LightBlog

jeudi 12 mars 2020

Samsung Galaxy A70 receives Android 10 based One UI 2.0 once again

Samsung’s current-gen flagship Galaxy S20 family comes with One UI 2.1, a small increment over the Android 10 based One UI 2.0 skin found in Galaxy S10 and Note 10 lineup. The OEM will eventually deliver the new update to legacy phones, although a proper timeline is not available yet. To Samsung’s credit, the mid-rangers are not exactly left behind in terms of software updates either, as Galaxy M30 secured the Android 10 OTA a few days ago. One UI 2.0 also reached Galaxy A30 and Galaxy A50s in February, but the update story has a few twists in case of the Galaxy A70.

As a matter of fact, some Galaxy A70 owners from Ukraine reportedly received a similar treatment last month, as many woke up to find a pending Android 10 OTA update notification on their phones. However, the particular build i.e. A705FNXXU5BTB9 was apparently pulled back. The internal firmware tracker for the corresponding device variant (SM-A705FN) still shows Android Pie based A705FNXXU5ASL4 build with January 2020 security patches as the latest firmware.

Samsung Galaxy A70 XDA Forums

In some good news, a new software update appeared on the FOTA server earlier this week. Tagged as A705FNXXU5BTC2, this build is carrying February 2020 security patches like the previous one. There is no advancement in the bootloader version (v5), and it is possible to revert back to Pie due to the same reason.

Seems that Samsung squashed out most of the showstopper bugs, as they decided to resume the Android 10 update rollout with this new build. Once again, the OTA is available only in Ukraine (country code: SEK) at the time of reporting. It may take several weeks to reach other regional markets, but enthusiast users can manually flash the firmware on their phones. Tools like Frija can be useful for downloading the firmware.

galaxy_a70_btc2_software_information

Besides system-wide dark mode and advanced app permissions, Galaxy A70 users can now enjoy One‌ UI 2.0-specific features such as an overhauled camera app UI. The built-in screen recorder might also be included in this build, but there is no such confirmation yet.

Samsung has yet to publish the kernel source code for this update. It is worth mentioning that the Indian variant of Galaxy A70 (SM-A705GM) might not be compatible with the aforementioned firmware, so our Indian readers have to wait a little longer to get the taste of Android 10.


Thanks to XDA member C192-0 for the screenshot!

The post Samsung Galaxy A70 receives Android 10 based One UI 2.0 once again appeared first on xda-developers.



from xda-developers https://ift.tt/3aN6rzi
via IFTTT

Xiaomi launches Redmi Note 9 Pro and Redmi Note 9 Pro Max with Snapdragon 720G, up to 33W fast charging

Xiaomi has been leading India’s smartphone market uninterruptedly for almost three years now. In the last quarter, Xiaomi grew from strong sales of the phones in the Redmi series and offline expansion in the country. Unquestionably, the Redmi Note series has been instrumental to this growth and popularity. Since 2018, Xiaomi has been following a biannual upgrade cycle for its smartphones to meet the growing demands of markets like India. The Redmi Note 8 series was launched in China in August last year and now its successor is ready for a release. Citing constraints due to the COVID-19 pandemic, Xiaomi is unveiling the Redmi Note 9 series through an online India-first launch event.

Redmi Note 9 Pro Max

Xiaomi is now introducing a new “Pro Max” series which will be at the top of the Redmi Note series. The “Max” moniker is also a homage to the classic Mi Max series which included Xiaomi’s early phablets.

The  Redmi Note 9 Pro Max comes with a radical design change over the Redmi Note 8 Pro (review). There is now a square camera module on the back with four cameras but no rear-mounted fingerprint scanner. Instead, Redmi is using one side-mounter sensor for biometric authentication. The hole-punch cutout on the front also gives a fresh new appeal to the new Redmi Note series. Unlike the POCO X2 (Redmi K30 4G in China), there is a single camera although the display is the same size.

The Redmi Note 9 Pro Max continues to adorn a glass sandwich design, with Gorilla Glass 5 protection on the back as well as the 6.67-inch Full HD+ IPS LCD display. Additionally, the quad-camera setup is also protected under Gorilla Glass.

Unlike the recently launched Realme 6 Pro, the refresh rate of the Note 9 Pro Max’s display is restricted to 60Hz.

The Xiaomi and Redmi phones launched through the last year came with dazzling back panels and color gradients. Instead of that, the company has opted for soothing color options for the Note 9 Pro and the Note 9 Pro Max. Xiaomi is calling this the “Aura Balance Design” and there are three color variants for the phone – Interstellar Black, Aurora Blue, and Glacier White.

xiaomi redmi note 9 pro max

The Redmi Note 9 Pro Max will feature a flagship-grade haptic response engine. The “z-axis” vibration motor is perpendicular to the surface of the display and has dedicated vibration profiles for a slew of user inputs. Additionally, the smartphone continues to be equipped with a 3.5mm audio jack and the IR blaster.

In terms of cameras, the quadruple setup includes a 64MP Samsung GW1 primary sensor with a 6P lens setup, an 8MP ultra-wide-angle camera, a 5MP macro camera, and a 2MP depth sensor. The wide-angle camera supports 119º wide FOV but has a fixed focus. in contrast, the 5MP macro camera supports auto-focusing for greater detail. Additionally, the hole-punch camera on the front has a resolution of 32MP.

xaiomi redmi note 9 pro max

The Redmi Note 9 Pro Max features support for RAW photography and a Color Pro mode which automatically adjusts the parameters in the RAW shot. In terms of videos, it supports 4K video recording at 30fps and a dedicated mode for 21:9 cinematic capturing.

Internally, there are some expected changes. After a fizgig with MediaTek G90T on the Redmi Note 8 Pro, Xiaomi is taking a route back to Qualcomm and is the first Redmi Note device to feature a Snapdragon 7xx series SoC – i.e. the latest Snapdragon 720G chipset. The Redmi Note 9 Pro Max will come with at least 6GB of LPDDR4X RAM and will also be available in an 8GB variant. The phone comes with up to 128GB UFS 2.1 storage and a dedicated microSD card slot.

In terms of connectivity, the Snapdragon 720G enables 2×2 MIMO for LTE and Wi-Fi. For navigation, the chipset supports dual-frequency GNSS in India and will also support India’s own location satellite – NavIC.

The smartphone also comes with a bigger battery as compared to both – the Redmi Note 8 and the Redmi Note 8 Pro. In fact, this is the largest battery on a Redmi device ever. It features a 5,020mAh battery and supports 33W fast charging and the fast charger will be included within the box.

Redmi Note 9 Pro

The Redmi Note 9 Pro is the second device launched by Xiaomi today. In terms of design and the display, the Note 9 Pro is identical to the Note 9 Pro Max but there are some differences under the hood.

The Redmi Note 9 Pro also comes with a Qualcomm Snapdragon 720G SoC. There are 4GB and 6GB RAM variants and the fact that there is no 8GB RAM variant suggests the Note 9 Pro might succeed the Redmi Note 8 (our review) instead of the former Pro variant, even if Xiaomi claims otherwise. The 4GB and 6GB RAM variants are paired with 64GB and 128GB of UFS 2.1 storage options. There is a dedicated microSD card slot that supports expansion cards with storage capacity up to 512GB.

xiaomi redmi note 9 pro max

The Redmi Note 9 Pro features the 48MP Samsung ISOCELL Bright GM2 as the primary camera. All of the other cameras on the back are identical to the Note 9 Pro Max. Compared to the Max, the Note 9 Pro features a 16MP in-display selfie camera.

The Note 9 Pro also features a 5,020mAh battery but it only supports 18W fast charging as compared to the 33W charging of the Pro Max.

Redmi Note 9 Pro/Note 9 Pro Max Specifications

Specification Redmi Note 9 Pro Series
Dimensions and Weight
  • 165.7 x 76.6 x 8.8 mm
  • 209g
Display
  • 6.67″ FHD+ (2400 x 1080) LCD;
  • Center-weighted Punch-hole display
  • Corning Gorilla Glass 5
SoC
  • Qualcomm Snapdragon 720G
    • 8nm process
    • 2 x Kryo 465 based on Arm’s Cortex-A76 @ 2.3GHz
      6x Kryo 465 based on Arm’s Cortex-A55 @ 1.8GHz
  • Adreno 618
RAM and Storage
  • Redmi Note 9 Pro Max
    • 6GB LPDDR4X + 64GB UFS 2.1
    • 6GB + 128GB
    • 8GB + 128GB
  • Redmi Note 9 Pro
    • 4GB + 64GB
    • 6GB + 128GB
  • Dedicated microSD card slot for up to 512GB cards
Battery & Charging
  • 5,020 mAh battery
  • Redmi Note 9 Pro Max: 33W fast charging
  • Redmi Note 9 Pro: 18W fast charging
  • Respective fast chargers included within the box
Rear Camera Photo:
  • Primary:
    • Note 9 Pro Max:
      • 64MP Samsung ISOCELL Bright GW1 sensor,
      • f/1.89,
      • 1/1.72” sensor
    • Note 9 Pro:
      • 48MP Samsung ISOCELL Bright GM2 sensor,
      • f/1.79,
  • Secondary: 8MP 119° Wide-Angle Camera, f/2.2
  • Tertiary: 5MP, Macro with autofocus
  • Quaternary: 2MP, f/2.4, Depth Sensor

Video:

  • 4K @ 30fps
  • 1080p @ 60fps
  • Ultra-wide: 1080p @ 30fps
  • Slow-motion: 1080p @ 120fps, 720p @ 960fps
Front Camera
  • Note 9 Pro Max: 32MP
  • Note 9 Pro: 16MP
Other Features
  • 3.5mm headphone jack
  • IR Blaster
  • Side fingerprint scanner
Android Version MIUI 11 based on Android 10

Price & Availability

The Redmi Note 9 Pro Max will available in three variants for the following prices:

  • 6GB + 64GB – ₹14,999 (~$200)
  • 6GB + 128GB – ₹16,999 (~$230)
  • 8GB + 6128GB – ₹18,999 (~$255)

The two variant of the Redmi Note 9 Pro will be available at the following prices:

  • 4GB + 64GB – ₹12,999 (~$175)
  • 6GB + 128GB – ₹15,999 (~$215)

The Redmi Note 9 Pro will be available via Mi.com, Amazon India, and all Mi Stores starting March 17th while the Note 9 Pro Max will be available starting March 25th through the same portals.

The post Xiaomi launches Redmi Note 9 Pro and Redmi Note 9 Pro Max with Snapdragon 720G, up to 33W fast charging appeared first on xda-developers.



from xda-developers https://ift.tt/2TJuf1i
via IFTTT

Google Play Store adds a dark theme toggle for most Android versions

A system-wide dark mode has been one of the most requested features on Android for quite some time. With the first stable rollout of Android 10 last year, Google finally added a system-wide dark theme for the operating system. In addition to that, the company also rolled out individual dark mode toggles for many of its apps, including Google Keep, Files, Photos, Duo and more. Late last year in October, Google also rolled out a dark theme for the Google Play Store. However, the new dark theme on Android and the aforementioned apps was only available on devices running Android 10. Now, in a bid to bring the dark theme to more users, Google is adding a new toggle to the Google Play Store which will allow users to enable a dark theme on all Android devices.

As per a recent tweet from the company, the new Google Play Store dark theme toggle is now available for all Android devices and can be found within the Play Store settings. To enable the dark theme on your Android device, you can now tap on the hamburger menu button in the top left corner of the app, select the Settings option from the following menu, then tap on Theme and finally select the Dark option from the following pop-up window. As you can see in the attached video, the new Google Play Store dark theme toggle completely transforms the color scheme of the home page, Settings page, and search page of the app. Just like the system-wide dark theme on Android 10, the toggle also transforms the search results page, the detailed overview for an app listing, and even the ratings and review page for any given app. As mentioned in the tweet, the new dark theme toggle in Google Play is already available for all Android users now. In case you haven’t received it yet, you should receive an update with the toggle in the next couple of days.

The post Google Play Store adds a dark theme toggle for most Android versions appeared first on xda-developers.



from xda-developers https://ift.tt/38PuUCQ
via IFTTT

[Update 4: Realme UI beta recruitment for Realme X2 Pro] Realme announces its Android 10 update roadmap for the Realme X series

Update 4 (03/12/20 @ 03:13 AM EST): Realme X2 Pro users can now apply for Realme UI beta testing.

Update 3 (01/20/20 @ 00:55 AM EST): Realme X2 users in India can now apply for Realme UI beta starting today until January 27th, 2020. Meanwhile, the beta for Realme X2 Pro has already begun while stable updates for the Realme 3 Pro and XT have started to roll out.

Update 2 (11/27/19 @ 02:15 AM EST): Realme X2 Pro users can now apply to be a part of the ColorOS 7 beta in India starting today until December 3, 2019.

Update 1 (11/25/19 @ 03:15 AM EST):  Realme announces ColorOS 7 update release roadmap for Indian devices, including a beta for Realme 3 Pro, Realme XT, and the Realme X2 Pro starting December 18, 2019.

The table below has been updated with a month-wise roll-out schedule for India and China. The remaining parts of the original article from October 30, 2019, remain unchanged.

Realme is treading with a fast pace, especially when it comes to launching new devices. Earlier this month, they launched their first true flagship, the Realme X2 Pro, with Snapdragon 855+, 50W SuperVOOC charging, 64MP quad cameras, and so many other exciting features. At the same event in Madrid, Spain, the company also launched the Realme X2, which is the Realme XT but with faster 30W charging and a Snapdragon 730G for better performance, and the Realme Q (Realme 5 Pro in India). But one aspect of Realme phones that has left user expectations sore is the software and the company is now working to bring the experience closer to stock Android with ColorOS 7.

In the meantime, Realme is also working on making Android 10 available to the users and had earlier announced its timeline for the update for several older devices. They have now announced the Android 10 roll-out schedule for newer devices including the Realme X2 Pro and the Realme X2. As per the update, Realme X2 Pro will start receiving the Color OS 7 update based on Android 10 in the second quarter of 2020.

Realme X2 Pro XDA Forums || Realme X2 XDA Forums || Realme XT XDA Forums || Realme 5 Pro/Q XDA Forums || Realme X XDA Forums || Realme 3 Pro/X Lite XDA Forums

Notably, the schedule for the roll-out is for Chinese variants of the smartphones so we expect the global roll-out to come in the weeks following the initial updates. Realme should reveal dates for the Indian variants while launching the phone next month.

Source: Realme Community (Chinese) | Via: MySmartPrice


Update 1: Realme’s ColorOS 7 & Android 10 update schedules for Realme 3 Pro, XT, X2 Pro, others

Realme has updated the ColorOS 7 update schedule for India with a month-wise breakdown. In India, Realme will release a custom UI based on ColorOS 7 based on Android 10. This echoes their promise of bringing a UI closer to stock Android but we’re not sure of the exact changes yet. OPPO is set to announce ColorOS 6 in India on November 26, 2019, which is when we might get to learn more about this customized UI.

ColorOS 7 beta will also be released in India and China for certain devices starting December 18, 2019. Realme notes that users who’ve signed up for ColorOS 6.7 beta on Realme XT and Project X for Realme 3 Pro will also be eligible for the ColorOS 7 beta update but the toll out may take as long as Feb 2020. Beta registrations for Realme X2 Pro beta will begin on November 27 in India while the registration link will go live after the company concludes a poll on which devices besides the X2 Pro must get the beta update.

The table below notes the roll-out schedule for ColorOS 7 based on Android 10 for China and India. No announcement has been made by the European team for the update in the region.

Smartphone China India
Realme 2 Pro Not available in the region Jun 2020
Realme 3 Not available in the region Apr 2020
Realme 3 Pro/Realme X Lite Feb 2020 Jan 2020 (roll-out to existing beta users soon)
Realme X Q1 2020 Feb 2020
Realme 3i Not available in the region Apr 2020
Realme 5 / 5s Not available in the region May 2020
Realme 5 Pro/Realme Q Mar 2020 Feb 2020
Realme XT Not available in the region Jan 2020 (roll-out to existing beta users soon)
Realme X2 Apr 2020 Mar 2020
Realme X2 Pro Apr 2020 (beta starting 12/18/19) Mar 2020 (beta starting 12/18/19)
Realme C2 Not available in the region Q3 2020

Sources: Realme Community India (1)(2) | Realme Community China | Weibo


Update 2: Realme begins recruiting beta testers for ColorOS 7 beta

Realme has started opened applications for testers for the Realme X2 Pro’s ColorOS 7 beta update. Interested users can show their interest by filling up this form before December 3rd. The selected beta testers will be announced on December 9th.

The company recently announced the ColorOS 7 update schedule for the European users.

Source: Realme Community


Update 3: Realme seeks beta testers for Realme UI beta on Realme X2

Realme rolled out its new Android interface – Realme UI – to the Realme 3 Pro and the Realme XT in the last few days. Now, the company is looking to recruit beta testers for Realme UI beta on its latest smartphone – Realme X2. You can apply for the beta by filling up your details on this page on or before January 27th.

Source: Realme Community


Update 4: Realme UI beta testing open for the Realme X2 Pro

Realme is now looking for beta testers who are interested in trying out the RealmeUI on the Realme X2 Pro. If you are interested, you can follow the instructions mentioned in this post.

Source: Realme Community

The post [Update 4: Realme UI beta recruitment for Realme X2 Pro] Realme announces its Android 10 update roadmap for the Realme X series appeared first on xda-developers.



from xda-developers https://ift.tt/368lgtE
via IFTTT

OPPO’s 30W Wireless VOOC charging is ready to launch commercially

All the way back in January last year, Chinese smartphone manufacturer OPPO joined the Wireless Power Consortium. This led many people to believe that OPPO would soon launch a smartphone with wireless charging support, however, that didn’t end up happening. Although the company didn’t launch any device with wireless charging support, it did showcase its 30W Wireless VOOC Flash Charge technology later in the year and claimed that the technology used “real-time adjustment of the charging process and efficient charging components to ensure a more efficient and safer charging while avoiding overheating.” Furthermore, in order to “enhance safety” OPPO also adopted several hardware designs to avoid overheating, HVDC and a foreign object detection function to ensure that charging stopped immediately if the charging board detected a foreign metal object.

OPPO’s 30W Wireless VOOC Flash Charge has since only been implemented in the company’s prototype smartphone that features an under-display camera. We expected the brand to include the technology in the recently launched OPPO Find X2 series, but the company decided to skip that as well. When our Editor-in-Chief, Mishaal Rahman, asked the company about this, Edward Tian, Charging Engineer at OPPO revealed that the company had completed R&D for the 30W wireless charging technology and that it’s technically ready for launch. He further added that the technology can co-exist with the 65W SuperVOOC 2.0 charging on the Find X2, so there’s no technical limitation preventing the company to add the technology to the Find X2 series. Sadly though, OPPO didn’t exactly reveal why the technology wasn’t included in the Find X2 series, beyond the argument that it really isn’t necessary when the phone already charges so fast with its 65W SuperVOOC 2.0 tech.

Even though OPPO hasn’t included its 30W Wireless VOOC Flash Charge technology on any of its devices, we might soon see it in the upcoming OnePlus 8. For the unaware, OnePlus is a brand under BBK Electronics, just like OPPO, and OnePlus’ Dash/Warp Charge technology is derived from OPPO’s VOOC. Up until now, OnePlus hasn’t included wireless charging support on any of its devices as the company has long argued that wireless charging isn’t fast enough for their liking. But at 30W, the new wireless charging tech is just as fast as OnePlus’ Warp Charge 30. Interestingly, OnePlus recently joined the Wireless Power Consortium and there are credible rumors that suggest that OnePlus 8 will support wireless charging. This leads us to believe that we might see a rebranded version of OPPO’s 30W Wireless Flash Charge tech in the upcoming OnePlus 8.

The post OPPO’s 30W Wireless VOOC charging is ready to launch commercially appeared first on xda-developers.



from xda-developers https://ift.tt/2W7Vggu
via IFTTT

mercredi 11 mars 2020

Samsung will bring One UI 2.1 to the Galaxy Note 10, S10, Note 9, and S9

Samsung launched its flagship S20 series early last month, offering some impressive hardware specifications. These included the 100x Space Zoom camera on the S20 Ultra, the 108MP primary shooter with Nona Binning, and up to 16GB of LPDDR5 RAM. On the software front, the devices rolled out with One UI 2.1 based on Android 10 that included a couple of additional features like Spotify support in the Clock app. Other than the Galaxy S20 series, the Galaxy Z Flip is the only Samsung smartphone that runs One UI 2.1 right now. However, according to a recent report from Sammobile, the company will soon roll out One UI 2.1 to the Galaxy Note 10, S10, Note 9, and S9.

Samsung One UI 2.1 update Galaxy S10, Note 10, S9, Note 9

The report cites a post from a Samsung community moderator on Samsung’s Korean community portal which confirms that Samsung has planned to roll out One UI 2.1 not only for last year’s Galaxy S10 and Note 10 series but also for the Galaxy S9 and Note 9 series. As of now, Samsung has not revealed a timeline for the One UI 2.1 rollout, but it’s safe to assume that the Galaxy S10 and Note 10 device will get the update before the Galaxy S9 and Note 9 devices. In terms of software features, One UI 2.1 brings relatively fewer features, including Screen Zoom, Samsung Quick Share and the aforementioned Spotify support in the Clock app. It’s also worth noting that hardware-related features like the option to switch to 120Hz refresh rate won’t be making it to older devices even after the update due to obvious lack of hardware support.


Source: Samsung Community

Via: Sammobile

The post Samsung will bring One UI 2.1 to the Galaxy Note 10, S10, Note 9, and S9 appeared first on xda-developers.



from xda-developers https://ift.tt/2TIzSwN
via IFTTT

Magisk may no longer be able to hide bootloader unlocking from apps

XDA Recognized Developer topjohnwu‘s “Magisk” project has essentially become synonymous with “root” in the Android community. One of the main reasons it’s so popular is because it can hide the fact that the user has modified their device. However, Google may be cracking down on the ability of Magisk to hide the bootloader unlock status from applications.

In order to root your phone, you usually need to unlock the bootloader, which allows you to flash modified boot images. This is needed because Magisk modifies the boot image to spoof bootloader status and/or the Verified Boot status checks. Google’s SafetyNet Attestation API, which is part of Google Play Services, is used to tell an app if it’s running on a tampered device; if the SafetyNet API detects that the bootloader has been unlocked, then it will return a failure status for the “Basic Integrity” check. Devices that fail this check can then be locked out from apps that use the SafetyNet API to determine the device integrity; such apps typically include banking apps, payment apps (like Google Pay), and many online games (like Pokémon Go). However, because the SafetyNet API has thus far only used software checks to determine if the device has been tampered with, Magisk can simply spoof the bootloader and/or Verified Boot status since it is installed at a lower level and with higher privileges than Google Play Services and other userspace applications. As topjohnwu explains, MagiskHide “[creates] an isolated ‘safe environment’ for the detection process, and it goes through Google’s API to create a legit SafetyNet result that does not reflect the real status of the device.”

Recently, though, users have noticed that their bootloader-unlocked devices are failing SafetyNet’s Basic Integrity check even though they used Magisk to patch the boot image. According to topjohnwu, this is because Google may have implemented hardware-level key attestation to verify that the boot image has not been tampered with. Specifically, this means Google Play Services “[sends] an unmodified keystore certificate to SafetyNet servers, verify its legitimacy, and check certificate extension data to know whether your device [has] verified boot enabled (bootloader status).” This means that it may no longer be possible to hide the fact that the bootloader has been unlocked, which will result in applications like Google Pay and Pokémon Go failing to operate normally.

As topjohnwu noted, this change to the way that SafetyNet checks the bootloader unlock status comes through a server-side update to the SafetyNet API contained in Google Play Services. However, not every user is failing these updated SafetyNet checks, so the new hardware-level key attestation may not be widely enforced yet.

We’ve seen topjohnwu overcome technical hurdles time and time again. Google frequently rolls out new checks in SafetyNet that topjohnwu then discovers and bypasses in Magisk. Each new version of Android brings changes to the partition structure or boot image, requiring topjohnwu to study the changes and then implement a new patching method. However, even topjohnwu may struggle to find a bypass this time around.

That’s because the workaround this time would involve hacking the Trusted Execution Environment (TEE) firmware of devices in order to retrieve the private key. However, this is incredibly difficult to do as it requires finding a vulnerability in firmware that is designed to be incredibly secure. In fact, many companies offer payments in the hundreds of thousands of dollars if such a vulnerability were to be found. Google, for instance, pays $250,000 for remote code execution vulnerabilities in the Pixel’s Trusted Execution Environment, and up to $1,000,000 for vulnerabilities in the Titan M security chip. Even if a private key were somehow to be leaked, it’s unlikely that it would be of much use since Google can remotely revoke the key so it can’t be used to verify the integrity of devices.

Once hardware-level key attestation is widely enforced for SafetyNet, most devices with unlocked bootloaders running Android 8.0 Oreo or higher will fail to pass SafetyNet’s Basic Integrity check. This is because all devices that launched with Android 8.0 Oreo or higher are required to have a hardware keystore implemented in a TEE. Certain devices nowadays even have dedicated hardware security modules (HSMs) that make exploitation even more difficult by moving the TEE away from the main processor; the Titan M in the Pixel 4 and Samsung’s new security chip in the Galaxy S20 are examples of this.

Topjohnwu also explains that other potential workarounds are either impossible or highly challenging. Using the Xposed Framework to modify the SafetyNet Attestation API in Google Play Services likely won’t work since “proper SafetyNet checks will verify results on a remote server, not on [the] device which can be manipulated by code injection frameworks.” Furthermore, Google Play Services is highly obfuscated, making the creation of such an Xposed Module incredibly challenging in the first place. Spoofing a SafetyNet test result won’t be doable either since the SafetyNet responses “come from Google servers and are signed with Google’s private key.”

Google has had the ability to harden SafetyNet checks using hardware-backed key attestation for several years now. The fact that they refrained to do so for 3 years has allowed users to enjoy root and Magisk Modules without sacrificing the ability to use banking apps. However, it seems that Magisk’s ability to effectively hide the bootloader unlock status is soon coming to an end. It’s a change that we’ve expected for years, but we’re sad to see it finally go into effect. We hope that Google updates the SafetyNet Attestation API to return whether the status check used hardware-based attestation as this would allow app developers to decide if they want to block all users who have unlocked the bootloader.


Thanks to Daniel Micay (@DanielMicay) for his input regarding this matter!

The post Magisk may no longer be able to hide bootloader unlocking from apps appeared first on xda-developers.



from xda-developers https://ift.tt/2QnrkJN
via IFTTT