this post was submitted on 29 Jul 2023
1224 points (98.2% liked)
Technology
59118 readers
6622 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
They claim it's to prevent bots, but we all know it'll soon become standard in every WAF out there (Cloudflare, Akamai, etc) to just blanket block browsers failing attestation.
All you need to know what will happen is to root an Android phone. You'd expect Netflix and bank apps and other highly sensitive apps to stop working. Okay, I can accept that, it kind of make sense. But the more you use the phone the more you realize a ton of apps also refuse to work. Zoom complains and marks your session as insecure, the Speedtest app refuses to test your speed, even the fucking weather app won't give you weather anymore. Jira/Confluence/Outlook/Teams also complain about it. It's ridiculous.
Even if it'd trust Google to not misuse the feature and genuinely use it to reduce ad fraud, the problem is the rest of the developers and companies. Those, they absolutely cannot be trusted to not abuse the feature to block everyone. Security "consultants" will start mandating its use to pass security audits, government websites will absolute use it, and before you know it, half the web refuses to work unless you use Chrome, Edge or Safari.
I have a rooted LineageOS running Android and besides Kostum widgest everything is working fine. Yea I had to fiddle around with the banking app, but other than some popups and ingame stores not working everything is fine.
I heard spoofing safety net is possible with magisk so banking apps should work with it
Unfortunately some apps don't check only for SafetyNet
What other ways are there? At least my banking app worked with spoofed safetynet
Checking whether the bootloader is locked or not, checking for abnormal system properties like whether the ROM is using release keys or test keys, and other methods that idk of, you can test momo which is an app that checks the environment and tells you if there is anything abnormal about it, some use it to check if they were successful at hiding root and anything abnormal