Hi All,
So I am trying to better understand the Android operating system, specifically in the security section as it seems to be more 'hands off' compared to Windows.
Let me start by saying I am no security engineer in any capacity, but its a field that interests me greatly, and I understand Windows security much more than Linux/Android
I know what root is in Linux, its essentially the system account of Windows, it can do anything, and gaining root on Android is essentially gaining system in Windows, and understandably is a dangerous account to have control of.
I also understand that Android uses a verified boot process, similar to Windows with Secure boot and Bitlocker (When configured correctly)
But for Android this is as far as I go with Security, admittedly its extremely limited is my knowledge of the Android security system, I have heard of SafetyNet APIs and this can control things like Google Pay and some other applications like My EE for example, and seems to be to basically be a verification method to make sure the system is not tampered with.
But I am trying to understand what other security issues can arise with root, on my One plus when the boot loader is unlocked it prompts a warning on boot which is to be expected, it cannot verify the software you install (TWRP, Kernel, System) is safe and untampered with, but what else can happen, specifically from being attacked, maybe during system usage and what steps can be taken to help improve security?
I ask this because I feel more secure on OOS with locked BL, of course, but I also like to add things in like Magisk, V4A and Energized and I am currently deciding which I wish to settle on, Locked OOS or Unlocked OOS with addons.
Can anyone provide any light and tips on the subject? ELI5 or Advanced explanation is welcome
Many Thanks!
Hi!
I am in a similar situation as XDroidie. No security engineer, but I have technical background and I am also very interested in it.
I would like to learn how I can monitor my android system integrity and regular check if it is being tampered.
After some research I have the impression googles safetynet does a good job.(koz.io/inside-safetynet-3).
But I would prefer to live without Google Mobile Services on LineageOS or similar things.
Are there open source mimiks of safetynet, I can use as a personal security checker?
If for some reason I would get forced to use Safetynet, are there methods to check what safetynet does ? Did anybody before?
Thanks for your suggestions in advance!
Gerald
Related
Fact: 99% of mobile viruses are for Android.
In general it is never wise in a *nix environment to be root.
See this: http://www.howtogeek.com/132115/the-case-against-root-why-android-devices-dont-come-rooted/
So if I have an older Android device (the Defy+ in particular) I have the option of either root it and try the later CyanogenMod or not to root and stay with Gingerbread forever?
Is there a way that after I installed Cyanogenmod I somehow de-root or un-root the device for safety? I am not that technical; I guess it's not possible; so it remains more like a philosophical question. Not only about the Defy+ in particular but in general.
Un-rooting can depend on the device and the method used to root it.
Of course, you could always just delete your superuser app, or use an app encrypter to require a password to use it. I wouldn't bother though. The benefits of root are too good to pass up if you've already taken that leap. Back-ups, ad blocking, Xposed tweaks, etc.
Doing stupid stuff with a rooted phone can certainly ruin it. The solution is not to do stupid stuff. The best way to keep your device safe is to just use your head. If you want to clean up bloatware, use Clean Master or a similar app that lets you know whether uninstalling something will affect your phone. Only side-load apps from sources you (and other people) trust. Do you research before doing anything that cause a problem. If you don't know, ask here.
That "Fact" you have is absolutely pulled straight out of someone's @$$. Viruses - no. Malware - yes. Don't install shady apps from unknown developers and "99%" of the problems won't even be an issue. And you can run a custom rom without root, such as Cyanogenmod. All root is is enabling admin access of your phone. You can even enable and disable as needed. When you have a superuser app, it controls the root permissions of the phone and you have the option of denying root, allowing root once, to request in a certain time frame, or to run it always.
Greeting's, I would like to know if there's a way to verify android installation (or image, i'm unsure on which is the correct reference; pardon me.). I own a Nexus 5 (32GB) and my phone recently received 5.1 update. Update process finished normally, there was a reboot and the standard optimizing app's screen. Few days later, when I rebooted my phone; the same optimizing apps process started. I had checked that my 5.1 update was to build LMY47I and there is no further update to this build. At this point, I am bit concerned as to - 1) Why the optimizing application process started? 2) While I did google around a bit, I did not find any definitive way to check integrity of installed android image.
I'm a information security architect and almost all OS's have a way to verify its installed integrity. Windows for PC's have sigverif and SFC commands. Traditional BIOS is being replaced with UEFI which helps verify and maintain boot cycle integrity.
So, in android is there such process or tools or commands to verify integrity of installation?
Thanking you in anticipation,
Parth Maniar
It is doing it because something wiped the cache. There is no way to check at the moment. If it doesn't install properly then it will kernel panic and not boot at all.
zelendel, thank you very much for your reply. I personally did not wipe the cache partition. Also, will this occur every time cache partition is wiped? Because I've at times manually wiped the cache partition but application optimization has never started. Is there a logging mechanism to check why this was invoked? Is there a way I can enable, disable or control logging parameters? For example - In a PC environment, I can log all network traffic using syslog standard or enable logging using group policy in windows. Does android have any such option?
Please don't mind my questioning and don't let that make you feel that I'm doubting your answer. I am just trying to learn. I would like to once again thank you for your prompt answer.
Parth Maniar.
ParthManiar said:
zelendel, thank you very much for your reply. I personally did not wipe the cache partition. Also, will this occur every time cache partition is wiped? Because I've at times manually wiped the cache partition but application optimization has never started. Is there a logging mechanism to check why this was invoked? Is there a way I can enable, disable or control logging parameters? For example - In a PC environment, I can log all network traffic using syslog standard or enable logging using group policy in windows. Does android have any such option?
Please don't mind my questioning and don't let that make you feel that I'm doubting your answer. I am just trying to learn. I would like to once again thank you for your prompt answer.
Parth Maniar.
Click to expand...
Click to collapse
As to why it happened I am not sure. I normally happens when the delvic cache partition its self is wiped. There are some tools that might help with what happened. You could look into logcats and last_kmsg HERE is a great tut on them that might help. There are also a few on device apps like catlog and a few others that might help.
Oh no not at all. I understand completely where you are coming from. Most of the error logging is done in a linux setup and not on device or windows really. It also depends on the device and the distro of android your using.
I'm currently using stock androind (AOSP) on my Nexus 5. One of the reason's that I've never tried running other android built is mainly my lack of understanding. Not that I know how AOSP works but I feel tad bit secure knowing it's the official build. Like your signature say's "Security is an illusion".
I would love to play around with Android but where would you suggest is the best and safest way to start, from the perspective of a clean restore. For example - PC's have virtual environments where I can do testing or even trying to break a software just to learn how it works. What kind of process or tools are used for android.
I have one more question (Pardon me for the question parade ) but how does one verify tools posted on Internet which deal with reseting firmware or even factory flags. I have tried on a test phone resetting LG flag for tampered. I had manually flashed the phone with android 5.0 image which required unlocking the bootloader. So to ensure I can claim warranty i used the temper reset tool. While I truly appreciate the author(s) of that particular and such other tools which assist "hackers" (this would be the correct use of the word) immensely. How can one be sure that no malware code is present.
If you've ever researched on this - There are couple of companies out there giving tools (software) for complete control of the phone. Most of them excel at giving features for Android. While that scares me, it also gives an opportunity to learn on detection and remediation.
ParthManiar said:
I'm currently using stock androind (AOSP) on my Nexus 5. One of the reason's that I've never tried running other android built is mainly my lack of understanding. Not that I know how AOSP works but I feel tad bit secure knowing it's the official build. Like your signature say's "Security is an illusion".
I would love to play around with Android but where would you suggest is the best and safest way to start, from the perspective of a clean restore. For example - PC's have virtual environments where I can do testing or even trying to break a software just to learn how it works. What kind of process or tools are used for android.
I have one more question (Pardon me for the question parade ) but how does one verify tools posted on Internet which deal with reseting firmware or even factory flags. I have tried on a test phone resetting LG flag for tampered. I had manually flashed the phone with android 5.0 image which required unlocking the bootloader. So to ensure I can claim warranty i used the temper reset tool. While I truly appreciate the author(s) of that particular and such other tools which assist "hackers" (this would be the correct use of the word) immensely. How can one be sure that no malware code is present.
If you've ever researched on this - There are couple of companies out there giving tools (software) for complete control of the phone. Most of them excel at giving features for Android. While that scares me, it also gives an opportunity to learn on detection and remediation.
Click to expand...
Click to collapse
You could use a live disc and run Linux which would allow you all the great tools. I would start with the android SDK which allows for virtual devices. I have a dual partition set up to boot up linux so I can download all the source code and go from there. As you have a nexus you have almost complete freedom in that aspect. When dealing with devices like LG, HTC or the worst being Samsung it gets alot harder dealing with resetting flags. They are working harder and harder to lock things like this down. Now that Samsung has given alot of the Knox code to google for use in the base AOSP code it will get harder. Alot of the newer devices with knox cant even have the bootloader unlocked.
As for being sure there is no malware included that gets a bit harder. Most rely on a good malware software. I can not attest to any as I dont use any of that myself, I am just very careful with what I download. Any company that is giving away software that claims to allow you to completely control a device is bound to have some sort of malware involved. I have seen a few and alot of them have ransom ware deeply embedded in them.
Thank you very much again, zelendel. I wanted to correct or better explain what I already mentioned. I was referring to companies which offer hacking services .. I've had couple of run downs with them and they "sell" products, with capabilities well beyond general publishing. I wanted to learn on how to counter them. Sadly, I'm not a programmer and downloading source code will help me little. But i will still setup as you've mentioned. What linux distro do you use? I hate multi boot with UEFI especially since i use a FDE product. Ah, the fun of setting up a lab.
Thank you very much again. Journey in Android begins now.
PS: Have you used any other android build except the AOSP? I would like your take on that too.
ParthManiar said:
Thank you very much again, zelendel. I wanted to correct or better explain what I already mentioned. I was referring to companies which offer hacking services .. I've had couple of run downs with them and they "sell" products, with capabilities well beyond general publishing. I wanted to learn on how to counter them. Sadly, I'm not a programmer and downloading source code will help me little. But i will still setup as you've mentioned. What linux distro do you use? I hate multi boot with UEFI especially since i use a FDE product. Ah, the fun of setting up a lab.
Thank you very much again. Journey in Android begins now.
PS: Have you used any other android build except the AOSP? I would like your take on that too.
Click to expand...
Click to collapse
I personally Use Ubuntu as it is the supported android building setup. It was easy to setup and use for a Linux noob like I was. Oh God I know what you mean with UEFI.
As for countering them. The easiest way would be to pay attention to what gets root access. This would be the only way they could really do anything major. Mainly with the new sandboxing in android 5.1
I have used just about every distro of android available. I have used OEM Roms like HTC Sense, Samsung Touchwiz. I have used all of the AOSP based roms. CM, Slim, AICP, DU (my current), PA. I now avoid CM based builds and stick to builds that work off of AOSP instead of CM based. This is due not only to the companies BS stand on removing Google from android but they have a bad habit of treating others like trash and merging untested code which can cause issues like the recent string of nexus 6 bricks.
Hello,
I recently acquired a Sony Z5C, planning on switching to LineageOS sooner or later, but the android tweking world is way more complex than I initially imagined. I am mostly concerned about privacy and control but there is so much to go through I am completely lost. I thought it was all about running either Sony's rom or the lineageos rom but there seems to be a lot more to take into account.
What I am looking for:
getting rid of Sony's annoying bloatware
getting rid of Google Play Services
automatic or semi automatic security updates
fine tuning of application permissions (including ability to deny specific apps access to, say, my location, contact list, camera, internet, sms, without the apps noticing they have been denied access in the first place)
ads and trackers blocking (for instance global or per-application blacklisting of known "evil" domains)
being able to restore everything as it was when I purchased the phone
f-droid begin able to download and install updates without manual intervention
as little side effects as possible resulting from the deletion of the Google Play Services
Icing on the cake:
no loss in camera quality (I read somewhere it is sometimes possible to use image-enhancing algorithms despite having deleted the required DRM keys)
no loss in gps accuracy
same battery life (or better)
encompassing all data traffic of specific apps through tor or another technology preserving distant services from identifying me and my mobile network operator from knowing I access said services
Questions:
What is the difference between opengapps and microg? How does it relate with lineage? At which point in the installation process is it involved?
What are the consequences of rooting the device?
What is the purpose of so called "Magisk"? I read it "changes everything" but I have no idea what "everythin" was. As far as I understand, it is useful to fake a genuine configuration that have not been tempered with in order to use Google Pay or some games. I do not seem to care about that: should I? Is there more to know?
Most important question: in your opinion, considering the above points, the phone I have, current trends and hindsight, and your experience, what would be the best way to go? Should I follow the installation steps on the official lineageos page for the Z5C or do you think another option would suit me better?
To illustrate my technical knowledge: I have been a gnu/linux user for almost a decade but I am completely ignorant of the Android world and feel lost. In particular the concept of "root" and how user and system data is organized on the filesystem(s) (especially on Sony devices) seem different. I am willing to learn and get technical, but there is too much information and I do not know where to start with zero experience.
Thank you very much for your help.
I am in same situation. Did things like that for Moto and Samsung already, but I am new to Sony.
Key is to install TWRP. This is some kind of recovery where you can
- make a backup
- install LOS
- recall backups.
Once this is done:
- install root/su
- tingle the framework (to get microG running)
- install microG
- install afwall (firewall)
- install adaware
only than plugin a SIM and/or enable Wifi.
So: first thing is to install TWRP
unlock Bootloader:
To be able to unlock your Xperia Z5 Compact, prepare it by following these steps:
Go into Settings > About phone and tap seven times on Build number to enable developer options.
From Settings, go into Developer options and enable OEM unlocking.
Warning: Device protection features will not work on this device while this setting is turned on.Please note! It will only be possible to unlock the boot loader for certain releases. You can check if it is possible to unlock the boot loader of your device in the service menu by following the steps below:
In your device, open the dialer and enter *#*#7378423#*#* to access the service menu.
Tap Service info > Configuration > Rooting Status. If Bootloader unlock allowed says Yes, then you can continue with the next step. If it says No, or if the status is missing, your device cannot be unlocked.
TWRP
https://forum.xda-developers.com/z5-compact/development/twrp-twrp-3-2-1-z5-compact-t3748952
A few words to your queston:
opengapps are not open source, they just add normal google apps to Custom Roms. With all pros and cons.
MicroG is offering some kind of api, so that most features can be used (notification, google maps, access to playstore).
They are installed after the custom rom. Some people don't install any of them, use FDroid as a store.
root gives you the chance to change settings, for a few advanced configurations it is required (or makes it easier): firewall, ad remove ...
No experience with magisk. It is another way of "rooting" it, gives more features (hide the root status) which is required for some games. Not needed it til now.
What seems to be missing from previous post is to backup your DRM keys since unlocking your bootloader means losing them FOREVER.
Regards,
Aeny
Aeny said:
What seems to be missing from previous post is to backup your DRM keys since unlocking your bootloader means losing them FOREVER.
Regards,
Aeny
Click to expand...
Click to collapse
Right, but didn't you need TWRP to make a backup. And that is on my list, first point. Or is it a special step to do?
Thank you for your help and valuable information which now raises even more questions
If I get things right TWRP is low level stuff that would allow me to backup and restore the system whenever I need to. Say for instance I just installed LOS and configured it as desired so I use TWRP to get a backup and if I later mess things up I can restore this backup without having to go through the whole installation and configuration process? How does the official LineageOS installation guide fit in all this, sould I follow it? Do I need to follow a completely different procedure? I am not planning to tinker anympre once everything has been set up, is TWRP only recommended for people who often experiment and change things or is it recommended for everyone?
The DRM keys are removed when unlocking the bootloader but since TWRP requires an unlocked bootloader they have to be backed up beforehand, am I right? Does it mean I can restore them afterwards once the bootloader has been unlocked without locking it up again? How can I back them up in the first place?
I cannot seem to picture how all the pieces fit together, which is low level stuff, which is high level. When you say "install microg", "install afwall", "install adaware", what are microg, afwall, adaware? Are they regular applications? Regular applications with root access? Low level modules? How is root managed in comparison with a gnu/linux system where I can either directly log as root, change user to root with "su", or get temporary privileges with "sudo"? When you say "install root/su", are we simply talking about installing the equivalent of "su" or "sudo" on a linux distribution? Is there a root password I shall input each time it is required or provide some applications root privileges through a configuration app? Is such an application to be installed separately?
Thank you for the clarification about opengapps/microg. I am interested in microg although I can give a try without in the beginning as long as it is still possible to install microg later.
fetchaspade said:
WRP only recommended for people who often experiment and change things or is it recommended for everyone?
Click to expand...
Click to collapse
Yes, highly recommended if not even required. All my LOS setups run via TWRP.
fetchaspade said:
The DRM keys are removed when unlocking the bootloader but since TWRP requires an unlocked bootloader they have to be backed up beforehand, am I right? Does it mean I can restore them afterwards once the bootloader has been unlocked without locking it up again? How can I back them up in the first place?
Click to expand...
Click to collapse
Good point. Don't know where do I need this DRM keys for, as I did't faced off this with other mobiles.
I think you have to make a backup of the TA partition:
https://forum.xda-developers.com/crossdevice-dev/sony/iovyroot-temp-root-tool-t3349597/
fetchaspade said:
I cannot seem to picture how all the pieces fit together, which is low level stuff, which is high level. When you say "install microg", "install afwall", "install adaware", what are microg, afwall, adaware? Are they regular applications? Regular applications with root access? Low level modules? How is root managed in comparison with a gnu/linux system where I can either directly log as root, change user to root with "su", or get temporary privileges with "sudo"? When you say "install root/su", are we simply talking about installing the equivalent of "su" or "sudo" on a linux distribution? Is there a root password I shall input each time it is required or provide some applications root privileges through a configuration app? Is such an application to be installed separately?
Click to expand...
Click to collapse
addsu is to flash via TWRP in same manner like LOS itself - as a zip. Others are regualar applications (installed like that) but required root privileges to work. No root password required. Once an app needs it it will ask you, and if you like it remembers you allowed it (so it will ask just once usually). Recommend to try this. You can't do much wrong if you create a backup
fetchaspade said:
Thank you for the clarification about opengapps/microg. I am interested in microg although I can give a try without in the beginning as long as it is still possible to install microg later.
Click to expand...
Click to collapse
MicroG is a bit more fiddling to install than gapps and seems to has limitations. There are separate threads for just this.
Just start, you will get a feeling for that all.
Edit: But
there is already a lineagos with microG built-in:
https://download.lineage.microg.org/suzuran/
Thank you starbright_
To recap, I am to unlock the bootloader, install TWRP, flash addsu via TWRP, flash lineage enhanced with microg, and I'm good to go.
I'm still stuck on the very first step: backing up the TA partition. If I'm not mistaken I need the TA backup tool which requires root access. Root access requires an unlocked bootloader (which would remove the TA partition and the DRM keys) or is achieved for a limited amount of time thanks to exploits. According to both https://forum.xda-developers.com/crossdevice-dev/sony/iovyroot-temp-root-tool-t3349597/ and https://forum.xda-developers.com/z5-compact/general/guide-how-to-root-z5c-painful-using-t3549388, it won't work on recent versions (7.1.1) so I need to downgrade. How can I do that? I imagine I need a tool to flash an old official rom: where am I to find an old official rom? How can I flash it without having an unlocked bootloader?
Backing up the TA partition really seems cumbersome. Is the loss of quality really noticeable on photos and videos? I find photos quite disappointing already and I fear it would get even worse.
On an unrelated topic, do you now of any way to backup SMS conversations as a simple file to import later on the same or different device? All I can find are applications that back up messages on a GMail account (no thanks) or any IMAP server (in what world is it simpler than an xml or simple text file ?).
Maybe you can translate this:
https://reraise.eu/2016/09/05/xperia-z5c-so-sicherst-du-die-ta-partition-teil-1
On an unrelated topic, do you now of any way to backup SMS conversations as a simple file to import later on the same or different device? All I can find are applications that back up messages on a GMail account (no thanks) or any IMAP server (in what world is it simpler than an xml or simple text file ?).
Click to expand...
Click to collapse
I'm using titanium backup for that.
(menu / backup data to xml)
@fetchaspade
Did you start your project? I would appreciate to take notes of your step. That's not only helping others, but also yourself once you have to do the steps again once.
The title says it all... does anyone use GrapheneOS? Thoughts? Likes/dislikes?
Are there any phones that are better for it than others? I was looking at the Pixel 3a.
Hi sniper8752,
I know you question is now a few months old (i hope i'm not to late for my answer).
I guess cause there are nearly no xda GrapheneOS threads a question such yours running under the "radar".
I'm on, well let's say, GrapheneOS in examination marks because i don't use the OS on my pixel 4 xl as the dev intented it.
I don't know whether you were on the GrapheneOS website in the past. According to the website you should install GrapheneOS once over fastboot and lock the bootloader again to get the AVB fully working again.
That give you the most security cause you can only boot GrapheneOS and install GrapheneOS Updates over the build-in updater app.
But from my knowledge you can't install EdXposed or Magisk then cause you change partitions and AVB blocks the booting process then.
So i'm using GrapheneOS as normal Custom Rom and unlocked Bootloader to be able to use Root with Magisk.
That why i say i'm having a GrapheneOS in examiniation marks
From user view it's a clean Android 10 ROM without (!) Gapps etc. This won't change cause it a Rom for people which care about privacy and security.
What i really like too are the facts that it explicity apply the full security patches on the supported devices (which are only the pixels) and that it uses a securized kernel and some other under the hood security improvements.
I'm using the rom (stable channel) since a few days now and it's runs totally smooth and i didn't find any bugs
so far.
Atm i'm thinking to offer unofficial builds from the rom with according Magisk pre-patched boot images here on xda. But i'm not completly sure about that.
Edit:
And i forgot still one thing: The support from GrapheneOS for a device ends if google stops the support for it. Again the reason is security: Some parts of your device gets updates through the device oem. GrapheneOS can't cover this so the dev doesn't support the device anymore.
All in all GrapheneOS has another philosophy then most of the custom roms here on xda. It doesn't want to extend the lifetime of devices. It want to gives the user a more privacy and securize-friendly rom during the lifetime of device.
Hey mate - did you manage to get for example Google Photos running if you add MicroG? (in terms of Backup).
I am still not able to ditch that (at least until my full backups from the Pixel seize to exist Jan 2021 I believe...).
Mind you that the Google Photos works just fine on CalyxOS with backup functions operating.
GCam works on both (Graphene with a Services spoofer apk). Still secure.
CalyxOS using the MicroG.
Graphene OS does not allow me to use Google Photos's backup function. I've read that if I backup using Titanium root and then deploy in Graphene (with root) it should work. Using your method + Magisk maybe I can make this work ...
Battery life on Graphene has been epic for me ...
GPS was very slow and sort of inaccurate on both ...
For all else I am perfectly fine with both.
I have never used a Pixel phone, but I am strongly considering a Pixel 6 now. I want to root the phone using Magisk **and** I want to successfully hide root. Furthermore, I want to be able to install some modules in an Xposed-like framework such as LSPosed, and I want the existence of that XPosed-like framework also to be hidden. Ever since Android 11, it's been complicated and confusing to figure out how to accomplish all of this in a reliable manner, given the latest changing versions of Magisk and given the various root-hiding mechanisms that are now offered, and which are also now still in development.
There is a huge amount of information about this general topic in the following threads ...
https://forum.xda-developers.com/t/magisk-general-support-discussion.3432382/page-2689#post-87696219
https://forum.xda-developers.com/t/discussion-magisk-the-age-of-zygisk.4393877/
https://forum.xda-developers.com/t/...r-unofficial-third-party-magisk-fork.4460555/
https://forum.xda-developers.com/t/lsposed-xposed-framework-8-1-13-0-simple-magisk-module.4228973/
... however, there are collectively more than 50,000 messages in this group of threads, and for me, this fits into the category of "Too Much Information", especialy given that much of this info is contradictory, with different people reporting success and others reporting failure, and different people reporting slightly different versions of the same procedures.
The reason I'm posting here is that I'm wondering of anyone has successfully accomplished what I'm trying to do with a Pixel 6 under Android 11 or Android 12, and if so, whether that person (or people) might be willing to share a straightforward, step-by-step, cookbook-like set of instructions about how to accomplish all of this from beginning to end.
By "beginning to end", I mean to start with a brand new locked Pixel 6 and to install all of the software and features that I described above, with the end result being a reliably rooted Pixel 6 (with root reliably hidden) running some sort of XPosed-like framework under Android 11 or Android 12, and which can be consistently rebooted with no boot loops.
If that is considered off-topic here, I'm glad to take this into private chat.
Thank you very much in advance for any help that you might be able to offer.
What he said, but instead of android 11 or 12, give me one for 13 please.
Oh! I somehow overlooked the following thread when I first came here:
https://forum.xda-developers.com/t/...nlock-bootloader-pass-safetynet-more.4388733/
It covers a lot of the information I'm looking for.
I will soon dig into that thread in more detail, and if it indeed ends up explaining everything that I want to learn, then I will abandon this current thread.
But for the moment, I'll keep this thread alive.
I can confirm my rooted Pixel 6 running 13 passes SafetyNet check and is certified in the Play app following those instructions. However, Google is not using SafetyNet to check for an unlocked bootloader in their apps anymore. GPay complains about device security and there are some apps that I can't download. Netflix, Hulu. Other than GApp and having to sideload Netflix, I don't have any issues.
Here's a thread about the new security check.
https://forum.xda-developers.com/t/discussion-play-integrity-api.4479337/
anyone having issues with some apps detecting root even after magiskhide should try the shamiko module. helped me
few stupid questions regarding rooting my pixel 6 .....
1) its new unlocked phone, should i have the new SIM in phone when rooting, does it matter ?
ok to put it when its done ?
same question for being signed into Google account when rooting, does it even matter, either way ?
2) is there a way to get the pixel phone transfer to show back up, or a way to access it ?
Its very easy for me to transfer all backed up data from my current Pixel 3 that way...
3) can I still run my banking & crypto apps once rooted ? I have read conflicting reports on this... elsewhere that is.
Thank y'all for the awesome information ya provide on here, and Thank You in advance if you have any input for me rooting...
Its amazing how far along we've come along since my bag phone
kengel1969 said:
few stupid questions regarding rooting my pixel 6 .....
1) its new unlocked phone, should i have the new SIM in phone when rooting, does it matter ?
ok to put it when its done ?
same question for being signed into Google account when rooting, does it even matter, either way ?
2) is there a way to get the pixel phone transfer to show back up, or a way to access it ?
Its very easy for me to transfer all backed up data from my current Pixel 3 that way...
3) can I still run my banking & crypto apps once rooted ? I have read conflicting reports on this... elsewhere that is.
Thank y'all for the awesome information ya provide on here, and Thank You in advance if you have any input for me rooting...
Its amazing how far along we've come along since my bag phone
Click to expand...
Click to collapse
1. No, yes, no
2. Yes, kind of
3. Yes with safetynet module and magisk deny list, and sometimes magisk props.
Read @Volatyle's and @Homeboy76's guides. Great info in both.
It would be better if you explained what your end result is. Hiding root can be very difficult; depending on the app requirements, simply having an unlocked bootloader can be enough, because an unlocked device will always fail hardware backed attestation.
If you're simply trying to get apps like Google Pay to work, you should need to do nothing more than install Displax's modded USNF module, and enforce DenyList on the Play Store and Play Protect service.
If on the other hand you're trying to use apps that specifically detect the presence of Magisk, then you may need to hide the Magisk app. As far as hiding the presence of root itself, I am unsure as to whether any app without root privileges can detect whether an SU binary is installed. Someone like @pndwal would know better than I would.