Maitreya25
commented
2 days ago Why would you do all this effort for safetynet? Safetynet is dead now, waste of time.
Open lucasmz-dev opened 3 days ago
Maitreya25
commented
2 days ago Why would you do all this effort for safetynet? Safetynet is dead now, waste of time.
lucasmz-dev
commented
1 day ago I suppose that is valid. I do wonder how microG plans or not to implement Play Integrity, and how that'd apply there 🤔
ale5000-git
commented
1 day ago SafetyNet code is still used as part of Play Integrity if I'm not wrong.
Maitreya25
commented
1 day ago SafetyNet code is still used as part of Play Integrity if I'm not wrong.
It may be but even if you pass safetynet attestation it won't make a real difference within apps (such as bank apps) as virtually all apps now check for the play integrity verdict due to snet's deprecation. And yes, it's relatively much harder to pass play integrity attestation.
ale5000-git
commented
1 day ago I haven't tried recently but I remember I was able to pass play integrity with microG + real Play Store. Recently there have been a problem of non passing for the "Lineage OS" in the kernel name, but it could be fixed by recompiling the kernel with a changed string (not tried yet).
Maitreya25
commented
1 day ago You may be able to pass basic integrity but most sensitive apps require device integrity to function which unfortunately does hardware attestation unless you hack around it and using a whitelisted prop set :(
ale5000-git
commented
1 day ago Hacks aren't needed if you are using a phone that it is born without hardware attestation.
Is your feature request related to a problem? Please describe. One problem is that SafetyNet AFAIK, requires proprietary binaries to work. This is noted in the description, but it can easily be ignored, as well as the text being somewhat hard to understand the implications of.
Describe the solution you'd like A simple extra prompt for confirmation, with a message letting the user know if they enable it, then they are running proprietary binaries on their device, that might interact with the system in a priviliged fashion.
Describe alternatives you've considered Another alternative is to better highlight the use of proprietary binaries for SafetyNet, like a separate line, that indicates more clearly that enabling it results in proprietary binaries running.
Additional context If there are other features that utilize proprietary binaries, these should be highlighted.