asked 2019-04-02 23:46:32 +0200
I need to use an Android apps (OneLogin) on my XA2. This app check if the bootloader is locked and refuse to work if it is unlocked. As far as I know Sailfish will not boot if I relock the bootloader. Do you know a workaround for this kind of issue?
answered 2019-04-03 01:55:03 +0200
No chance. I would say - this app will never work under SF, because SF NEED an unlocked bootloader.
answered 2019-04-03 20:37:22 +0200
As far as I know, checking for an unlocked bootloader is NOT possible by an application without systemrights. However, what I'm assuming what is the case, is that the application requires your device to pass Google's SafetyNet. Because Sailfish devices don't have GAPPS (Google Apps, like Play Services, Play, Google Search etc) installed, this will fail. So the absence of the Google Play Services is probably what causes the app report your device as "insecure" and therefore the application will not launch/intentionally crash.
Just installing the Google Play Services won't help either. The Google Play Services somehow detect that your device is running a non-Google approved ROM, so it will always fail. I'm not sure how this is being done, but an unlocked bootloader is one of the signs SafetyNet might look for.
There's no solution yet as of writing this and there will be no straightforward solution I believe. Nowadays it is only possible on devices with a stock and sometimes with systemless Magisk if Magisk is in front of the cat-and-mouse game Google and Magisk are playing. Maybe if you see a flaw in this picture it might work)Because this system relies both on Google's servers and the application backend, it will be near impossible to somehow spoof both Googles servers and the applications server.
TL:DR
The exact message from the application is : "Your phone appears to be rooted". I'm not sure that it need to use GAPPS in order to find that the phone is not a standard Android. Annyway I agree with you: it will be impossible to find a workaround
Philippe M ( 2019-04-03 22:11:57 +0200 )editSafetyNet provides information about the device integrity, which also includes if the phone is rooted.
ahappyhuman ( 2019-04-04 11:47:51 +0200 )editAsked: 2019-04-02 23:46:32 +0200
Seen: 2,117 times
Last updated: Apr 03 '19
How can a generic Android app check the bootloader status of a device? Only vendor-specific apps should be able to access bootloader information.
Giacomo Di Giacomo ( 2019-04-03 12:08:30 +0200 )edit