Chainfire is back at it again with his development chops. The man is creating a new app that serves one simple purpose: to allow root detection apps to run. Suhide, as it’s called, hides the su binary in the Android system so apps can’t detect whether the device is rooted.
Chainfire’s biggest prideful point is how Google’s “SafetyNet” (the platform that developers can hook into to check for root) is bypassed by his app and method. Currently, the app is a more experimental stage than his usual releases, but he has plans to keep exploring the idea.
The reason he isn’t all in on it just yet is because he feels these efforts might ultimately be wasted as the fight to keep root on our devices is a losing one. It’s not that root itself is getting harder to achieve — it’s actually pretty easy these days — but the ability (or lack thereof) to use certain apps while a phone is rooted is going to only get harder from here on out as Google works to keep SafetyNet ahead of the curve.
He uses Samsung as a perfect example of companies going to extreme lengths to ensure security remains tight:
Ultimately, information will be provided and verified by bootloaders/TrustZone/SecureBoot/TIMA/TEE/TPM etc. (Samsung is already doing this with their KNOX/TIMA solutions). Parts of the device we cannot easily reach or patch, and thus there will come a time when these detection bypasses may no longer viable. This will happen regardless of our efforts, as you can be sure malware authors are working on this as well. What we power-users do may well influence the time-frame, however. If a bypass attains critical mass, it will be patched quickly.
He also mentioned that these companies are not necessarily wrong in their efforts. Security is becoming increasingly important, and considering mobile devices — where we do banking, shopping, and have sensitive conversations — are as commonplace as televisions in a home these days, it’s imperative that no one can be compromised.
Companies are making phones on the premise of ultimate security these days.
Whether you’re in agreement or not, it’s what the industry is dictating. Hopefully, folks like Chainfire will keep finding ways to bypass these root checks for those who want to take that risk, but his word of warning likely wouldn’t exist if there were truly nothing to worry about. As for suhide as it is today, you can find instructions and download links over at XDA.