Why can be that this app keep saying that my device is rooted with e/?
I have try to download and use it in HavocOS without GAPPS and I can use it?
Regain your privacy! Adopt /e/ the unGoogled mobile OS and online services
1 Like
I have install it to in divestos and it works with no problem. Do you think that this has to do something with microG installed in the phone?
it’s likely the app is using something as rootbeer, that detects the -userdebug builds of the “dev” release channel as having potentially root, as userdebug allows to have adb root optionally, this is what it trips on I speculate.
The DivestOS author participated (DivestOS vs. /e/ OS - security and privacy easy - #83 by SkewedZeppelin) in a thread in this forum and suggested as much to switch to -user release builds. I think the stable release channel has them, could be mistaken. You can again use software like magisk to hide settings that software like rootbeer detects.
right, but I dont want to get into Magisk. It wil be great if e/ could fix that and then we can use the app in the OS normally.
thanks for the answer
1 Like
It seems that is so easy to change, isnt? so will be better if the dev consider it instead.
what do you have as a device? I wonder if the stable builds are made to be -user builds, can somebody comment? For me doing testing, I’m thankful to have prebuilt -dev images having userdebug to elevate to root when debugging.
The documented position of the e devs is at the docs page https://doc.e.foundation/support-topics/builds.html
UserDebug is a heritage we carry from LineageOS from where we have forked our source code. It is also needed on many older devices to boot and work properly.
From a security perspective, it may be safer to have user mode instead of debug mode, though an attacker can also decompile an APK to understand how it works. So the real benefit might not be that huge.
However, we plan to enable user mode for newer devices on stable builds.
it came up in the backlog at https://gitlab.e.foundation/e/backlog/-/issues/1402 (maybe vote?) and prior community forum discussion on user vs userdebug at Why Development Build Instead Of Production Build
Maybe it just needs a concerted effort to check which devices do run well on the -user builds (divestos I think can provide that info) and offer two types of image for all devices - could be lots of effort
2 Likes
I have got a Sony xz2c
I think is a great idea to check wich ones will allowed it and do it for them , so the build can open app without the root problem.
Only 7 of the 100+ supported devices on DivestOS are -userdebug and only of the legacy and end of life Nougat branch.
All Nougat builds of any ROM, DivestOS included, are missing critical security patches for:
NVD - CVE-2021-0515 and NVD - CVE-2021-0514
MitID actually works with a custom room (LineageOS 19 in my case) even without Google services. You only have to hide root and reset some values from system.prop to “innocent” ones. For example, if the ROM properties list “test-keys”, then MitID won’t start. After replacing the properties with “release-keys”, it worked. Keys including “userdebug” did not pose a problem on my system.
How can I change that test-keys. I have a samsung s9+.
And how to hide root. I havent been able to do it.
And if it is not root , is not posible to do it? Cause I dont use root in the phone
It’s essentially about the file /system/build.prop. I did a search and replace on the file to replace the string “rest-keys” with “release-keys” everywhere. However, this required write access to the file and therefore root access rights.
Did you consider rooting your phone using Magisk?
I did it a some point , but couldnt find out how to do more. I download many things but was not worth.
If you help me with this I can give it a try.
Alternatively, you can try to modify the image of /e/ before flashing: unpack it, change the /system/build.prop file, repack it. Are you familiar with some basic linux commands such as mount etc.? If you give me a link to the /e/ file you use, I can have a try also.
i am using the build for samsung s9+
how can it be . Cause when I try to use my ID, it says that it will not works without google playservices
I tried it again with an AOSP build without Gapps and mitID runs fine (if the system properties in “build.prop” are satisfactory). In fact, I never encountered a “play services missing” error with mitID; it is true that the predecessor “NemID” refuses to work without Google play services - however, you can satisfy NemID with MicroG. Did you confuse mitID and NemID?
Can you please post a link to the Samsung build you are using? Then I will investigate.
https://doc.e.foundation/devices/star2lte/install
and I am also using a oneplus 5t using lineageos microG
https://download.lineage.microg.org/dumpling/
And I am trying a oneplus 5 chessburger with divestos
https://divestos.org/index.php?page=devices&base=LineageOS
The only one that can run is oneplus5 in divestos , where the app cant find it rooted. The others get a root warning. And the one that can pass it , while finnishing writing the id and so on, it says that can t continuos because has not google play services.
Hi @udengoogle
Only the MitID app is telling you that the device is rooted. In this case the app is inaccurate.
I am sorry but the link you provided for star2lte leads to multiple ROMs
Downloads for the star2lte
- /e/OS build : Q dev
- /e/OS build : Oreo stable
Please can you indicate the actual Samsung 9+ ROM you are testing MitID app today.
To the best of my knowledge, the problem is that the MitID app considers some system properties to be dangerous and claims that the device is rooted. Can you run “getprop” in a local terminal and paste the output here? Anything that includes “test-keys” makes the app refuse to work.