Related
Safetynet is really becoming widely used in apps such as Netflix and Banking apps and while other devices pass safetynet through magisk easily, our devices could not. At best case scenario only the basic integrity check passes. Now, there is a kernel patch made by sultanxda to bypass the safetynet check on our kernels. Would it be worth it if someone recompiles Anykernel with the safetynet patch?
Lightracer said:
Safetynet is really becoming widely used in apps such as Netflix and Banking apps and while other devices pass safetynet through magisk easily, our devices could not. At best case scenario only the basic integrity check passes. Now, there is a kernel patch made by sultanxda to bypass the safetynet check on our kernels. Would it be worth it if someone recompiles Anykernel with the safetynet patch?
Click to expand...
Click to collapse
you should ask Android-andi directly, when he gets back his LG device
Disabling a security feature sounds stupid if i care about rom security all the time... Beside that i am not even sure if we would ever need that mentioned kernel patch.
ninestarkoko said:
you should ask Android-andi directly, when he gets back his LG device
Click to expand...
Click to collapse
Andi's AnyKernel thread mentions "No Feature Requests" so I don't really want to donate
$$$ to a charity because I'm broke
Android-Andi said:
Disabling a security feature sounds stupid if i care about rom security all the time... Beides that i am not even sure if we would ever need that mentiones kernel patch.
Click to expand...
Click to collapse
Maybe you're right, posts about that kernel patch dates back to October 2016 and I can't find any threads for it
Lightracer said:
Safetynet is really becoming widely used in apps such as Netflix and Banking apps and while other devices pass safetynet through magisk easily, our devices could not. At best case scenario only the basic integrity check passes. Now, there is a kernel patch made by sultanxda to bypass the safetynet check on our kernels. Would it be worth it if someone recompiles Anykernel with the safetynet patch?
Click to expand...
Click to collapse
i applied this patch on a non-public test build of rr 5.7.4. this patch dont solve the problem for now, because hide magisk is not working properly with our tab.
smart-t78 said:
i applied this patch on a non-public test build of rr 5.7.4. this patch dont solve the problem for now, because hide magisk is not working properly with our tab.
Click to expand...
Click to collapse
Oh, is the problem found yet or is it still a mystery?
Lightracer said:
Oh, is the problem found yet or is it still a mystery?
Click to expand...
Click to collapse
its still a mystery.
i worked on a rr version with inbuilt magisk some weeks ago. root works without problems but hide magisk dont do his job. so it doesnt matter if the patch applied or not. cts profile check fails.
This tablet P3110 used to do Netflix just fine... What was the last Netflix version before the switch? And is that version still working for Netflix viewing or is it blocked too?
ONLY FOR INFO
https://www.lineageos.org/Safetynet/
Just an small update: we don't need this freaking kernel workarounds other devices need because of the bootloader.
Latest slim6 and omni6 by me, also latest official lineage pass safetynet out of the box (not sure if lineage needs magisk to hide su, slim6 and omni6 are "user" builds and don't even allow adb root access)
Did anybody using Magisk 16 on Honor 8? My main concern is the Magisk Hide and the safety checks...
Since Magisk 16 there are some support on Honor devices but in the real life I am not sure if is a point to going away from SuperSU...
It works fine. Supersu was taken over by a Chinese company. Chel stopped reviewing code for it. So unless you like your privacy, stick with supersu.
agraceful said:
It works fine. Supersu was taken over by a Chinese company. Chel stopped reviewing code for it. So unless you like your privacy, stick with supersu.
Click to expand...
Click to collapse
Everything is about privacy in this days...
Which is the last version of SuperSU, which was maintained by Chel?
So for privacy point is better Magisk. How is the privacy in Magisk? That's a big question
Which version of Magisk you're using? I have FRD-L09C432b394 but I am wondering if the Magisk Hide and the safety checks will work, because this s known problem with Honor/Huawei devices. I see the support from v16 for Honor devices but I don't know what's clearly mean that.
it's been working fine for me including safetynet. Interestingly, I have to keep USB debugging enabled to pass safetynet
jasonvxs4 said:
Interestingly, I have to keep USB debugging enabled to pass safetynet
Click to expand...
Click to collapse
THANK YOU, THANK YOU, THANK YOU!
I was looking everywhere as to why it was passing before the update to B404 and now was failing!
Flicked the option and passing safteynet again!
agraceful said:
It works fine. Supersu was taken over by a Chinese company. Chel stopped reviewing code for it. So unless you like your privacy, stick with supersu.
Click to expand...
Click to collapse
jasonvxs4 said:
it's been working fine for me including safetynet. Interestingly, I have to keep USB debugging enabled to pass safetynet
Click to expand...
Click to collapse
linkazoid said:
THANK YOU, THANK YOU, THANK YOU!
I was looking everywhere as to why it was passing before the update to B404 and now was failing!
Flicked the option and passing safteynet again!
Click to expand...
Click to collapse
What version of Magisk you're using on which firmware?
dewadi said:
What version of Magisk you're using on which firmware?
Click to expand...
Click to collapse
V16 on B404, was also using v16 on B403 too
I noticed earlier that my usb debugging was switching straight off after enabling. Make sure this isn't happening to you. Click the reset to default button at the bottom and then select it again
I'm using 16.3. Almost every single magisk version released has worked fine for me. Chel doesn't maintain it anymore. You can use an older version of supersu but I'm not sure why you'd want to do that. As far as usb debugging.. i always have that on anyway.. i have an L04 and I'm on 392 firmware. Magisk is much better. I was very very hesitant when I switched, specially since it wasn't at the state it is now, but I'm glad i switched.
linkazoid said:
V16 on B404, was also using v16 on B403 too
I noticed earlier that my usb debugging was switching straight off after enabling. Make sure this isn't happening to you. Click the reset to default button at the bottom and then select it again
Click to expand...
Click to collapse
agraceful said:
I'm using 16.3. Almost every single magisk version released has worked fine for me. Chel doesn't maintain it anymore. You can use an older version of supersu but I'm not sure why you'd want to do that. As far as usb debugging.. i always have that on anyway.. i have an L04 and I'm on 392 firmware. Magisk is much better. I was very very hesitant when I switched, specially since it wasn't at the state it is now, but I'm glad i switched.
Click to expand...
Click to collapse
Did you tried Magisk 16.4?
Sorry if I'm hijacking.
Since you're talking about 16.3 and 16.4, does Magisk hide works?
That was my previous problem with rooting. I would like to remove some apps and add AdAway, while using Google Pay.
zinko_pt said:
Sorry if I'm hijacking.
Since you're talking about 16.3 and 16.4, does Magisk hide works?
That was my previous problem with rooting. I would like to remove some apps and add AdAway, while using Google Pay.
Click to expand...
Click to collapse
Anyone have any clue about this?
zinko_pt said:
Anyone have any clue about this?
Click to expand...
Click to collapse
that's what I am running
jasonvxs4 said:
that's what I am running
Click to expand...
Click to collapse
Magisk hide working?
jasonvxs4 said:
it's been working fine for me including safetynet. Interestingly, I have to keep USB debugging enabled to pass safetynet
Click to expand...
Click to collapse
Thanks for this trick man! I was puzzled as to why I was failing the SN check after passing it for a few hours.
I will retry flashing Magisk 16 :good:
takichiman said:
Thanks for this trick man! I was puzzled as to why I was failing the SN check after passing it for a few hours.
I will retry flashing Magisk 16 :good:
Click to expand...
Click to collapse
Magisk 16.4 works fine with Hide and fingerprint sensor.
zinko_pt said:
Magisk 16.4 works fine with Hide and fingerprint sensor.
Click to expand...
Click to collapse
Thanks for the info. I will reflash magisk 16.4 on a fresh stock L04B395 ROM and update you if the Safetynet fails
takichiman said:
Thanks for the info. I will reflash magisk 16.4 on a fresh stock L04B395 ROM and update you if the Safetynet fails
Click to expand...
Click to collapse
Safetynet passes in my L09C432B405.
zinko_pt said:
Safetynet passes in my L09C432B405.
Click to expand...
Click to collapse
I confirm that it passes on my L04C567B395. But because of that stupid USB debugging option that keeps getting turned off, I have to continuously toggle/untoggle the option and eventually sometimes plugging the phone to a computer to trigger the adb, so I can pass the safetynet test.
For the record I'm using Magisk 16.4
linkazoid said:
THANK YOU, THANK YOU, THANK YOU!
I was looking everywhere as to why it was passing before the update to B404 and now was failing!
Flicked the option and passing safteynet again!
Click to expand...
Click to collapse
WOW finally pass the safetynet!!!
Thanks alot!! I'm using magisk v17.1 with h8 frd10, what a magic!:highfive:
Hello, I was wondering if anyone else suddenly lost the ability to use google pay, the last time it worked was march 14, but by saturday it was gone, the message is "You can no longer use google pay"
nothing was installed or modified during those days.
If anyone had this situation and find a solution/workaround please let me know
device info:
Os 9.0.12
root/magisk v18.1 magisk manager v.7.0.0/
apps do not auto-update.
Device is certified
SafetyNet Check Success
Yep.... Me too. I ended up updating to Canary. All is good for me now.
mavogaro said:
Yep.... Me too. I ended up updating to Canary. All is good for me now.
Click to expand...
Click to collapse
What do you mean by Canary?
It's beyond the beta build of Magisk, similar to what Chrome Canary is. Can be unstable. I found the link through XDA.. You enter the link under settings, update channel, then the URL.
The search is your friend. Check this thread for discussion of this issue. There is also multiple work-arounds to get Google Pay working again.
https://forum.xda-developers.com/apps/magisk/discussion-google-pay-magisk-discussion-t3906703/
Hey,
Long time. Rooter (since HTC desire HD) here.
I remember on my older Oneplus phones, installing an beta would stop you passing Safetynet, so banking apps wouldn't work etc. Is this still the case? Can anyone on the 11 betas see if it passes safetynet? I'm not rooted currently!
Anyone?
Havent tried the beta's yet either. But I am rooted and pass safetynet on my 8pro. One of my 1st rooted devices was the HTC DesireHD as well and I did like the Nexus 5 alot.
atm I'm using XXX flashed with magisk and the current Radioactive kernel and my phones gr8 and passes safetynet for banking apps , gpay , netflix etc.
mapester said:
Havent tried the beta's yet either. But I am rooted and pass safetynet on my 8pro. One of my 1st rooted devices was the HTC DesireHD as well and I did like the Nexus 5 alot.
atm I'm using XXX flashed with magisk and the current Radioactive kernel and my phones gr8 and passes safetynet for banking apps , gpay , netflix etc.
Click to expand...
Click to collapse
Yeah with magisk I know you can pass, but I havnt felt the need to root this phone (nor my 7 Pro when I had it) - especially since a lot of people have had a fingerprint enrollment problem (I know you have to backup the persist partition) - I just wanted to test out some android 11 stuff, but it used to be that if you were in a beta, you failed safetynet even if BL was locked. Was just curious, thats all!
manor7777 said:
Yeah with magisk I know you can pass, but I havnt felt the need to root this phone (nor my 7 Pro when I had it) - especially since a lot of people have had a fingerprint enrollment problem (I know you have to backup the persist partition) - I just wanted to test out some android 11 stuff, but it used to be that if you were in a beta, you failed safetynet even if BL was locked. Was just curious, thats all!
Click to expand...
Click to collapse
Just to clarify - the fingerprint enrollment problem has nothing to do with root. It's all about the bootloader. Something happened when the bootloader was relocked (manually or by msmdtool). I believe the issues is fixed on later OOS versions, but haven't really looked into it as I'm not relocking.
Your question, however, the answer depends on when you flash the OB. It seems the OB is released around the same time the build is sent too google for verification, so if you're too quick to flash safetynet fails. If you wait for google to verify the ROM it's all good. There is, as far as I know, no information about when builds are verified. If you flash the ob too soon you can clear ps data and it will pass once google has updated on their part.
Edit: That's how they do it with pre-11 betas, not sure about 11, I guess that's up to google as it's an unreleased OS version. I believe even pixels fail their safetynet checks at this time.
efex said:
Just to clarify - the fingerprint enrollment problem has nothing to do with root. It's all about the bootloader. Something happened when the bootloader was relocked (manually or by msmdtool). I believe the issues is fixed on later OOS versions, but haven't really looked into it as I'm not relocking.
Your question, however, the answer depends on when you flash the OB. It seems the OB is released around the same time the build is sent too google for verification, so if you're too quick to flash safetynet fails. If you wait for google to verify the ROM it's all good. There is, as far as I know, no information about when builds are verified. If you flash the ob too soon you can clear ps data and it will pass once google has updated on their part.
Edit: That's how they do it with pre-11 betas, not sure about 11, I guess that's up to google as it's an unreleased OS version. I believe even pixels fail their safetynet checks at this time.
Click to expand...
Click to collapse
Ah OK, that makes sense. Most of the OnePlus betas I've installed n the past have been after Google. Released the OS to pixels, and they still failed Safetynet, but I also know Google is constantly changing safetynet stuff so that's why I wondered. Thanks anyway!
I updated my NP1 to NOS 1.1.7( with fix) and today to 1.5 beta. My device is not rooted with locked bootloader and still is not google certified and fails CTS. Any ideas on how to fix this?
I tried the default Universal SafetyNet Fix and it didn't work, I also tried using a custom fingerprint but it would break my fingerprint scanner, I ended up using a modded version of the fix it CTS is passing for me.
MarcoReckless said:
I tried the default Universal SafetyNet Fix and it didn't work, I also tried using a custom fingerprint but it would break my fingerprint scanner, I ended up using a modded version of the fix it CTS is passing for me.
Click to expand...
Click to collapse
My device is not rooted and the bootloader is still locked. I just installed NOS 1.5 beta by downloading the update zip for EEA and installing it with *#*#682#*#* etc. I tried to certify my device with google and see if anything can be done....
Chaotick said:
My device is not rooted and the bootloader is still locked. I just installed NOS 1.5 beta by downloading the update zip for EEA and installing it with *#*#682#*#* etc. I tried to certify my device with google and see if anything can be done....
Click to expand...
Click to collapse
I'm afraid you can't do anything while locked, we were warned that bank apps would break.
Chaotick said:
I updated my NP1 to NOS 1.1.7( with fix) and today to 1.5 beta. My device is not rooted with locked bootloader and still is not google certified and fails CTS. Any ideas on how to fix this?
Click to expand...
Click to collapse
it is normal for SafetyNet to fail in beta
in the mail from nothing it also says that netflix and googel pay / wallet does not work.
as soon as it is official A13 everything works again
MarcoReckless said:
I tried the default Universal SafetyNet Fix and it didn't work, I also tried using a custom fingerprint but it would break my fingerprint scanner, I ended up using a modded version of the fix it CTS is passing for me.
Click to expand...
Click to collapse
Thanks, the modded version works very well.