Skip to content
13

@thestinger thestinger released this Jun 8, 2019 · 38 commits to master since this release

Full list of changes from the previous release (version 12). Notable changes:

  • add support for verifying CalyxOS on the Pixel 2, Pixel 2 XL, Pixel 3 and Pixel 3 XL
  • clear pairing when disabling remote verification
  • add verified boot hash display
  • reschedule remote verification once the app is opened again after being force stopped or disabled

The Auditor app uses hardware security features on supported devices to validate the integrity of the operating system from another Android device. It will verify that the device is running the stock operating system with the bootloader locked and that no tampering with the operating system has occurred. It will also detect downgrades to a previous version. Supported devices:

  • BlackBerry Key2 (BBF100-6 model)
  • BQ Aquaris X2 Pro
  • Google Pixel 2
  • Google Pixel 2 XL
  • Google Pixel 3
  • Google Pixel 3 XL
  • Google Pixel 3a
  • Google Pixel 3a XL
  • Huawei Honor 7A Pro (AUM-L29 model)
  • Huawei Honor 10 (COL-L29 model)
  • Huawei Honor View 10 (BKL-L04 and BKL-L09 models)
  • Huawei Mate 10 (ALP-L29 model)
  • Huawei Mate 20 Pro (LYA-L29 model)
  • Huawei P20 Pro (CLT-L29 model)
  • HTC EXODUS 1
  • HTC U12+
  • Nokia 6.1
  • Nokia 7 Plus
  • OnePlus 6 (A6003 model)
  • OnePlus 6T (A6013 model)
  • OnePlus 7 Pro (GM1913 model)
  • Samsung Galaxy Note 9 (SM-N960F and SM-N960U models)
  • Samsung Galaxy S9 (SM-G960F, SM-G960U, SM-G960U1 and SM-G960W models)
  • Samsung Galaxy S9+ (SM-G965F, SM-G965U, SM-G965U1 and SM-G965W models)
  • Sony Xperia XA2 (H3113, H3123 and H4113 models)
  • Sony Xperia XZ1 / XZ1 Compact (G8341 and G8342 models)
  • Sony Xperia XZ1 Compact (G8441 model)
  • Sony Xperia XZ2 (H8216 model)
  • Sony Xperia XZ2 Compact (H8314 and H8324 models)
  • Xiaomi Mi A2
  • Xiaomi Mi A2 Lite
  • Xiaomi Mi 9
  • Xiaomi POCOPHONE F1

It cannot be bypassed by modifying or tampering with the operating system (OS) because it receives signed device information from the device's Trusted Execution Environment (TEE) or Hardware Security Module (HSM) including the verified boot state, operating system variant and operating system version. The verification is much more meaningful after the initial pairing as the app primarily relies on Trust On First Use via pinning. It also verifies the identity of the device after the initial verification.

See https://attestation.app/tutorial for detailed usage instructions. This is included as the Help entry in the app menu. The app also provides basic guidance through the process. See https://attestation.app/about for a more detailed overview.

Assets 3
You can’t perform that action at this time.