Conversation

John Wu
@topjohnwu
I advocate
@AndroidDev
to restrict hardware-backed SafetyNet evaluation to "real" security sensitive apps. Developers should go through an application process to qualify this level of API access. It is ridiculous for McDonalds to refuse to run on a bootloader unlocked device.
22
812
Daniel Micay
@DanielMicay
Replying to
@feherneo
@rfc1087
and 2 others
It works well and doesn't cause problems. Locking the bootloader to enable verified boot and attestation for alternate operating systems is fully supported by the specification. Pixel phones are among those implementing full support for alternate OSes. Most phones skip doing it.
1
6
Daniel Micay
@DanielMicay
Replying to
@DanielMicay
@feherneo
and 3 others
There's nothing preventing an aftermarket operating system from fully supporting the modern A/B update system, the hardware-backed keystore, verified boot and other robustness/security features. Can do things at least as well as the stock OS. Nothing forces it to always be a toy.
1
1
Daniel Micay
@DanielMicay
Replying to
@DanielMicay
@feherneo
and 3 others
Depending on Google Play Services or hacked together, incomplete reimplementations of it like microG is the real issue. SafetyNet is just one aspect of that. We were talking about and adopting hardware-based attestation years before SafetyNet used it. It was added in Android 7.
1