Ask / Submit
0

Is it possible to use an Android App that check the bootloader status?

asked 2019-04-02 23:46:32 +0300

Philippe M gravatar image

I need to use an Android apps (OneLogin) on my XA2. This app check if the bootloader is locked and refuse to work if it is unlocked. As far as I know Sailfish will not boot if I relock the bootloader. Do you know a workaround for this kind of issue?

edit retag flag offensive close delete

Comments

How can a generic Android app check the bootloader status of a device? Only vendor-specific apps should be able to access bootloader information.

Giacomo Di Giacomo ( 2019-04-03 12:08:30 +0300 )edit

2 Answers

Sort by » oldest newest most voted
0

answered 2019-04-03 01:55:03 +0300

ExPLIT gravatar image

No chance. I would say - this app will never work under SF, because SF NEED an unlocked bootloader.

edit flag offensive delete publish link more

Comments

Why does Sailfish need an unlocked bootloader? I forget the purpose of this. So, is it not possible to re-lock the bootloader on Xperia X?

jimjamz ( 2019-04-17 11:05:17 +0300 )edit
0

answered 2019-04-03 20:37:22 +0300

ahappyhuman gravatar image

As far as I know, checking for an unlocked bootloader is NOT possible by an application without systemrights. However, what I'm assuming what is the case, is that the application requires your device to pass Google's SafetyNet. Because Sailfish devices don't have GAPPS (Google Apps, like Play Services, Play, Google Search etc) installed, this will fail. So the absence of the Google Play Services is probably what causes the app report your device as "insecure" and therefore the application will not launch/intentionally crash.

Just installing the Google Play Services won't help either. The Google Play Services somehow detect that your device is running a non-Google approved ROM, so it will always fail. I'm not sure how this is being done, but an unlocked bootloader is one of the signs SafetyNet might look for.

There's no solution yet as of writing this and there will be no straightforward solution I believe. Nowadays it is only possible on devices with a stock and sometimes with systemless Magisk if Magisk is in front of the cat-and-mouse game Google and Magisk are playing. Maybe if you see a flaw in this picture it might work)Because this system relies both on Google's servers and the application backend, it will be near impossible to somehow spoof both Googles servers and the applications server.

TL:DR

edit flag offensive delete publish link more

Comments

The exact message from the application is : "Your phone appears to be rooted". I'm not sure that it need to use GAPPS in order to find that the phone is not a standard Android. Annyway I agree with you: it will be impossible to find a workaround

Philippe M ( 2019-04-03 22:11:57 +0300 )edit

SafetyNet provides information about the device integrity, which also includes if the phone is rooted.

ahappyhuman ( 2019-04-04 11:47:51 +0300 )edit
Login/Signup to Answer

Question tools

Follow
3 followers

Stats

Asked: 2019-04-02 23:46:32 +0300

Seen: 397 times

Last updated: Apr 03