Comments by "Mikko Rantalainen" (@MikkoRantalainen) on "CyanogenMod and the Death of the Android ROM" video.

  1. I guess "xda" was supposed to be Extended Digital Assistant. I still think that custom ROMs would still be better than OEM firmware but DRM crap prevents me from running custom ROM today because so many apps look for hardware DRM these days and with DRM running on ring -1 and OS on ring 0, there's no way to break the hardware DRM without modifying the apps you run. Make no mistake, true DRM doesn't exists if you own the hardware but if you don't own your hardware, then you cannot fake hardware based DRM. Remote systems can check if the system is running OEM firmware because hardware DRM allows remote attestation. The best we currently have is workarounds that make the user mode program believe that the device doesn't have hardware DRM and instead the software must accept soft DRM which is easy to fake. Passing the remote attestation doesn't guarantee that the system has been rooted at runtime but it does guarantee that the system has non-modified boot sector, assuming the DRM hardware is working. This is obviously easy prevent in user mode apps simply by not accepting fallback to non-hardware DRM for remote attestation. And since Android 8.0, no OEM has been able to release new devices with pre-installed Google Play Store unless the hardware passed CTS which enforced hardware-based SafetyNet. As a result, app developers could stop supporting non-hardware attestation any day now and only lose customers still running Android 7.0 or older. That's basically nobody, so there's no practical benefit for allowing non-hardware attestation for the software developers! Basically the only way to break the hardware based SafetyNet is to find a vulnerability in the firmware boot sequence to get your own code running on ring -1 to allow faking hardware DRM requests. And if this gets common, Google can simply blacklist that specific OEM identity to always distrust any hardware DRM attestation from that specific hardware. As a result, if you know how to fake hardware SafetyNet on some hardware, you cannot tell about it publicly if you want to keep that ability! As a bonus, Google will pay you minimum of 100K USD if you tell them how to bypass the hardware based attestation on any hardware so there's kind of incentive to not try to hide your work. The hardware attestation is based on digital signatures and device specific digital key that can sign messages that can be verified on remote servers. As a result, if e.g. Netflix wants to enforce DRM, they can setup their app connection to their network to require hardware attestation for login. If you block the DRM data or try to fake it, the device can no longer connect to Netflix network because Netflix knows that (1) all relevant hardware supports hardware based DRM so you cannot modify the response to claim that your hardware doesn't support hardware based attestation, and (2) the hardware response is digitally signed so you cannot change the response without failing the attestation. Obviously DRM for offline situations can still be broken at will. But for online stuff, the remote attestation cannot be broken. For me, the single most important thing to root an Android device is to get a fully working backup solution. I hate that I cannot fully backup my Android device and the only way to fix it is to break all software that wants to look for DRM hardware attestation. There's no way to have both DRM remote attestation and a working backup solution (that can restore everything in case your hardware fails and you replace it with identical hardware). As a result, I nowadays have only partial backups (basically what adb backup allows). Even iPhone has better backups! If you only wanted root and accept unsafe OS, you could simply skip all the security updates and re-root the whole OS at runtime after every boot to get root access and still keept the OEM bootloader and firmware, using a security vulnerability that allows getting root access with non-modified OEM software. However, that doesn't allow running TWRP which would be required for full backup and restore. Using runtime rooting would still allow using TitaniumBackup for installing and restoring software but you would need to be running knowingly vulnerable OS which allows any other untrusted software to also root your system. Which is obviously non-safe unlike running a properly rooted Android. I no longer own my phone and I hate it. And if Apple ever allows running other browsers than Safari, I no longer have a reason to use Android instead of iPhone because then both ecosystems are equally limited!
    1