- Developers have created a jailbreak for Roku devices using OS 9.4 and a Realtek WiFi chip.
- The root access provides more control over players and TVs, including the option to block updates.
- It also highlights security issues for earlier Roku software, though Roku claims the vulnerabilities have been mitigated.
Update: May 20, 2021 at 8:59 AM ET: Roku has clarified that the two vulnerabilities in question did not expose any customer data and do not contain any malicious activity. The company reiterated that the vulnerabilities were mitigated with the Roku OS 9.4 update. The full quote can be found below.
As part of our continuous monitoring, the Roku security team identified and addressed vulnerabilities in the Roku OS – though these vulnerabilities did not expose customer data and we did not identify any malicious activity. We always want to do everything we can to maintain a secure environment for Roku, our partners, and our users, and we therefore mitigated the vulnerabilities and updated Roku OS 9.4 with no impact to the end user experience.
Original article: May 18, 2021 at 2:05 PM ET: Do you wish you could root your Roku device for more control, much like you can your Android phone? It’s now an option — with some caveats. As XDA and Engadget (disclaimer: this author also writes for Engadget) report, Llamasoft and other developers have created a RootMyRoku jailbreak that provides more control over your Roku player or smart TV.
Related: The best Roku channels to watch
The Roku jailbreak requires OS 9.4.0 build 4200 or earlier and a device using a Realtek Wi-Fi chip, which includes nearly all Roku-capable TVs and some players. If you meet that criteria, though, you’ll have low-level access that includes “secret screens” and other features that will give you more control over channels (aka apps). It even blocks channel updates, system updates, and any other data exchanges with Roku’s servers — important if you’re trying to use a channel that’s no longer available.
You might not want to rush to install the Roku jailbreak. You can’t easily add new channels (though third-party ones like YouTube should work), and features like My Feed and Search stop working. This certainly won’t help if you want to run OS 10.
More importantly, there are security issues. Like most root techniques, the Roku jailbreak takes advantage of two vulnerabilities in the older software. Llamasoft called on Roku to launch a “real bug bounty program” that offers incentives to report security holes instead of simply using them for hobbyist projects. As handy as this hack may be, it would ideally come alongside a patch to protect users who can’t upgrade to Roku’s latest software.