Gmscore: Feature request: Turn SafetyNet into a real security feature rather then a user restriction

+1 cool idea

AFAIK SafetyNets only purpose is to detect whether the device has been tampered with, to ensure DRM functionality and prevent cheating in games. It does not scan for malware of any other kind.

@Namnodorel: Yes, but we aren't obligated to re-implement it in the same way, we can do better.

By turning it into something that isn't even close to its original purpose? Scanning for malicious activity is highly complicated and needs a lot of support and frequent updates. Even if we had those available, it would still be a completely new feature and labeling it as "Safety Net" would confuse the heck out of everyone who sees it for the first time.

If you read carefully I have only asked to add the interface for it (aka plug-in support), not to do anything in particular.

That wouldn't be particularly useful, cause as soon as you start modifying the response, apps would simply reject it after signature verification.

Do you have any particular use case in mind, or just "would be nice to reuse it"? This system is carefully designed to not be reusable, I'm not sure what would you want to achieve there.

There won't be any problem if microG execute "also" other code (like a RAM scan) "behind" while running the standard SafetyNet with standard SafetyNet response.

But why? What would it do if it finds something? What would it do if it doesn't?

Nothing if all is ok, stop the app if a virus is found, it seems obvious.

But we are talking about nonexistent things, I was requesting only an "interface" for possible external (user installed) extensions, it shouldn't do anything inside microG code.

You could pose the same questions for UnifiedNlp like: Why does it allow external backends? Well, because the user must choose, not someone else.

I mean, why should it be tied to SafetyNet, and not, say Maps API? Why should you stop some innocent app when you detect some external threat?

SafetyNet isn't a anti-malware defence - it's about preventing tampering. It finds some malware as a side-effect (cause it can also tamper with the "protected" app and its data), but that's it. And anti-tamper prevention is by definition against user freedom. There's no reason to spend time implementing hooks to SafetyNet if there is no advantage over, let's say, background app doing memory scans on its own - and I fail to see any.

A virus will likely "tamper" your device so it is the thing we are talking about.
Using the same way of think as you then also the Analytics API should be implemented if we want to be coherent with Google Play Service.
If you think microG should be re-implemented exactly like Google Play Services then what is the point of use it and not the original Google Play Services?

Beside that, I have talked about a single use; there are also other infinite use cases.

That's a straw man. What I mean is that there's little point in adding configurable hooks everywhere you can, just because you can and there are "infinite use cases".

Even if you design and implement it "because why not", somebody then has to maintain it. Show that there are some use cases that make sense. Only then it might be worth the effort.

DroidGuard and SafetyNet are not security features although Google and some people claim this from time to time. In fact, SafetyNet is rather easy to bypass if you don't want to do it at large scale (= only for a few devices). DroidGuard was designed to detect bots and emulators (it's the Android variant of BotGuard, a similar Google tool for javascript browsers) and SafetyNet just added a few, rather stupid and easy to trick checks on top of it.

This is only about the SafetyNet attestation. SafetyNet is also used as a marketing term for Google's virus scanner integrated into Play Store, which of course is a security feature.

I know, my idea was to just ignore their intent and do a another thing in addition (still keeping the standard check to pass SafetyNet).

I don't get why you want to have this check happen when some app does a DRM check? Seems completely unrelated. A proper security checker should be standalone, independent of microG (and especially independent of DRM)