https://forum.xda-developers.com/apps/magisk/beta-magisk-v13-0-0980cb6-t3618589/post72666791#post72666791 … "Since Magisk is running as root but the SafetyNet checks are not" say hello to TrustZone-based remote attestation.
-
-
seems to fly in the face of the "don't trust the client" principle, which I'm sure will eventually blow up entertainingly...
-
It can be inherently bypassed, but they can raise the bar to requiring boot chain / TZ exploits, OS exploits or hardware key extraction.
-
It's not something that needs to fully work to be useful to them. They want to make it much more expensive and painful to do certain things.
End of conversation
New conversation -
-
-
The promoted "non-malicious" use is things like banking apps checking that the device isn't compromised.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.