storage-backups/PlayIntegrityFix
1
0
Fork 0
mirror of https://github.com/chiteroman/PlayIntegrityFix.git synced 2025-03-14 15:27:29 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update README.md

Browse Source 
Stick in the XDA thread for TS, since it's not mentioned in the README
This commit is contained in:
Thisisauser6443 2025-03-02 16:16:40 +00:00 committed by GitHub
parent 042aafb269
commit a9df56dd3a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -44,7 +44,7 @@ And in SafetyNet you should get this:
- evaluationType: BASIC
## A word on passing Strong Integrity
While this module only returns passing verdicts for as far up as `MEETS_DEVICE_INTEGRITY`, it is possible to achieve a passing verdict for `MEETS_STRONG_INTEGRITY` by using [5ec1cff's TrickyStore](https://github.com/5ec1cff/TrickyStore). To put simply, this allows for spoofing a valid certificate chain (Often distributed as a file named `keybox.xml` and just called a _keybox_) to your device's [Trusted Execution Environment (TEE) module](https://en.wikipedia.org/wiki/Trusted_execution_environment), in addition to spoofing the bootloader as locked.
While this module only returns passing verdicts for as far up as `MEETS_DEVICE_INTEGRITY`, it is possible to achieve a passing verdict for `MEETS_STRONG_INTEGRITY` by using [5ec1cff's TrickyStore](https://github.com/5ec1cff/TrickyStore) ([XDA thread](https://xdaforums.com/t/tricky-store-bootloader-keybox-spoofing.4683446/)). To put simply, this allows for spoofing a valid certificate chain (Often distributed as a file named `keybox.xml` and just called a _keybox_) to your device's [Trusted Execution Environment (TEE) module](https://en.wikipedia.org/wiki/Trusted_execution_environment), in addition to spoofing the bootloader as locked.
**However, it must be stressed that a keybox is hard to come by**, given that they're leaked (Usually inadvertently) from OEMs and vendors. Even still, they are also often quite quickly revoked, due to a combination of people sending a deluge of server requests (Mostly for flexing their strong verdicts, which they probably didn't need anyway... You know who you are) and Google [deploying specialised crawlers](https://developers.google.com/search/docs/crawling-indexing/google-special-case-crawlers#google-safety) for automated detection. And, as quickly mentioned before, **you'll likely won't even need one, since basic functions (NFC payments and RCS messaging... etc.) and the vast majority of apps only mandate device integrity/a spoofed locked bootloader**.