undefined | Better HN

0 pointssubscribed1mo ago0 comments

But you can run modified client already.

Rooted, wildly insecure devices can pass the attestation easily: https://magisk.dev/modules/play-integrity-fix-inject/

Safe, updated devices cannot unless they permit Google to run their surveillance services in the privileged, unconstrained mode.

0 comments

pwlb1mo ago

The documentation actually reveals why this will most likely not work, given you are on expert on mobile security

Oh, you don't say. The above was a link to the source module, but ad with magisk there are many ways to peel the potato.

I've see countless users confirming it works for them, for example by using this workflow: https://magiskzip.com/how-to-pass-integrity-with-strong-chec...

But as an expert on the mobile security you can assure us its not possible to spoof Google play integrity pass with Magisk - am I right?

j / k navigate · click thread line to collapse

pwlb1mo ago

The documentation actually reveals why this will most likely not work, given you are on expert on mobile security

Oh, you don't say. The above was a link to the source module, but ad with magisk there are many ways to peel the potato.

I've see countless users confirming it works for them, for example by using this workflow: https://magiskzip.com/how-to-pass-integrity-with-strong-chec...

But as an expert on the mobile security you can assure us its not possible to spoof Google play integrity pass with Magisk - am I right?

j / k navigate · click thread line to collapse