What's the difference between jailbreaking and rooting?

What is jailbreaking?

Jailbreaking is a term used primarily for Apple mobile devices, such as iPhones and iPads. Apple has a closed ecosystem, so it restricts users' ability to customize the OS and download apps from outside the official App Store. As with any software-based device, however, there are techniques that can unlock root access. This enables users to have full control over the OS and to install apps from nonapproved sources.

There are entire communities that try to provide workarounds to unlock and bypass software restrictions. The community tends to focus on older hardware models and iOS versions, which usually have fewer security features and receive patches less quickly than newer versions. As a result, jailbreakers have more time to test various methods to gain root access within these systems.

At the time of this writing, it's possible to jailbreak Apple devices that have the A11 Bionic chipset, opening a world of customization and app installation possibilities. However, it's at the expense of exposing those devices to security threats, performance issues and voiding the device manufacturer's warranty.

Rooting is like jailbreaking but for the Android OS.

What is rooting?

Rooting is like jailbreaking but for the Android OS. The key difference with rooting is that the Android ecosystem is built to be more open than Apple's is. Thus, there's less of a need for users to root an Android device, as they already have far more customization and app installation freedom.

That said, many Android users opt to root their device for other reasons. Some turn to rooting to get rid of nonremovable bloatware from the manufacturer-installed device OS. Similarly, they might want to completely replace the preinstalled Android OS with a custom version of their choosing. Others want to gain access to the hardware that Android operates on. This enables users to overclock the hardware chipsets for improved performance or minimize the use of CPU and GPU chips for improved battery life.

Why might a user jailbreak or root a mobile device?

It's easy to view Android and iOS as the mobile equivalents of desktop OSes, such as Microsoft Windows and macOS. In actuality, there is a major difference between traditional desktop OSes and mobile OSes, and it has to do with security.

By default, desktop OSes enable users to download and install any compatible application they wish. In contrast, iOS and Android devices only allow users to install mobile apps from an approved source -- the Apple App Store or Google Play Store, respectively. There are also restrictions on manufacturer-installed mobile OSes. These restrictions prevent devices from compromise at the hardware level and lock hardware-centric modifications that can damage physical components and void the manufacturer's hardware warranty.

In many cases, users jailbreak or root their smartphone to tweak its performance or loosen security measures for their own convenience. However, there are several valid reasons why more security-conscious users might still opt to jailbreak or root their device. The following are some examples:

• Device tethering. Some carriers install an OS that requires users to pay an additional fee for mobile hotspot capability.
• Mobile software testing. Developers often need to test custom apps on physical hardware -- and thus need to be able to install these applications locally. Since these applications are not yet in any official app store, developers must use alternative methods to sideload them.
• Removal of data collection software. Users with privacy concerns might decide that jailbreaking their device is more secure. The reasoning is that it enables them to remove bloatware and other software that collects personal data and tracking information.

How to address rooted and jailbroken devices on enterprise networks

Security dangers can arise when rooted or jailbroken phones are allowed on corporate networks. IT should treat these devices as a threat because they are far more susceptible to malware, remote unauthorized access, cyberattacks and network-based compromises.

The first line of defense against these types of devices is corporate operational policies that users must agree to before connecting. These policies state that jailbroken or rooted devices are prohibited and users risk legal action if caught.

Other safeguards include tools and network architecture changes that fingerprint and identify mobile device OS status. IT administrators can use an endpoint security platform to deploy these measures. Additionally, admins can require BYOD endpoints to only connect through a secure guest Wi-Fi network, completely segmenting guest traffic from corporate traffic. Third-party security tools should also be in place to regularly scan these devices for unauthorized OS modifications. Upon detection, IT can quarantine these devices, protecting other endpoints in the same guest or BYOD segment.

Andrew Froehlich is founder of InfraMomentum, an enterprise IT research and analyst firm, and president of West Gate Networks, an IT consulting company. He has been involved in enterprise IT for more than 20 years.