Android’s release will be turning 10 next September. If you’ve been on the Android train ever since its debut, you would know that Android today is almost a completely different animal from the first iterations of the mobile operating system. What started out as a small platform designed around tinkering and customization has now become the world’s largest mobile platform and the platform of choice for many smartphone OEMs due to its wide reach and increasing maturity. However, that maturity has produced something that some in the community may not enjoy; an API called SafetyNet.
WHAT IS SAFETYNET?
SafetyNet is an API introduced by Google with enables developers to check the security “health” of an Android device. The API was primarily used on Android Pay among financial apps but has since spread to games like Pokemon GO, apps like Snapchat and has recently been introduced as a developer feature on the Play Store where developers can choose to hide their listings from devices that don’t pass SafetyNet.
SafetyNet would be tripped if the device’s certification has been broken, either through bootloader unlocking, rooting or even an I/O error.
To understand its implications, we need to go to when Android was first introduced.
ANDROID’S TINKERING DAYS
The first ever commercially-available Android device was the T-Mobile G1, known as the HTC Dream globally. On the outside, it’s not conventionally pretty. It was thick, bulky, had an ugly chin and an OS that looked somewhat dated by comparison to its rivals. However, the Android underpinnings had one secret open; openness. Because users are free to tinker away and customize the OS, the device gained a following in the tech community, which even had Google release a developer version of the G1, which included an unlocked bootloader and root access, of which users of the standard G1 were able to unlock as well. The open-nature of the platform led to the popularity and rise of portals such as XDA-Developers, where hobbyist devs spend their free time working on customized versions of the OS and firmware to either add new functionality or enhance device performance or battery life.
As Android evolved over the years, many things have changed, ranging from hardware to software, UX design and even the introduction of the Nexus line of phones from Google, initially catering to developers due to their unlockable nature. While many OEMs expressed early concerns over tinkering, many have softened their stance around 2011, with vendors like HTC and Motorola allowing their bootloaders to be unlocked easily (albeit with the loss of warranty) while Samsung not only has shipped their devices with unlocked bootloaders out-of-the-box, but even sent over some Galaxy S2 units to CyanogenMod for the purpose of testing the platform. It would seem that geeks who wanted a smartphone they could tinker all-day long may have found their ideal platform, so as long as they’re not buying it from a carrier, who had practiced a locked-down bootloader approach that continues today, although some earlier models did have their bootloaders unlocked due to an exploit. The Samsung Galaxy S3 launched in 2012 helped propel Android into the mainstream, and cementing Samsung as the number one device OEM in terms of market share, and as a result, made it popular with modders, even today.
The tinkering game continued strong into 2013 and 2014, where devices like the Samsung Galaxy S4, HTC One M7, LG G3 (unofficially) and Nexus 5 along with its larger successor finding huge amounts of popularity in the device modding scene (which continues today). However, in those years, we also saw the first signs of how Android’s increasing maturity might affect its geek appeal;
Samsung KNOX – KNOX is a security solution designed mainly for enterprise users that was introduced on the Galaxy Note 3 and is now a mainstay on most Samsung phones. KNOX’s main feature was that it allowed both personal and work info to be stored on a device and the latter would be safety secured away from the personal side of things. As a consequence, however, KNOX has an e-fuse which trips if the device is rooted or non-Samsung firmware is running. While the device will continue to function normally, a tripped e-fuse may cause service centers to deny warranty repairs.
dm-verity – dm-verity is a Linux code which provides a generic way of creating virtual layers of block devices. The code is a main driver of Verified Boot, which was actually present in Android 4.4 KitKat but was not used. This will be mentioned again latter on.
After a rather bug-ridden launch of Android Lollipop, Google began work on its successor, Android 6.0 Marshmallow, which was introduced as “Android M” on Google I/O 2015. Marshmallow was a sign of Android maturing as a platform, which retailed the same look and feel but refined and improved the experience while creating a much more stable experience. One notable addition was Android Pay, Google’s answer to Apple Pay and which replaces Google Wallet to an extent. Being a financial-focused app, Android Pay requires strong security to get certification from banks and financial institutions, and since Android is an open-platform, there were some concerns over security.
And thus, SafetyNet, introduced in a Play Services update, had to be put in use, alongside the aforementioned dm-verity.
The use of dm-verity and Verified Boot on Android Marshmallow alongside the introduction of SafetyNet which ties to Verified Boot has several implications. On one hand, it makes it harder for rootkits and other malicious piece of software to settle on the device as the device can kick in safeguards to stop any data from getting into harm’s way. It also ensures that the device’s software and underlying layers are not tampered with either intentionally or unintentionally, theoretically making the device more secure and less likely that data will fall into the wrong hands.
On the other hand, this makes community development more challenging. While dm-verity can be disabled by using a custom kernel, SafetyNet is another issue. Because when SafetyNet trips, you will lose access to some Play Store listings alongside some apps such as Pokemon GO, Snapchat and others, even if they are not related to finance. Of course, users have found a workaround with Magisk Hide, which circumvents SafetyNet and makes a device pass. However, Google as of late has been much more aggressive in patching known exploits and vulnerabilities used by apps like Magisk, and this cat and mouse game may reach a point where Google makes SafetyNet much more secure to the point where Magisk Hide is useless.
While this does not affect regular consumers in any way or form, this has notable implications throughout the custom development community, who have developed custom firmware either designed to add new features or to significantly extend the lifetime of a device past the 2-3 year period most new Androids go through (the HTC HD2, while not an Android device, is quite famous for its lifetime, currently running Android Nougat). In a way, the custom development community has played a role in shaping how Android is today, and because Android has matured, thereby requiring more security presumably due to pressure from banks and regulators, SafetyNet had to be a thing, and this is honestly a bit of a sad moment coming from a guy whose old HTC One M7 has run a multitude of ROMs and have always enjoyed flashing.
Bear in mind that I am not saying SafetyNet will be the end of Android as we know it. Community development will still be a thing, but don’t expect as large of a community as it used to be as Android matures and Google introduces security APIs which make the platform more closed and secure but also harder to tinker around with. I would be fine with this honestly had Android device vendors start extending device support. 2-3 years may be alright, but 3-4 years would honestly be more ideal, especially since iOS devices get 4 years of updates at least and if this is a thing on Android, it would be more equal in terms of lifespan.
Even more frustrating is that some devices like the OnePlus 2 gets dropped extremely early on in its lifespan, meaning that you either had to be stuck on an older software build, flash a ROM and live with SafetyNet unless you can get around it or get a new phone. When you think about it, depending on what your stance on updates and support are, you will either think it’s not a big deal at all or you feel that it should probably be done differently.
Android as we know has evolved a ton from the first time it leaped into a consumer device until today, and it’s honestly a watershed moment to see how far it has come from a small OS built for tinkering to a platform heavily-centered around Google services that powers more than just phones and tablets, while also having new features, improvements and a much more polished UI. However, as the old saying goes, nothing in this world comes without a cost, and in this case, Android’s mainstream appeal comes at the cost of its tinkering nature to a degree.