LightBlog

samedi 30 janvier 2021

How to (maybe) bypass SafetyNet hardware attestation on devices with an unlocked bootloader

Over the last couple of years, the challenge of bypassing SafetyNet Attestation has evolved from a simple cat and mouse game between Google and the modding community to a burgeoning battle chock full of obscure barriers. Thanks to the rise of hardware-backed attestation techniques, it is very difficult to bypass the boot image integrity verification routine and hide root access. Installing Magisk alone wouldn’t be sufficient to circumvent the latest SafetyNet update, especially on newer devices. This is exactly where the Universal SafetyNet Fix Magisk module comes in.

While legacy device owners, as well as custom ROM users, often utilize modules like MagiskHide Props Config to spoof the CTS profile to pass basic attestation, as long as the method in question relies on a valid combination of device and model names, build fingerprints, and security patch levels, there’s no guarantee that the root hiding trick will remain useful in the future. This is due to the fact that Google Play Services is starting to use hardware attestation for CTS profile validation in many cases, even when basic attestation is selected.

In more technical terms, even if the SafetyNet Attestation API response from GMS will report that basic attestation was used, hardware attestation is always used regardless of the reported state in order to enforce integrity. As a consequence, the existence of a bootloader unlocked state in the key attestation report results in SafetyNet Attestation failing to pass.

In case you have an Android device that has an unlocked bootloader (or locked using custom verified boot keys) and thus doesn’t pass hardware attestation, then the Universal SafetyNet Fix Magisk module may fix that. Created by Danny Lin AKA XDA Senior Member kdrag0n, the module works by taking advantage of the opportunistic nature of the hardware attestation routine. Quoting the developer:

… it (hardware attestation) falls back to basic attestation if key attestation fails to run — and prevent GMS from using key attestation at the framework level. This causes it to gracefully fall back to basic attestation and pass SafetyNet with an unlocked bootloader.

The “not implemented” error code from Keymaster is used to simulate the most realistic failure condition to evade detection, i.e. an old device that lacks support for key attestation.

The workaround is already available pre-integrated on the ProtonAOSP ROM from the same developer, which lets you pass SafetyNet without Magisk on fairly modern devices such as the Google Pixel 5. If you are a custom ROM maintainer and you wish to integrate this method with your build, you can do so by cherry-picking the necessary patches from this repository. On the other hand, the latest version of the ready-to-flash Magisk Module variant can be found here. Note that MagiskHide is still required if the target device is rooted.

Universal SafetyNet Fix: XDA Thread ||| GitHub Repo

The post How to (maybe) bypass SafetyNet hardware attestation on devices with an unlocked bootloader appeared first on xda-developers.



from xda-developers https://ift.tt/3j1lZVq
via IFTTT

How to (maybe) bypass SafetyNet hardware attestation on devices with an unlocked bootloader

Over the last couple of years, the challenge of bypassing SafetyNet Attestation has evolved from a simple cat and mouse game between Google and the modding community to a burgeoning battle chock full of obscure barriers. Thanks to the rise of hardware-backed attestation techniques, it is very difficult to bypass the boot image integrity verification routine and hide root access. Installing Magisk alone wouldn’t be sufficient to circumvent the latest SafetyNet update, especially on newer devices. This is exactly where the Universal SafetyNet Fix Magisk module comes in.

While legacy device owners, as well as custom ROM users, often utilize modules like MagiskHide Props Config to spoof the CTS profile to pass basic attestation, as long as the method in question relies on a valid combination of device and model names, build fingerprints, and security patch levels, there’s no guarantee that the root hiding trick will remain useful in the future. This is due to the fact that Google Play Services is starting to use hardware attestation for CTS profile validation in many cases, even when basic attestation is selected.

In more technical terms, even if the SafetyNet Attestation API response from GMS will report that basic attestation was used, hardware attestation is always used regardless of the reported state in order to enforce integrity. As a consequence, the existence of a bootloader unlocked state in the key attestation report results in SafetyNet Attestation failing to pass.

In case you have an Android device that has an unlocked bootloader (or locked using custom verified boot keys) and thus doesn’t pass hardware attestation, then the Universal SafetyNet Fix Magisk module may fix that. Created by Danny Lin AKA XDA Senior Member kdrag0n, the module works by taking advantage of the opportunistic nature of the hardware attestation routine. Quoting the developer:

… it (hardware attestation) falls back to basic attestation if key attestation fails to run — and prevent GMS from using key attestation at the framework level. This causes it to gracefully fall back to basic attestation and pass SafetyNet with an unlocked bootloader.

The “not implemented” error code from Keymaster is used to simulate the most realistic failure condition to evade detection, i.e. an old device that lacks support for key attestation.

The workaround is already available pre-integrated on the ProtonAOSP ROM from the same developer, which lets you pass SafetyNet without Magisk on fairly modern devices such as the Google Pixel 5. If you are a custom ROM maintainer and you wish to integrate this method with your build, you can do so by cherry-picking the necessary patches from this repository. On the other hand, the latest version of the ready-to-flash Magisk Module variant can be found here. Note that MagiskHide is still required if the target device is rooted.

Universal SafetyNet Fix: XDA Thread ||| GitHub Repo

The post How to (maybe) bypass SafetyNet hardware attestation on devices with an unlocked bootloader appeared first on xda-developers.



from xda-developers https://ift.tt/3j1lZVq
via IFTTT

OnePlus 6 and OnePlus 6T seeing work for mainline Linux kernel support

One of the perks of buying a OnePlus smartphone is the aftermarket development support. The company is generally known for its timely kernel source code releases (they have been slow at publishing sources a couple of times) and promotion of custom ROMs for EOL devices among other things, which makes it a fan favorite in the developer community. We often speak about devices outliving their generation by leaps and bounds, and now it looks like two OnePlus phones are about to achieve a similarly remarkable feat in terms of third-party development. It’s been nearly three years since the launch of the OnePlus 6 series, but if you still have a OnePlus 6 or a OnePlus 6T lying around, it may soon be possible to boot it with the mainline Linux kernel.

OnePlus 6 Forums ||| OnePlus 6T Forums

The one thing that might convince many users to finally lay their old device to rest is if unofficial software support ends for the foreseeable future — something that is almost a guarantee to happen with nearly every smartphone out there. However, there is an independent developer named Caleb Connolly, who has been working hard to include the OnePlus 6 and 6T in the mainline Linux kernel, which will surely help pave the way for the prolonged life of these devices. He has already taken the important step of successfully booting a postmarketOS instance on the device duo.

OnePlus 6 running postmarketOS Linux

With the OnePlus 6/6T being built atop the Qualcomm Snapdragon 845 platform, the upstreaming effort isn’t too convoluted but principally adding the appropriate device tree bits for the kernel. Thanks to the existing minimal mainline support for the platform, features like Bluetooth, Wi-Fi, and 3D Acceleration are already working at the current stage of development. What’s more interesting is that users can even dual-boot postmarketOS and Android on the OnePlus 6 and 6T using the custom installer created by the developer.

postmarketOS for the OnePlus 6 and the OnePlus 6T

Previously, there have been Windows 10 ARM bootstrapped for the OnePlus 6T by another independent developer, albeit it didn’t spark too much interest. The situation is entirely different now, as Caleb has been actively involved in the process of upstreaming kernel patches with hopes of improving the situation for those wanting to run Linux on the OnePlus 6 and 6T in the near future. We look forward to many years of continued development for these phones.

The post OnePlus 6 and OnePlus 6T seeing work for mainline Linux kernel support appeared first on xda-developers.



from xda-developers https://ift.tt/3pxGLON
via IFTTT

OnePlus 6 and OnePlus 6T seeing work for mainline Linux kernel support

One of the perks of buying a OnePlus smartphone is the aftermarket development support. The company is generally known for its timely kernel source code releases (they have been slow at publishing sources a couple of times) and promotion of custom ROMs for EOL devices among other things, which makes it a fan favorite in the developer community. We often speak about devices outliving their generation by leaps and bounds, and now it looks like two OnePlus phones are about to achieve a similarly remarkable feat in terms of third-party development. It’s been nearly three years since the launch of the OnePlus 6 series, but if you still have a OnePlus 6 or a OnePlus 6T lying around, it may soon be possible to boot it with the mainline Linux kernel.

OnePlus 6 Forums ||| OnePlus 6T Forums

The one thing that might convince many users to finally lay their old device to rest is if unofficial software support ends for the foreseeable future — something that is almost a guarantee to happen with nearly every smartphone out there. However, there is an independent developer named Caleb Connolly, who has been working hard to include the OnePlus 6 and 6T in the mainline Linux kernel, which will surely help pave the way for the prolonged life of these devices. He has already taken the important step of successfully booting a postmarketOS instance on the device duo.

OnePlus 6 running postmarketOS Linux

With the OnePlus 6/6T being built atop the Qualcomm Snapdragon 845 platform, the upstreaming effort isn’t too convoluted but principally adding the appropriate device tree bits for the kernel. Thanks to the existing minimal mainline support for the platform, features like Bluetooth, Wi-Fi, and 3D Acceleration are already working at the current stage of development. What’s more interesting is that users can even dual-boot postmarketOS and Android on the OnePlus 6 and 6T using the custom installer created by the developer.

postmarketOS for the OnePlus 6 and the OnePlus 6T

Previously, there have been Windows 10 ARM bootstrapped for the OnePlus 6T by another independent developer, albeit it didn’t spark too much interest. The situation is entirely different now, as Caleb has been actively involved in the process of upstreaming kernel patches with hopes of improving the situation for those wanting to run Linux on the OnePlus 6 and 6T in the near future. We look forward to many years of continued development for these phones.

The post OnePlus 6 and OnePlus 6T seeing work for mainline Linux kernel support appeared first on xda-developers.



from xda-developers https://ift.tt/3pxGLON
via IFTTT

How to add support for the PlayStation 5’s DualSense controller on your rooted Android phone

Did you manage to get your hands on a PlayStation 5 at long last? If you did, you surely must be enjoying the new DualSense controller accompanying the console. Since the launch of the DualShock 4 with the PlayStation 4, the controllers for the PlayStation have also been an amazing controller to use on other devices, such as your PC, and yes, your smartphone. Android does support the DualShock 4 for the most part in current versions, and you can expect to use your controller just the way you would use it on your PS4. The PS5’s DualSense, though? Your mileage may vary. To be clear, it’s an amazing controller that adds to the best aspects of the DualShock 4 with new features and improvements across the board. But it’s too new, and so your older Android device may not support it. If your device is rooted, though, then all you have to do is install the 1Controller Magisk module to make the DualSense controller map button presses properly.

We’ve covered this mod before, but in case you missed it, the 1Controller module basically provides layout files for various controllers, such as those from the PlayStations, Xbox controllers, and more. While Android has controller layouts for a bunch of popular controllers, such as the DualShock 4, the availability of controller layouts may vary depending on your manufacturer and Android version. Thus, if you have a controller that is popular but is not properly supported by your system, then this module will have you covered. Conveniently, this module supports the PlayStation 5’s DualSense controller which, being so new, may not be properly mapped on many Android devices.

1Controller XDA Thread

So, does this all sound good to you? It sure does to me. Be mindful that you do need to install Magisk on your device in order to install this module, so if you haven’t rooted your phone yet and you want to use your oh-so-white controller with your smartphone, then go install Magisk and then come back. Done? Then you should by all means go ahead and check out the newest version of this Magisk module.

Download the 1Controller Magisk Module

The post How to add support for the PlayStation 5’s DualSense controller on your rooted Android phone appeared first on xda-developers.



from xda-developers https://ift.tt/3t5zDvv
via IFTTT

How to add support for the PlayStation 5’s DualSense controller on your rooted Android phone

Did you manage to get your hands on a PlayStation 5 at long last? If you did, you surely must be enjoying the new DualSense controller accompanying the console. Since the launch of the DualShock 4 with the PlayStation 4, the controllers for the PlayStation have also been an amazing controller to use on other devices, such as your PC, and yes, your smartphone. Android does support the DualShock 4 for the most part in current versions, and you can expect to use your controller just the way you would use it on your PS4. The PS5’s DualSense, though? Your mileage may vary. To be clear, it’s an amazing controller that adds to the best aspects of the DualShock 4 with new features and improvements across the board. But it’s too new, and so your older Android device may not support it. If your device is rooted, though, then all you have to do is install the 1Controller Magisk module to make the DualSense controller map button presses properly.

We’ve covered this mod before, but in case you missed it, the 1Controller module basically provides layout files for various controllers, such as those from the PlayStations, Xbox controllers, and more. While Android has controller layouts for a bunch of popular controllers, such as the DualShock 4, the availability of controller layouts may vary depending on your manufacturer and Android version. Thus, if you have a controller that is popular but is not properly supported by your system, then this module will have you covered. Conveniently, this module supports the PlayStation 5’s DualSense controller which, being so new, may not be properly mapped on many Android devices.

1Controller XDA Thread

So, does this all sound good to you? It sure does to me. Be mindful that you do need to install Magisk on your device in order to install this module, so if you haven’t rooted your phone yet and you want to use your oh-so-white controller with your smartphone, then go install Magisk and then come back. Done? Then you should by all means go ahead and check out the newest version of this Magisk module.

Download the 1Controller Magisk Module

The post How to add support for the PlayStation 5’s DualSense controller on your rooted Android phone appeared first on xda-developers.



from xda-developers https://ift.tt/3t5zDvv
via IFTTT

vendredi 29 janvier 2021

The ROG Phone 5 could have a dot matrix on the back for Aura Lighting

The ROG Phone from ASUS is the quintessential gaming phone. It has the most powerful chipset in an Android phone, shoulder buttons, an uninterrupted display, an active cooling attachment, and RGB lighting. The ROG logo that lights up on the back hasn’t changed in the 3 generations of ROG Phones that ASUS has released, but it looks like the Taiwanese brand will shake things up with the next phone in the series: the ROG Phone 5. (We don’t know exactly what it’ll be called, but there’s a chance ASUS will refrain from marketing it as the ROG Phone 4 given the popularity of the tetraphobia superstition in East Asian countries.)

Earlier this month, ASUS published a teaser on its Weibo page that hinted at the next ROG Phone’s upcoming launch. Given the ROG Phone 3 launched in July of 2020, the launch of the ROG Phone 5 seems to be happening a bit earlier than expected. A lot of devices are being released earlier than usual this year, though, so this isn’t too surprising. Shortly after ASUS teased the ROG Phone 5, a photo and later a brief hands-on video of the alleged device were posted to Weibo. The leaked image and video gave us a first look at the phone’s tiny secondary display on the back. This small display appears to support showing alerts for games and notifications for incoming calls.

Now, a listing published on the Chinese certification site TENAA shows us the ROG Phone 5 in greater detail. On the back, we can see the number “05” (which suggests this is indeed the ROG Phone “5”), “REPUBLIC OF GAMERS”, “EST. 2006” (the year the brand was founded), and “TENCENT GAMES.” ASUS has typically offered a custom version of its ROG smartphones in China in collaboration with Tencent Games, so we’re likely looking at the Tencent version of the device here. The Tencent model typically compromises on a few internal hardware components in order to cut down on costs, but the overall design should be similar to the international model.

We can also see on the back that the area on the bottom-left is a dot matrix used for the phone’s Aura Lighting feature. The image of the rear submitted to TENAA shows the ROG logo lit up, but the lighting can likely be customized in the phone’s software. The dot matrix design on the back of the ROG Phone 5 reminds me of the Lightning Armor case that ASUS offers for the ROG Phone 3.

Other than the aforementioned changes to the rear design, we don’t see a lot of other design changes. The cameras look the same, the dual front-facing speakers are still there, the selfie camera on the right is still there, the display still seems to have no notch or hole-punch, and the ports still seem to be in the same location. The SIM card tray cover has a neat red color, but we’re not sure if that’s a Tencent-exclusive design change.

Not much else is known about the ROG Phone 5. According to the rest of the certification listing (H/T @_the_tech_guy), the device will have a 6.78-inch OLED display, a dual-cell battery design (2x 3000mAh batteries), run Android 11, and measure 172.834 x 77.252 x 10.29 mm in dimensions. A previous certification listing revealed the device will support 65W fast wired charging. We expect it’ll have Qualcomm’s flagship Snapdragon 888, ample amounts of RAM and storage, and other flagship-tier hardware.

The ROG Phone 3 was our favorite gaming phone of 2020. With competition from new entrants to the field like Lenovo and soon Redmi, the ROG Phone 5 will need to debut with exclusive gaming features that’ll justify its likely high price tag.

The post The ROG Phone 5 could have a dot matrix on the back for Aura Lighting appeared first on xda-developers.



from xda-developers https://ift.tt/36rMluF
via IFTTT