My Auditor app can be expanded to verifying any device launched with Android 8+ once someone submits sample data from that device with the bootloader still locked. Install the app (via play.google.com/store/apps/det or github.com/AndroidHardeni) and press 'Submit sample data' in the menu.
Conversation
Replying to
It currently only supports 20 different device models, but it could support every device launched with Android 8 or later if samples were submitted from all of them. It doesn't take much work to add a device once an attestation sample and system properties are available for it.
5
Replying to
To what extend can an app guarantee a state of the system when the underlying integrity is not verifiable?
How do you know a sample is genuine (1) and (2) even if it is, we take the report from a system difficult to verify even if AOSP.
I am really glad you cont. working on this
1
1
1
Replying to
See the documentation: attestation.app/about. The system is verifiable via hardware support for attestation and verified boot. The main thing needed from the samples is the verified boot key fingerprint to distinguish devices from each other, which is part of key attestation.
2
1
2
Show replies