Google has taken a new step in the eradication of unauthorized modifications in Android: the new hardware verification of SafetyNet, the security system which guarantees that the phone has not been tampered with, makes it impossible to use tools like Magisk; which will prevent hiding the root or installed ROM of applications that check the integrity of the phone.
Since Android is Android, there has been a community of developers who have always looked for ways to modify the system to make it even more customizable for the user. ROMs are a good example, for example also root or administrator access. However, these processes involve risks for the user and for the material; Reasons why Google has gradually made changes difficult. And now you’ve taken one of the final steps against root: the integrity check by hardware certification. He is already active.
SafetyNet hardware certification cannot be bypassed
How Security Works on Android
Until now SafetyNet has checked the integrity of the phone in a “basic” way and certified it by software. Thanks to this tools like Magisk could hide changes from all applications They were looking to make sure the phone did not have a ROM and / or was not rooted, changes that could compromise the use of applications (make a screen recording on Netflix, for example). Magisk Hides Status From SafetyNet By “Cheating” On Google’s Security APIs offering false results when looking for phone software changes. With hardware certification, it’s impossible.
As they say in the XDA developers, and after the verifications of the own John Wu, creator of Magisk, SafetyNet’s new hardware certification makes it impossible to use Magisk and similar tools, at least as they work today. With such hardware certification, there is no way to deliver false results when faced with integrity check, as the Google APIs guarantee that the phone’s certification keys are legitimate. compare those that the company has on its servers with those stored in the secure area of the device. And, since there is no way to change this area, the so-called Trusted Execution Environment (TEE), there is also no way to hide changes made to the phone from all of these applications that require verification .
Here’s how the Trusted Execution Environment (TEE) works
SafetyNet hardware certification should not kill roots and ROMs, although it is difficult to use. Because if the applications end up asking SafetyNet for security checks, gradually the number of applications available for those who have modified the phones will be reduced; which will prevent them from being modified. After all, who would want to use a smartphone they can’t run their favorite apps on?
Google’s move doesn’t kill root, but it doesn’t hide it from apps that check if the phone is rooted
The new hardware certification has started, Google is currently testing it on some devices. There is no official statement from the company, but a notice in the community of the start of testing. Hopefully, over the months, SafetyNet will stop doing basic checks to run them with a hardware certification. We will see if Magisk and others manage to get by.
Source : Xatakandroid.com