It’s been years since the GTV Hacker team revealed a method to get root access on Roku devices, but now they operate under the Exploitee.rs banner and once again point out a software crack for the streaming hardware.
According to RootMyRoku developer llamasoft, the exploit takes advantage of a pair of vulnerabilities to enable a persistent root jailbreak. It should work on RokuOS v9.4.0 with the Realtek WiFi chip, which includes “almost all” Roku TVs and some of the boxes. RokuOS 10 blocks this particular method, but you may not have received the update yet.
Obviously this is useful for enthusiasts wanting more control of their box, but it does present some security issues, and on the Github page, the developer pleads with Roku to follow the lead of other companies in creating a bug bounty program. That would pay people who find these exploits, giving them more of a reason to find and highlight them so they can be fixed, rather than enabling any kind of nefarious activity.
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.