Magisk may no longer be able to hidden itself from apps

blog-list By Anonymous

On the day of 11 Mar, John Wu, the developer of Magisk tweeted So here we go, after years of fun messing around using Magisk, it seems that Google finally decided to "fix" SafetyNet to something useful caused some conversations about the “fix”.

As we can see, Magisk and Google have been playing hide-and-seek for many years: Google’s SafetyNet aims to be notified when it discovers a rooted device, but Magiskhide helps people keep spoofing apps, Pokémon Go, and other root-despising applications running. 

However, a good time like this may be gone, Google updates SafetyNet and rolling out via Play services, it seems like the end of the game. 

Generally speaking, you usually need to unlock the bootloader, which allows you to flash modified boot images. Magisk modifies the boot image to trick bootloader status or the verified Boot status checks. SafetyNet Attestation API is used to tell an app if it is running on a tampered device, and if the SafetyNet detects that bootloader has been unlocked, then it will return a failure status for the Basic Integrity check. This means you can't run apps such as banking apps, payment apps, and many online games(Pokékmon Go). 

Recently, though, users have noticed that their bootloader-unlocked devices are failing SafetyNet’s Basic Integrity check even though they used Magisk to patch the boot image. According to topjohnwu, this is because Google may have implemented hardware-level key attestation to verify that the boot image has not been tampered with. Specifically, this means Google Play Services “[sends] an unmodified Keystore certificate to SafetyNet servers, verify its legitimacy and check certificate extension data to know whether your device [has] verified boot enabled (bootloader status).” This means that it may no longer be possible to hide the fact that the bootloader has been unlocked, which will result in applications like Google Pay and Pokémon Go failing to operate normally.

Some users wonder can they continue to be able to use VMOS for AR-Based games, apparently that a tool in VMOS and Magsisk implement two different ways to bypass some SafetyNet tests, no worries. Just live in now, VMOS will always be with users, think what users think, aim to be a good partner with users. Furthermore, VMOS will keep continuing to develop more features.