Comment

Comment on Google Play’s latest security change may break many Android apps for some power users. The Play Integrity API uses hardware-backed signals that are trickier for rooted devices and custom ROMs to pass.

Zwuzelmaus@feddit.org ⁨1⁩ ⁨week⁩ ago

Google’s updated Play Integrity API

How can these people talk about “integrity” when they break real existing phones?

I call this the opposite of integrity.

source

Sort:hotnew top

tinned_tomatoes@feddit.uk ⁨1⁩ ⁨week⁩ ago
Bit hyperbolic, don’t you think? Rooted/Custom ROM users are so tiny, and they typically use security vulnerabilities to obtain root access. It’s not exactly surprising that Google closes those vulnerabilities when it can.

source
- Zak@lemmy.world ⁨1⁩ ⁨week⁩ ago
  Many devices, including Google’s own Pixel devices have user-unlockable bootloaders. No security vulnerabilities are involved in the process of gaining root access or installing a third-party Android distribution on those devices.
  
  What’s going on here isn’t patching a vulnerability, but tightening remote attestation, a means by which a device can prove to a third party app that it is not modified. They’re selling it as “integrity” or proof that a device is “genuine”, but I see it as an invasion of user privacy.
  
  Google can’t exactly make root access and custom ROMs easier to use in 2025.
  
  Sure they can. They’re in a much stronger position to dictate terms to app developers than they were in 2010 when it was not yet clear there would be an Android/iOS duopoly.
  
  They don’t want to though, because their remote attestation scheme means they can force OEMs to only bundle Google-approved Android builds that steer people to use Google services that make money for Google, and charge those OEMs licensing fees. A phone that doesn’t pass attestation isn’t commercially viable because enough important apps (often banking apps) use it.
  
  source
  - Appoxo@lemmy.dbzer0.com ⁨1⁩ ⁨week⁩ ago
    Unlocked bootloader ≠ Root access.
    
    source
    Zak@lemmy.world ⁨1⁩ ⁨week⁩ ago
    Correct, but it is necessary to unlock the bootloader to gain root access.
    
    source
- kittenzrulz123@lemmy.blahaj.zone ⁨1⁩ ⁨week⁩ ago
  Many people use LineageOS and GraphineOS for security, privacy, and features that base Android simply doesn’t ship.
  
  source
- Zwuzelmaus@feddit.org ⁨1⁩ ⁨week⁩ ago
  Or is it rather your definition of security or vulnerability that is questionable.
  
  source
- 0x0@infosec.pub ⁨1⁩ ⁨week⁩ ago
  The fuck did you just call me? Ill have you know im actually HUGE
  
  source