“If the OS isn’t official, we have to assume it’s bad.”
“This is what Android security looks like,” said Sean Wilden, chief technology officer for hardware-powered security. described The current reality of custom Android-based operating systems is a response to a real security dilemma. Graphene OS Users Recently discovered who A nativeThe Apple ID app, the popular (and generally respected) two-factor authentication manager, won’t work on their phones — phones that run an operating system designed to be more secure and robust than any standard Android phone.
“We don’t want to penalize users of alternative operating systems, but there is no other option at this time,” Wilden added before concluding his blunt remarks. “Play Integrity has no way of knowing whether a particular custom OS is completely undermining the Android security model.”
play fairpreviously SafetyNet CertificationThis basically allows apps to check if an Android device has been granted permissions beyond the ones intended by Google or is rooted. Root access is not attractive to the makers of some apps that involve banking, payments, competitive gaming, and copyrighted media.
There are many reasons why someone might root or mod their Android device, besides cheating and deception. But to prove its security, an Android device must connect to Google’s servers through the Google Play Services API, then verify the bootloader, ROM signature, and device kernel. GrapheneOS, like most custom Android ROMs, does not include the Google Play Services package by default, but it does allow users to install an isolated version of Play Services if they wish.
Wilden offered some hope for a future in which read-only memories could ensure Google’s non-criminal nature, note “Some discussions with high quality ROM makers” about passing Compatibility Test Suite“Then we have to build some kind of relationship that we can trust them with,” but Wilden notes that “it takes a lot of work on both sides, including the lawyers.” While his team is happy to help, higher-level support is difficult because “modders are a very small part of the user base.”
Official GrapheneOS X account created less hopeful. I noticed that another custom ROM, LineageOS, disabled verified boot upon installation, and “restores security in several other ways,” contributing to “a misconception that every alternative OS restores security and is not production-quality.” A typical LineageOS installation, like most custom ROMs, disables verified boot, though it can be re-enabled, except It’s risky and complicated.GrapheneOS has page on her website Regarding her position and criticism of Google’s authentication model for Android.
Ars has reached out to Google, GrapheneOS, and Authy (via owner Twilio) for comment. At this point, there doesn’t appear to be a clear path forward for either party unless one party is willing to significantly rewrite what they consider adequate security.
“Web specialist. Lifelong zombie maven. Coffee ninja. Hipster-friendly analyst.”
