Initial release of my Auditor app as an independent project: github.com/AndroidHardeni. It's also available on the Play Store as a free app: play.google.com/store/apps/det.
It provides hardware-based integrity and identity verification for a gradually expanding set of supported devices.
Conversation
Replying to
"It cannot be bypassed by modifying or tampering with the operating system (OS) because it receives signed device information from the device's Trusted Execution Environment (TEE) including the verified boot state, operating system variant and operating system version."
2
1
Once it's paired, an attacker would need to exploit the TEE and/or bootloader to bypass the baseline checks. It's based on the hardware-backed keystore including the key attestation feature and verified boot. Software checks rely on the hardware baseline and are shown separately.