Blog Post

This new root method should work on almost any current Android phone

Stay on Top of Enterprise Technology Trends

Get updates impacting your industry from our GigaOm Research Community
Join the Community!

If you’ve been waiting for root access on your AT&T(s t) or Verizon(s vz) Android(s goog) phone — today’s your lucky day. Cracker legend Geohot built and released a tool called Towelroot on Sunday night that will let you root your Android phone, as long as it has a kernel date prior to June 3. Root access, in this context, means the user can access and modify any file or folder in the system.

If you’d like to root your device, first download the app from Towelroot, sideload the .apk onto your device, and press the button (labeled “make it ra1n”). It’s an extraordinarily simple root method, and the process should take less than five minutes.

Towelroot has been tested with both AT&T and Verizon variants of the Samsung Galaxy S5, as well as the Galaxy S4 Active and the Nexus 5. Unfortunately, devices from Motorola and HTC won’t work with Towelroot, because their /system folders are write-protected.

Towelroot is the first Galaxy S5 root method, and it can even bypass Samsung’s touted enterprise-grade security suite, Knox, although Knox does show an error message during the process. According to Geohot, he used a Linux vulnerability at the kernel level, which is why the exploit is so close to universal. The exploit was discovered by an anonymous code reviewer known as Pinkie Pie, and although the latest versions of the Linux kernel have been patched, there are lots of Android devices — including, potentially, devices such as the Kindle Fire(s amzn) and Fire TV — that are still vulnerable to this type of privilege escalation.

In the case of Towelroot, it is used for consumers to gain better control of their devices, but it’s not hard to imagine a malicious actor using this exploit as well.

Towelroot was developed by the most famous device jailbreaker in the world, Geohot, also known as George Hotz. He was the first person to carrier unlock the iPhone(s aapl), back in 2007, and later developed l1merain, which was the gold standard for iPhone jailbreaking for some time. He was also able to install custom firmware on the PS3, which Sony(s sne) notoriously took him to court over.

Geohot was the subject of a long profile in the New Yorker in 2012.  Since then, he had been fairly quiet, aside from semi-serious forays into rap, but it’s good to see him making waves in the rooting scene again. For his efforts, he is claiming over $18,000 in bounties promised for the first successful Galaxy S5 root.



4 Responses to “This new root method should work on almost any current Android phone”

  1. Michael Teal

    Can anyone help me figure out how to use the Towelroot method to root my Verizon Galaxy S4 SCH-I545? Baseband is I545VRUFNC5 Kernel Version is from Friday March 28th. Android Version is KitKat 4.4.2

    • Michael Teal

      I was successful in rooting my Verizon GS4. I also was able to root my Asus Nexus 7 2013 tablet with Towelroot. Thanks for posting this information about Towelroot. It was extremely easy to use Towelroot but because I have never rooted anything before there was a learning curve for me. I have never wanted to root my device because I have always thought that I could always do it in the future when I get around to it but now I am learning that rooting is becoming harder and harder to do as most of the vulnerabilities have been discovered and patched. This may be the last vulnerability that gets discovered to gain root access. But I’m optimistic that it won’t be the last vulnerability.