A "Stock ROM" is the version of the phone's operating system that comes with your phone when you buy it.
A "Custom ROM" is a fully standalone version of the OS, including the kernel (which makes everything run), apps, services, etc. Everything you need to operate the device, except it's customized by someone in some way.
Since Android is open source, developers are free to take stock ROMs, modify them, strip them, optimize them, add things, and pretty much do whatever their imagination and skills allow. For example one of the most common custom ROMs nowadays comes with the ability to install applications to the SD card, called Apps2SD (or A2SD). This is currently not possible on stock ROMs.
Some of the popular custom ROMs include CyanogenMod. There are others likes Fresh 3.5.
When you flash your phone with custom ROM you usually get root automatically. Flashing with custom ROM will affect directly what you see/feel from a user's perspective. Root is about underlying system changes.
Difference between Rooting and Jailbreaking
Rooting and jailbreaking are essentially the same thing. The only difference is what device you are referring to and which term is generally associated with that device. Jailbreaking is generally used to describe Apple products like the iPhone, while rooting is used to describe most other Linux based devices like Android.
Apple is a closed ecosystem, unlike Android based phones, so it is much harder to jailbreak an iOS device due to all sorts of manufacturer restrictions.
Rooting is not something manufacturers or carriers approve of but they can't really prevent it from happening because the rooting process usually exploits vulnerability in the operating system code or device drivers and allows the "hacker" to upload a special program called su to the phone. This program is the one that provides root access to programs that request it.
Now that we understand the basic concept and terminology, Part 2 will focus on associated hardware involved to unlock the phone.
About the author: Mohit Arora (firstname.lastname@example.org) is a Sr. Systems engineer and Security Architect at Freescale Semiconductor. He is responsible for product and architecture definition for 32-bit industrial and general-purpose parts. "Embedded Security" is one of his main expertise and focus areas and he also leads the Security IP Asset team in AISG (Automotive Industrial and Solution Group). He holds more than 35 publications and is also the author of the book "The Art of Hardware Architecture."
For more articles like this and others related to designing for the embedded Internet, visit Embedded Internet Designline and/or subscribe to the biweekly Embedded Internet newsletter (free registration).
Good start, one of the aspects of this I would like to see addressed is the fundamental difference between Android and iOS when it comes to implementing a Type 1 Hypervisor, which is really the only rigorous way to enforce any security.
This is a good article. I find it interesting. Is short and only touches the basics but it really feels as an introduction towards what may become a great follow-through series of articles.
It was interesting to learn the different terminology used for Android and iPhone. Like Jailbrake for iPhone and Rooting for iPhone. etc.