People have been hacking streaming media devices such as the Apple TV, Google TV, Chromecast for ages by gaining access to root permissions and installing third party apps that wouldn’t otherwise be supported.
Now it’s Roku’s turn.
Roku makes some of the most popular devices for streaming internet content to a television, but the built-in software is pretty secure, which is why it’s taken years for hackers to find a good way to root the devices.
Now the folks at GTVHacker have found a way in. Roku recently rolled out a software update with a security exploit that allows users to take “temporary” root control. That means you lose root access as soon as you reboot the device.
But on some older Roku models, the temporary root method has provided an entry point for “persistent” root. In other words, if you have a supported model, you can root it now and hang onto your root access indefinitely. Roku may eventually push out a software update that removes the vulnerabilities, so if you think you might want to root a Roku box, there’s no time like the present.
You can find more details at the GTVHacker blog and wiki. You may be able to root most Roku devices, but persistent root is only available on second-generation devices with Broadcom BCM2835 chips, including the Roku LT, Roku 2 HD, Roku 2 XD, Roku 2 XS, and Roku Streaming Stick.
Right now there’s not much that casual users can do with root access. But this move paves the way for third party apps such as XBMC to run on Roku’s inexpensive media streaming devices.
The newer 3rd-generation Roku devices aren’t supported, and not only will you not be able to hold onto root after rebooting your device, but you won’t be able to block automatic software updates which may remove the vulnerability.