this post was submitted on 28 May 2025
271 points (98.6% liked)
Technology
72729 readers
1593 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
It doesn't make it "tricky", it makes it impossible.
Stares at rooted A13+ phone passing 2/3 new integrity checks
It's possible, but it's annoying.
Those are the wrong integrity checks
No, they're absolutely not. Check out tricky store and play integrity fork to see how we're faking a trusted environment on custom and rooted roms. You can pass new basic+device integrity (equivalent to old strong) with a valid unrevoked keybox on A13+ and strong on <=A12.
It's a new stage in the arms race for sure but it's still possible to bypass until all of the keys used to sign keyboxes are revoked.
Edit: the device fingerprint is just as important as the keybox too, either can cause you to fail integrity checks. It's way more annoying to manage than the legacy "just flash PIF" bypass ever was.