Conversation

BQ Aquaris X2 Pro, Samsung Galaxy Note 9 SM-N960U and Xiaomi Mi A2 Lite are now supported by the development branch of my Auditor app and too. AttestationServer support for these 6 newly supported devices is already deployed to attestation.app.
Quote Tweet
Thanks to sample submissions from users, the next release of my Auditor app will add support for verifying the BlackBerry Key2 BBF100-6, Huawei P20 Pro CLT-L29 and Sony Xperia XZ1 G8341. Device support will be expanded further once more valid samples are submitted via the app.
Show this thread
1
2
Previously, every supported device had file-based encryption with the exception of all Samsung devices. The Aquaris X2 Pro and Mi A2 Lite are missing FBE though along with Android Verified Boot 2.0, ro.control_privapp_permissions=enforce, and other sec features just like Samsung.
1
Mi A2 Lite is an Android One device but that doesn't appear to mean much beyond having a basic set of rules for updates and higher level changes. It's sad that a very basic device survey without any depth is all that's needed to find serious problems in devices from many vendors.
1
3
Support for the moto g(6) hasn't been added to my Auditor app yet despite having a sample from a device running the stock OS and locked bootloader because of a strange issue. It set expiry to the Unix epoch for the attestation certificate when no expiry was supposed to be set.
2
This Tweet was deleted by the Tweet author. Learn more