undefined | Better HN

0 pointsMichaelGG9y ago0 comments

Sure but then the verification will fail since you won't be able to sign the handshake with the "pin'd" cert. (Assuming they implement TLS or other crypto in their own code.) If you aren't modifying the execution environment then it's possible for an app to be "safe".

0 comments

fdsaaf9y ago

An clever-enough emulator can just lie to an application and say, "You're running on a stock device. Everything is fine".

pki9y ago

Clever-enough is the key word, with Safetynet involved, which dynamically executes signed classes and you don't know what checks will be done

j / k navigate · click thread line to collapse

0 pointsMichaelGG9y ago0 comments

0 comments

fdsaaf9y ago

An clever-enough emulator can just lie to an application and say, "You're running on a stock device. Everything is fine".

pki9y ago

Clever-enough is the key word, with Safetynet involved, which dynamically executes signed classes and you don't know what checks will be done

j / k navigate · click thread line to collapse