this post was submitted on 21 Jan 2025
25 points (83.8% liked)

Android

28383 readers
272 users here now

DROID DOES

Welcome to the droidymcdroidface-iest, Lemmyest (Lemmiest), test, bestest, phoniest, pluckiest, snarkiest, and spiciest Android community on Lemmy (Do not respond)! Here you can participate in amazing discussions and events relating to all things Android.

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules


1. All posts must be relevant to Android devices/operating system.


2. Posts cannot be illegal or NSFW material.


3. No spam, self promotion, or upvote farming. Sources engaging in these behavior will be added to the Blacklist.


4. Non-whitelisted bots will be banned.


5. Engage respectfully: Harassment, flamebaiting, bad faith engagement, or agenda posting will result in your posts being removed. Excessive violations will result in temporary or permanent ban, depending on severity.


6. Memes are not allowed to be posts, but are allowed in the comments.


7. Posts from clickbait sources are heavily discouraged. Please de-clickbait titles if it needs to be submitted.


8. Submission statements of any length composed of your own thoughts inside the post text field are mandatory for any microblog posts, and are optional but recommended for article/image/video posts.


Community Resources:


We are Android girls*,

In our Lemmy.world.

The back is plastic,

It's fantastic.

*Well, not just girls: people of all gender identities are welcomed here.


Our Partner Communities:

[email protected]


founded 2 years ago
MODERATORS
 

Users of android ROMs or rooted devices are often unable to use certain apps because they make a request to google to check whether the phone is "safe" or "secure" or whatever wording they use. Is there a way to trick those apps? Pretend to be google, remove/replace the google check, or even intercept the check at runtime and return that "everything is alright"?

Game have been hacked, cracked, or what for ages. It's surely possible with android apps, isn't it?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 17 points 1 day ago

There are three levels of security, and it depends on what your app will check for.

Basic: This is essentially unsecure at this point, and any app that checks for security will almost certainly check for a higher level. If you root your phone, you likely will just show "basic." Netflix will be low quality and most banking apps will not work, even if you use the default root features to hide your root.

Device: This is considered the norm for security checks and current peak efficiency point for accessing secure apps. You can spoof this level of security with Magisk if you are rooted (optionally unlocked), plus Play Integrity Fix as a plugin to Magisk. Note that you have to keep it updated - it is based on spoofing a device fingerprint that is shared at the plugin-level, and which Google periodically blocks. You can also learn to find your own fingerprint if you are tech savvy, but it could still be blocked and can be time-consuming. This is the minimum level to use Google Wallet NFC payments and most banking apps. If done right, Netflix will stream high quality as well.

Strong: This is the highest level of security, which an app thinks will only be present if you have a fully locked bootloader and are unrooted. Some banking apps require this now, but a year from now, it likely will be the norm. A year ago, this wasn't able to be spoofed, but now there is something called Tricky Store that can spoof this and show Strong security to apps even when unlocked and rooted. However, it is much more complicated to set up - be prepared to join sketchy Telegram groups and scrounge for elusive security files.