The popular Android videogame Fate / Grand Order uses a detection system of root that has allowed to detect a security failure in the system. this is the story.
The root detection system of Fate / Grand Order lets you discover an Android security flaw
Fate / Grand Order is a video game for Android very popular which is also a problem for those users who use rooting on their devices. The game uses a root detection system to block its use in case the phone is rooted. It is something that happens also with other applications, that do not like to allow their use to those with superuser permissions.
For those root users who wanted to play Fate / Grand Order a system was created that allowed border that limit. In general, it worked without problems … except in devices OnePlus. No matter how hard you tried, you could not jump the limit in smartphones of the Chinese firm. Finally, after thoroughly investigating the problem, it was concluded that it was due to a system security failure.
Download Fate / Grand Order from the Google Play Store
Procfs, that's right information about the memory usage of other applications
In short, the problem lies in the file system Procfs which contains the information referring to the memory usage of other applications. From Android Nougat Google blocks applications from accessing this file by giving it a certain value. Each app can read only its own use, needing the user's permission to read.
Google forces this restriction on its own devices; But some smartphones from LG, OnePlus, Huawei / Honor, Xiaomi and other brands are not. As a result, the value of procfs is not correct and any application can read the memory usage that other applications are doing. And that's what Fate / Grand Order did to detect the use of tools like Magisk and determine whether or not it was used root on a device.
Is it a serious failure? ? Do you have a solution?
Although this is not a serious system failure, we are facing a security flaw that allows us to detect which apps are installed in a terminal and how they use memory. This is relevant because they are data of use that are left uncovered. Luckily, it has a solution. Google will start forcing all brands to assemble procfs with the correct value. In addition, manufacturers such as OnePlus have already been informed to work on their own solutions and protect consumers. And if you want to see if you are affected, just download ProcGate and check the results.
The article How an anime game allowed to discover an Android security flaw was published in AndroidHelp.