AlfaX
Members
- Aug 12, 2024
- 17
- 5
[ro.product.system_ext.model]: [AOSP on ARM64]
I suppose this is a lie then... ¯\_(ツ)_/¯
Cannot pass strong integrity because of XiaomiEU Injector?
- Thread starter mkcs121
- Start date
I suppose this is a lie then... ¯\_(ツ)_/¯
- Mar 18, 2017
- 762
- 257
AlfaX
Members
- Aug 12, 2024
- 17
- 5
- Mar 18, 2017
- 762
- 257
Yes, you are not right. Everything regarding MIUI/HyperOS base is closed source, we don't have any access to Xiaomi sources. Even if system_ext is based on AOSP, there are still many changes on Xiaomi's side (and it's not necessarily to be purely AOSP, Qualcomm also modifies AOSP code).
AlfaX
Members
- Aug 12, 2024
- 17
- 5
I didn't say it was open source, I said it is based on AOSP which is true, you even said it yourself. I didn't say it was AOSP without any modifications obviously
ekzeshka
Members
- Jul 5, 2022
- 143
- 40
Your comment makes no sense. Since trickystore works just fine on stock and it seems that XEU way of injecting a fingerprint is what messes up the usage of keyboxes. So you choose to endorse illegal use of fingerprint and condone the use of keyboxes? Kind of hypocritical.
- Oct 6, 2016
- 9,760
- 322
Yes, your ignorance is the reason you don't differentiate between these two things.
A build fingerprint is not a piece of copyrighted material that's cryptographically protected. It's completely exposed to the phone user.
A keybox is [supposed to be] a highly protected piece of data that should never reach the public's eyes, because its leakage means the devices that use it are exposed to malicious intrusion.
Do your homework before you reply, I'm not a teacher.
P.S. I asked ChatGPT to give a summary for why using a leaked keybox is essentially piracy, enjoy.
ekzeshka
Members
- Jul 5, 2022
- 143
- 40
Thank you for the lesson, I understand the difference just fine. No one's asking you to include leaked keyboxes in your build, just so it works the same way as in stock ROM. After that it's up to users to do as they please and no concern of yours.
Yeah saw the other thread too and the props change does seem sketchy - what if G turns around and start blocking that prop. Might just become another rabbit hole from there. Totally see XEU's point - seems good thinking.
But maybe a middle ground is to just let the users decide what works? I mean with the dev branch being discontinued some users might be left strangled with the current non-stock way of removing DG's access. If G suddenly decides to push an update to GMS tomorrow removing passing device altogether it kinda would be extremely unfortunate for normal XEU users. Not a very professional opinion but just my two cents.
But maybe a middle ground is to just let the users decide what works? I mean with the dev branch being discontinued some users might be left strangled with the current non-stock way of removing DG's access. If G suddenly decides to push an update to GMS tomorrow removing passing device altogether it kinda would be extremely unfortunate for normal XEU users. Not a very professional opinion but just my two cents.
ekzeshka
Members
- Jul 5, 2022
- 143
- 40
That was always my point. For example, I was against adding the inject inside the ROM, but XEU did that, breaking some other stuff in the process even if you never use it and disable/delete it.
- Oct 6, 2016
- 9,760
- 322
Our only priority is unrooted users. If you're rooted, you can patch out anything you want and make a module out of it.
Any "solution" you can think of will eventually be blocked. That's why I was always against including ANY kind of workaround in the ROMs.
Oh, and if that would have affected the "popularity" of the ROM, I personally would not care, not trying to be a celebrity.
My solution to Google Pay not working has always been not using Google Pay. I can live with a card, I don't see the problem with that.
AlfaX
Members
- Aug 12, 2024
- 17
- 5
It's not only Google Wallet, there are many apps that requires Play Integrity, even ChatGPT for some reason.
If we're rooted, sure we can patch it and make a module, but we at least need to know where the problem comes from. FP is not an issue because it's included in the app (current one is for sailfish, just need to extract the apk to get the XML so no issue there). Now what's the issue? It's not a question of owing anything to rooted users, as you said, you don't owe us anything. It's a question of kindness.
Imagine being a stranger in a city for vacations and you're lost, you want to ask someone for directions but they reply to you "If you're here for your vacations I expect you to know where you're going" and go away, would you like this? They don't owe you to give directions but they sure can be kind and give you directions. If you're not being kind, you're being rude, which is exactly what you are to root users.
I hope you can understand that and that you don't treat strangers that asks for directions the same way you treat root users.
- Oct 6, 2016
- 9,760
- 322
This guy already pointed out where the incompatibility with Tricky Store happens.
Future of Pixel Integrity (Google Pay, RCS chat, bank apps, etc.) and potential adaptations for the EU ROM
As we all know, Google's SafetyNet Team have been disabling the ability to fallback to device integrity for a range of devices recently. They promise to continue this trend until they completely phase out non hardware-backed attestation as per Shawn (@shawnwillden on X) which can happen as early...
xiaomi.eu
Thank you! This makes total sense. Actually I used to be an unrooted XEU user who only got on here because of the niceties that come with having things debloated while still being able to use my bank (which detects root sadly). However, the apps started crashing like crazy since three months ago because of the whole debacle with this play integrity. From stuff I read on xda and what the google engineers are saying on twitter, it seemed this will only get worse. Could we not please just fully rid ourselves of the half-working workarounds like how it used to be?
When the old injected fps expired I had to repeatedly temporarily root and then get shamiko and pif to get around these issues - at this point it seems we might as well just resort to external methods as the sources all say the fps won't last us very long. I had a think about this last month and was going to get on the weeklies to do this more easily, but they were just recently discontinued. I wonder if there could be another way out here?
Last edited:
Basically it seems unfair on the devs for having to deal with this stuff at all, and you end up upsetting innocent users when things broke too. Just seems to be a lose-lose situation where it'd have been way better to just set the users' expectation straight from the beginning.
I mean... I bet most of the people had to go through the trouble of BL unlock to get here. Surely won't be that hard for them to understand google won't certify ROMs not originated from the OEM? Unless we were trying to make a case to compete with Xiaomi's ROMs here.
I mean... I bet most of the people had to go through the trouble of BL unlock to get here. Surely won't be that hard for them to understand google won't certify ROMs not originated from the OEM? Unless we were trying to make a case to compete with Xiaomi's ROMs here.
ekzeshka
Members
- Jul 5, 2022
- 143
- 40
I just hope the devs do it before EOL of my device or I'll be stuck with a broken Play Integrity without a way of fixing it myself because of the way XEU has implemented a workaround. With the only option of switching to other ROM of course. If they don't want to mess with PI, keyboxes and Google, that's completely fine by me. I even welcome this, I'd rather have a clean ROM instead of having to disable inject after install. My only hope is they don't break what's not broken.
AlfaX
Members
- Aug 12, 2024
- 17
- 5
I would normally say thanks but not this time.This guy already pointed out where the incompatibility with Tricky Store happens.
Future of Pixel Integrity (Google Pay, RCS chat, bank apps, etc.) and potential adaptations for the EU ROM
As we all know, Google's SafetyNet Team have been disabling the ability to fallback to device integrity for a range of devices recently. They promise to continue this trend until they completely phase out non hardware-backed attestation as per Shawn (@shawnwillden on X) which can happen as early...
- Oct 6, 2016
- 9,760
- 322
You don't represent the majority of our users who are not interested in messing with root.
And again, you do have a way of "fixing" it if you patch the framework JAR yourself.
"I'd rather have a clean ROM", but you still root? That makes no sense.
In any case, the fate of our Play Integrity workaround is not in my hands.
I'm not the one who benefits from spoofing Play Integrity or bootloader unlock status.
Oh no, that makes me so so sad.
ekzeshka
Members
- Jul 5, 2022
- 143
- 40
AlfaX
Members
- Aug 12, 2024
- 17
- 5
If it can help someone https://droidwin.com/how-to-pass-strong-integrity-on-unlocked-bootloader-root/
Unfortunately, your link does not have much to do with the topic discussed here.
Your link describes the normal way of using trickystore and playintegrity fix to get STRONG integrity.
But that is not the point here. xiaomi.eu uses a proprietary patch to get DEVICE integrity, which prevents the way shown here from working.
The way you described only works on xiaomi.eu by removing this patch from framework.jar.