected application cannot be downloaded from Market to a device that provides root access, and the application cannot be installed to a device's SD card.

How can Android's - meanwhile deprecated - Copy Protection check whether the device is rooted? Afaik it's not possible, also according to Dianne Hackborn (see How can you detect if the device is rooted in the app?). So that can only mean, the check is done by some (unknown the the public) obfuscated criteria check, obviously not just a simple check whether the 'su' command exists, I suppose. Does anybody know more about that check logic - or how secure that is?

Why do you think whether the device is rooted or not has an effect on whether people will pirate it? LVL has no real need to check for rooted. The limitation of the old style copy protection was basically just a limitation for the search mechanism in the market — Mike dg, Oct 11 '11 at 14:33
Because only on a rooted device you can get access to the app's private storage (/data/... folder). Which is where at some point the content needs to be temporary placed in an decrypted format. So we would want the app to only run on non-rooted / jailbroken devices, regardless if the user just rooted the device with no intention of piracy in mind. We would clearly state in the sales information that the app doesn't run on rooted devices. — Mathias Conradt, Oct 11 '11 at 14:54
Yes, LVL works differently and relies on obfuscation. I was just wondering, how the deprecated Copy Protection did the root check. — Mathias Conradt, Oct 11 '11 at 15:02
Well, actually there is a way to access this storage on non rooted devices too! I would not invest too many time in "detecting" root access since hacker can change your checks in the APK source files. The moment your content is downloaded to a device a malicious user can get it. — cwin, Oct 11 '11 at 15:17
@ChriZzZ How can you access the private storage on non-rooted devices? Changing the sources: yes, that's why strong obfuscation is required (ProGuard etc.), and it's definitely the key part. I'm looking into LVL at the moment. The content isn't downloaded, it will be within the app and encrypted. And decrypted when needed on-the-fly. — Mathias Conradt, Oct 11 '11 at 15:23
The android debug bridge (adb) has a uninstall command that allows you to keep the private storage for an eventual new installation. Now, if a modified app is reinstalled it may for example copy the private stuff to the SD card. NO root needed for this procedure just programming skills. — cwin, Oct 11 '11 at 16:01
But wouldn't the modified app have a different sign key at least. I would be thinking it wouldn't be able to use the same private storage then, even if it had the same package name. But I might be wrong. Never tested that. — Mathias Conradt, Oct 11 '11 at 16:05
I have not tested it with different signatures just with identical. But I expect that it makes no difference. — cwin, Oct 11 '11 at 17:33
more details solution can be found at http://stackoverflow.com/questions/1101380/determine-if-running-on-a-rooted-device even this is not full proof to detect rooted phone. If SU location is at not at standard location this will fail. — mask, Jul 30 '13 at 18:31

score 2 · Answer 1 · answered Jan 16 '12 at 20:42

This is what I use:

public static boolean isDeviceRooted () {
    boolean ret = false;
    String path = null;
    Map<String,String> env = System.getenv();

    if (env != null && (path = env.get("PATH")) != null) {
        setDevicePath(path);
        String [] dirs = path.split(":");
        for (String dir : dirs){
            String suPath = dir + "/" + "su";
            File suFile = new File(suPath);
            if (suFile != null && suFile.exists()) {
                setSuLocation(suPath);
                ret = true;
            }
        }
    }
    return ret;
}

Theoretically, it's not going to work in all cases, because a user can put 'su' to a non-standard location, which is not in a PATH, but practically if he does that, other applications that need to know where 'su' is won't find it either, so the purpose of rooting will be defeated.

score 0 · Answer 2 · answered Oct 11 '11 at 13:59

0

While the presence of the Superuser app isn't a perfect way to tell if the phone is rooted its a pretty indicator that it might be. Why not just check to see if the package com.noshufou.android.su is installed?

I've never tried it but I don't see why it wouldn't work.

answered Oct 11 '11 at 13:59

slayton

20,123
10
60
89

It's not secure enough. Super users with root access, who are really wanting to copy the app/content, could just rename the commands on a custom firmware or work around such a simple check. I need to protect my the app and it's media content, and this app is sold for quite a large amount (1000,- USD), where the effort to get around it will probably be taken into consideration as opposed to apps for just a few bucks, especially with it's target market in China. Therefore I am right now looking into ways to secure the app, and looking into LVL, as well as the deprecated Copy Protection. – Mathias Conradt Oct 11 '11 at 14:19
I believe it's too easy to rename su command or su app packages (i.e. especially on a custom firmware). – Mathias Conradt Oct 11 '11 at 14:20
The deprecated copy protection is incredibly weak, using it really has almost no benefit. – slayton Oct 11 '11 at 14:26
Are you trying to prevent the installation of your app on rooted devices? – slayton Oct 11 '11 at 14:26
Copy Protection: I know, I don't want to use it, just want to understand how they could've checked whether a device is rooted. I read the threads about it here on SO and the mailing list, and from what I understood, it's not really possible. I guess that's why it was so weak. My main concern is not the installation itself, but the user being able to access the app private storage. Actually this other question of mine is closely related, a bit more background: http://stackoverflow.com/questions/7625205/how-to-protect-media-content-video-audio-on-android-from-being-saved-redistrib – Mathias Conradt Oct 11 '11 at 14:32
I suggest selling devices with your application. Bump the price up from $1000 to $1500 and include a Nexus S. – Mike dg Oct 11 '11 at 14:35
The question you need to ask yourself is how far do you want to go to secure your content. You could easily spend 100x more time securing the content than you spent making the content. Or you can spend substantially less time. In the end you're going to have to make sacrifices and no system will be fool proof. Instead of fighting the inevitable truth of piracy consider coming with a clever alternative that dissuades piracy through another means than DRM or trying to encrypt/secure your content. – slayton Oct 11 '11 at 14:39
What do you mean exactly with the app private storage? – Mister Smith Oct 11 '11 at 14:50
@Mikedg Yes, it's an idea and already considered for our iOS version bundled with iPod touch. However, distributing the app through AppStore or Android Market is much easier marketing-wise and regarding distribution channels. For another project (not this one I mentioned, it was a rented app) we've bundled the app with an SGS and custom firmware before, but marketing appeared quite harder. On iOS the app is already secure, but for Android it appears to be a bit harder. – Mathias Conradt Oct 11 '11 at 14:51
@MisterSmith I mean the app data storage that's private to the application /data/com.myapp.android/... – Mathias Conradt Oct 11 '11 at 14:58
I'm not sure about the data, but take into account that the code is decompilable. So if you write to a local DB, do it with encryption. Provide the user with a license key by telephone or other secure mean, then use that key to validate server calls and encrypt data. – Mister Smith Oct 11 '11 at 15:13

score 0 · Answer 3 · answered Jan 07 '12 at 21:43

0

We would clearly state in the sales information that the app doesn't run on rooted devices.

This will definitely affect your install rate. Although you are planning to sell your app for $1000, that is going to have a much worse effect than anything else you could to it.

answered Jan 07 '12 at 21:43

pilkch

777
7
17

Of course I know that, but what's the alternative? Once the app/crack is out on piratebay or other torrents, you don't get 'any' sales at all anymore; not much better I would say. Especially because the app is only targeting Mainland China market, and if you've lived and worked there for a while, you will experience how it works (not saying it's much better elsewhere, but especially this target area is doomed for such). – Mathias Conradt Jan 08 '12 at 00:46
btw: the app is already protected for iOS, and does explicitly not run on jailbroken phones, and sales are still fine, not a big issue. So we just want to replicate same scenario on Android. – Mathias Conradt Jan 08 '12 at 00:48
Ok, for China/Russia/India markets serious copy protection is entirely understandable. For less destitute countries non-market installations are very very low. – pilkch Jan 09 '12 at 09:32

How can Android's Copy Protection check if the device is rooted?

3 Answers3