If you’ve been waiting for root access on your AT&T or Verizon Android phone — today’s your lucky day. Cracker legend Geohot built and released a tool called Towelroot on Sunday night that will let you root your Android phone, as long as it has a kernel date prior to June 3. Root access, in this context, means the user can access and modify any file or folder in the system.
If you’d like to root your device, first download the app from Towelroot, sideload the .apk onto your device, and press the button (labeled “make it ra1n”). It’s an extraordinarily simple root method, and the process should take less than five minutes.
Towelroot has been tested with both AT&T and Verizon variants of the Samsung Galaxy S5, as well as the Galaxy S4 Active and the Nexus 5. Unfortunately, devices from Motorola and HTC won’t work with Towelroot, because their /system folders are write-protected.
Towelroot is the first Galaxy S5 root method, and it can even bypass Samsung’s touted enterprise-grade security suite, Knox, although Knox does show an error message during the process. According to Geohot, he used a Linux vulnerability at the kernel level, which is why the exploit is so close to universal. The exploit was discovered by an anonymous code reviewer known as Pinkie Pie, and although the latest versions of the Linux kernel have been patched, there are lots of Android devices — including, potentially, devices such as the Kindle Fire and Fire TV — that are still vulnerable to this type of privilege escalation.
In the case of Towelroot, it is used for consumers to gain better control of their devices, but it’s not hard to imagine a malicious actor using this exploit as well.
Towelroot was developed by the most famous device jailbreaker in the world, Geohot, also known as George Hotz. He was the first person to carrier unlock the iPhone, back in 2007, and later developed l1merain, which was the gold standard for iPhone jailbreaking for some time. He was also able to install custom firmware on the PS3, which Sony notoriously took him to court over.
Geohot was the subject of a long profile in the New Yorker in 2012. Since then, he had been fairly quiet, aside from semi-serious forays into rap, but it’s good to see him making waves in the rooting scene again. For his efforts, he is claiming over $18,000 in bounties promised for the first successful Galaxy S5 root.