What are the chances of getting this workaround releases to older devices? I got a Pixel 4a screwed by the whole battery fiasco they organized.
Thank you!
Revolut mobile finance - not supported on devices with custom firmware problem
17 days later
Dumdum Thanks!
I wasn't able to reproduce the success in a LineageOS build. From what I gathered what was done:
- Set ro.build.user/host to official-looking values
- Set ro.boot.verifiedbootstate=green for all apps, including user apps
- Disable reloading constants of the Build class which looks rather like an optimization as it would be a no-op if I'm not mistaken
There are likely a few more changes involved as making SafetyNet and PlayIntegrity pass might require marking hardware key attestation as unsupported and changing a few properties. The latter doesn't seem to be required as it looks like (official?) fingerprints and user-builds with release-keys are already used. And does the hardware-backed attestation really work in GrapheneOS? AFAIK that isn't possible after bootloader unlocking.
So there might be something else being done in GrapheneOS that I missed or isn't possible with LineageOS as even after fixing all properties (via the .prop files on device) Revolut/DexProtect detects the "insecure" device.
If anyone has some ideas I'd be grateful.
In any case: Hats off to the GrapheneOS team!