• Skull giver@popplesburger.hilciferous.nl
    link
    fedilink
    English
    arrow-up
    10
    arrow-down
    2
    ·
    1 year ago

    What tools are injecting certificate authorities into the system image?

    Android is still open source and AOSP and other ROMs will work without this APEX. That means system image modification tools should also be able to overrule Google’s package and set up their own certificates.

    Users haven’t had control over their devices without root from Android’s inception and the system certificate store has been out of normal people’s control since Android 7.

    In my opinion, this whole issue is just a minor inconvenience caused by a major improvement to the Android OS as a whole. People will figure it out.

    • deweydecibel@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      arrow-down
      1
      ·
      1 year ago

      And then Google will punish them for figuring it out by letting apps block access. That’s the issue. If you could do all this without Google integrity checking, we wouldn’t have to worry.