- cross-posted to:
- programming@programming.dev
- cross-posted to:
- programming@programming.dev
I’m happy to see this being noticed more and more. Google wants to destroy the open web, so it’s a lot at stake.
Google basically says “Trust us”. What a joke.
They claim it’s to prevent bots, but we all know it’ll soon become standard in every WAF out there (Cloudflare, Akamai, etc) to just blanket block browsers failing attestation.
All you need to know what will happen is to root an Android phone. You’d expect Netflix and bank apps and other highly sensitive apps to stop working. Okay, I can accept that, it kind of make sense. But the more you use the phone the more you realize a ton of apps also refuse to work. Zoom complains and marks your session as insecure, the Speedtest app refuses to test your speed, even the fucking weather app won’t give you weather anymore. Jira/Confluence/Outlook/Teams also complain about it. It’s ridiculous.
Even if it’d trust Google to not misuse the feature and genuinely use it to reduce ad fraud, the problem is the rest of the developers and companies. Those, they absolutely cannot be trusted to not abuse the feature to block everyone. Security “consultants” will start mandating its use to pass security audits, government websites will absolute use it, and before you know it, half the web refuses to work unless you use Chrome, Edge or Safari.
Yup I noticed this also. I used a rooted phone without Google apps on it and so many apps simply refused to work. They use Googles api in the background which means Google finds out about literally everything we do on our phones. They already own the entire operating system but we can’t even run apps without them being in the middle.
This is all similar to using Microsoft Windows or Mac OS so I guess people are so used to this behavior that it’s somehow ok.
But I’m a long term Linux user and I’m used to the OS not calling home and not reporting what apps I use. And this is how it should be. I’m so over big tech it’s not even funny anymore.
This has nothing to do with being rooted but with Google encouraging people to build apps using its proprietary libraries to make Google Android more valuable than Android Open Source Project. There may be a connection to the EU’s attempts to stop Google from forcibly bundling several of its other apps with the Play Store.
For most use cases, good alternatives are available and it’s just a matter of developers being lazy, but I’m not sure there’s another good option for chat apps to get timely notifications without high battery consumption. MicroG provides an open source alternative to Google’s libraries and works for most apps, including chat notifications.
I have a rooted LineageOS running Android and besides Kostum widgest everything is working fine. Yea I had to fiddle around with the banking app, but other than some popups and ingame stores not working everything is fine.
I heard spoofing safety net is possible with magisk so banking apps should work with it
Unfortunately some apps don’t check only for SafetyNet
What other ways are there? At least my banking app worked with spoofed safetynet
Checking whether the bootloader is locked or not, checking for abnormal system properties like whether the ROM is using release keys or test keys, and other methods that idk of, you can test momo which is an app that checks the environment and tells you if there is anything abnormal about it, some use it to check if they were successful at hiding root and anything abnormal