Appknox introduces two new features – Root Detection Bypass & Jailbreak Detection Bypass – Express Computer | Hot Mobile Press

Appknox, a leading mobile security testing platform, has announced two new features – Root Detection Bypass and Jailbreak Detection Bypass. These features allow Appknox users to determine if root detection has been correctly implemented in the Android applications and bypass it while running Appknox’s dynamic and API scans. With this version, the jailbreak implementation in iOS applications can be bypassed automatically. As a result, users can now upload .ipa files and seamlessly run SAST, DAST, and API scans even with jailbreak detection enabled. Android is very similar to Linux in that it runs on the Linux kernel. With access control similar to Linux, regular Android device users have very limited privileges compared to users who have rooted their devices. Without rooting, users cannot access or modify system files and folders.

Once rooted, the user has full access to the device. Rooting allows the user to make changes to anything on the device. This allows users to do things that were previously impossible, like removing bloatware, customizations, custom ROMs, etc. Speaking of these new features, Appknox CEO Harshit Agarwarl said, “Appknox’s vision is to make mobile app security as seamless as to have a thought. and in line with this we have developed the Appknox platform
Accessible to applications with jailbreak and root detection check enabled, as most apps in Play Store ensure they are not run on a jailbroken or rooted device. This is a first step in making Appknox simple and easy to use for everyone in the company without having technical knowledge and understanding the security posture of their app.”

Appknox CISO Subho Halder shared a similar vision of the features, noting, “Appknox strives to secure mobile applications with a holistic yet simple approach. Root, jailbreak detections and their bypasses in the Appknox platform provide more coverage when conducting vulnerability assessments. At Appknox, we will continue to develop such capabilities to make it richer, smoother and easier for organizations to understand their security posture.”

Why do we need root detection?
Besides the benefits of rooting Android devices, there are also many security issues associated with it. Once you have root privileges, you have full control to make changes across the device. But it also means that your device is now an open target for threat actors. Rooted devices can contain many apps that handle sensitive information, such as B. Banking apps, payment apps, social media and cloud storage. Malicious downloads can expose your device to hackers. For these reasons, the apps installed on a device must ensure that the device is not rooted. This is as a precautionary measure to protect critical users
and business information data.

iOS has always been considered a safe haven when it comes to mobile application security. Every year this operating system tries to come up with more and more efficient updates to make life easier for its users and the respective application and security service providers. However, to tech-savvy users, these timely improvements may not sound like enough, and there are always people who feel there is room for further improvement. Hence the term “jailbreaking”.

What does “jailbreaking” mean?
jailbreaking; is the process by which a user gains access to an operating system’s administrative commands and functions. There is the ability (or permission) to change or replace system applications, files and settings, remove pre-installed applications, and run special applications (“apps”) that require administrator-level permissions. In a 2020 survey of 425 million devices, Wandera highlighted that the number of jailbroken devices increased by 50% year-on-year, quite an impressive jump! Indeed, with jailbreaking, one can remove almost all restrictions from his iOS device and open gateways to make unimaginable changes.

While this might sound pretty intriguing at first glance, it also opens up countless opportunities for security vulnerabilities and threat actors to sneak into your device. So let’s take a look at how application developers can take specific steps to ensure their applications remain secure in the context of jailbroken devices. The features now released make our users’ lives a little easier. Now they don’t have to disable these implementations (root detection; jailbreak) to do the vulnerability assessments. Once we have verified that root detection is enabled in Android apps or the jailbreak implementation is present in iOS apps, they can continue to run the automated VA scans without
Obstacle.” said Raghunandan J, Senior Product Manager at Appknox.

advertisement

Leave a Comment