System image signature / OEM keystore

[pylerSM]

Here is place where I and maybe some other people will share useful info.

Googler: "At the moment, any non-official build will not pass SafetyNet because the system image signature isn't what was expected"

Verified boot (PDF): "Verified boot devices ship with an “OEM Keystore” which is built into the system and signed by a key managed by the OEM"

[pylerSM]

System/vendor verified = https://github.com/android/platform_system_core/blob/master/adb/remount_service.cpp#L119

[pylerSM]

SNET sources http://www60.zippyshare.com/v/hbEHC96n/file.html

[Entropy512]

https://koz.io/inside-safetynet/ - This was posted 1-2 weeks ago when I was on vacation, I posted it in your reddit thread but you don't seem to be checking reddit any more - did you see this earlier?

It looks like patching the server response is not going to work, since SafetyNet checks can be done on an attestation server-side (My guess is that this is why Android Pay was not getting fixed by your module). You'll need to fool the data collection methods that are used to formulate an attestation.

Sucks that we're back in the dark ages of modified APKs and Xposed attacks on Wallet/Pay to even be able to use it again... I thought https://github.com/Entropy512/XposedWalletPatcher was never going to have to get resurrected. :(