[KB8157] ESET mobile applications on a rooted or jailbroken device

Issue

Solution

A rooted or jailbroken device

A rooted or jailbroken device is vulnerable to risk as another software might be controlling the device's settings or its operating system. For example, it might cause active ESET security applications such as ESET Endpoint Security or ESET Mobile Security to close, although these applications have the highest Device Administrator permission level.

ESET mobile products cannot guarantee complete protection on rooted or jailbroken devices as the ESET applications might not work correctly.


Rooting

Rooting is the process by which users put their device in a privileged mode and gain "root access" to a device. Rooting is generally performed on Android devices, but rooting can also occur on other Linux-based devices, such as Nokia's now-retired Symbian operating system. The purpose of rooting a device is to obtain the highest system privileges that would allow users to run specialized functions that otherwise would not be available.

Because users have the highest root privileges available on a rooted device, their devices are vulnerable to security risks as malicious code might affect the operating system.


Jailbreaking

Jailbreaking is the process of disabling the limitations imposed by a device's manufacturer. Jailbreaking is generally performed on Apple devices running the iOS operating system, such as iPhone or iPad, and it removes the restrictions set by Apple. This enables users to install third-party software from outside the official app store.

Essentially, jailbreaking enables users to make changes (such as changing iPhone's default browser or mail client) or using software that is not authorized by Apple.

Read more about macOS and iOS threats in the WeLiveSecurity Threat Report T2 2021 (page 34).


How can I tell that my device is rooted?

There are several ways how to verify if the Android device has been rooted. You can use ESET Mobile Security for Android or ESET Endpoint Security for Android to verify whether your device has been rooted.

ESET Mobile Security for Android

ESET Mobile Security for Android shows a red alert notification on the main screen if the mobile device has been rooted.

The rooted device notification setting is enabled by default.

ESET Endpoint Security for Android

ESET Endpoint Security for Android shows a red alert notification on the main screen if the mobile device has been rooted.

You need to manually turn on the notification setting, as it is not enabled by default. Click the expander below and follow the steps to enable rooted device notification in your app.


Enable rooted device notification in ESET Endpoint Security for Android

  1. Open the ESET Endpoint Security for Android.

  2. On the main screen, tap Device security.

Figure 1-1
  1. Tap the slider bar next to Device Security to enable it.
Figure 1-2
  1. Enter the Admin password and tap Enter.
Figure 1-3
  1. Tap the slider bar next to Device settings policy to enable it and then tap Device settings policy

Figure 1-4
  1. Ensure that the slider bar next to Rooted device is enabled.

Figure 1-5
  1. Tap the arrow icon in the top left corner and navigate back to the main screen. You will see the red notification on the main screen if your device has been rooted.


Verify the status information on your device
Not applicable for all Android devices

This procedure might not work on your Android device.

  1. On your Android device, navigate to Settings.

  2. Scroll down and tap About phone.

  3. Tap Status information.

  4. Check the Phone status. If the displayed status is official, your device has not been rooted.


What should I do if my device is rooted or jailbroken?

If you are aware that your device is rooted or jailbroken, ESET does not recommend using such a device. You should return it to the vendor or make a complaint.

Many mobile device manufacturers tend to adjust the Android operating system according to their own preferences.

Some devices (for example, Xiaomi) have permission to be rooted by default, or they provide advanced permission settings.


Deliberate use of a rooted or jailbroken device

ESET products might not work correctly on a rooted or jailbroken device

ESET applications might not work correctly on rooted or jailbroken devices. ESET security products might not be able to detect malicious software and your personal data might be exposed to risk.

ESET Technical Support may not provide support for rooted devices

ESET Technical Support may refuse to provide support for customers with ESET applications for Android installed on rooted devices.

If you decide to use a rooted or jailbroken device, you must be aware of possible consequences. ESET strongly recommends not to use rooted or jailbroken devices.