You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+6-6
Original file line number
Diff line number
Diff line change
@@ -33,10 +33,10 @@ We call through to our native root checker to run some of its own checks. Native
33
33
34
34
## Disclaimer and limitations!
35
35
36
-
One way to think about root checking is that **root==<insertyourdeityhere>**, so there's no 100% guaranteed way to check for root! Please treat the results of this library as an *indication* of root together with other factors which will vary depending on your usecase rather than basing your whole security posture on the result.
36
+
One way to think about root checking is that **root==god**, so there's no 100% guaranteed way to check for root! Please treat the results of this library as an *indication* of root together with other factors which will vary depending on your usecase rather than basing your whole security posture on the result.
37
37
A more robust solution would be to use [Google Play Integrity API](https://developer.android.com/google/play/integrity) this will verify requests from your app are coming from your unmodified app binary, installed by Google Play, running on a genuine Android device (i.e not rooted).
38
38
39
-
Rootbeer can be by-passed, there's several articles that illustrate how to do this. [here](https://medium.com/secarmalabs/bypassing-androids-rootbeer-library-part-1-a5f93918660d) one we found with a quick google search.
39
+
Rootbeer can be bypassed, there's several articles that illustrate how to do this. [here](https://medium.com/secarmalabs/bypassing-androids-rootbeer-library-part-1-a5f93918660d) one we found with a quick Google search.
40
40
41
41
### Background
42
42
@@ -72,7 +72,7 @@ You can also call each of the checks individually as the sample app does. It is
72
72
73
73
Manufacturers sometimes leave the busybox binary in production builds and this doesn't always mean that a device is rooted. We have removed the busybox check we used to include as standard in the isRooted() method to avoid these false positives.
74
74
75
-
If you want to detect the busybox binary in your app you can use `checkForBinary(BINARY_BUSYBOX)` to detect it alone, or as part of the complete root detection method:
75
+
If you want to detect the busybox binary in your app you can use `checkForBinary(BINARY_BUSYBOX)` to detect it alone or as part of the complete root detection method:
76
76
77
77
```java
78
78
rootBeer.isRootedWithBusyBoxCheck();
@@ -89,7 +89,7 @@ Available on [Maven Central](https://search.maven.org/#search%7Cga%7C1%7Ca%3A%22
89
89
90
90
```java
91
91
dependencies {
92
-
implementation 'com.scottyab:rootbeer-lib:0.1.0'
92
+
implementation 'com.scottyab:rootbeer-lib:0.1.1'
93
93
}
94
94
```
95
95
@@ -101,7 +101,7 @@ The native library in this application will now be built via Gradle and the late
101
101
102
102
### Sample app
103
103
104
-
The sample app is published on Google play to allow you to quickly and easier test the library. Enjoy! And please do feedback to us if your tests produce different results.
104
+
The sample app is published on Google Play to allow you to quickly and easily test the library. Enjoy! And please do feedback to us if your tests produce different results.
105
105
106
106
<ahref="https://play.google.com/store/apps/details?id=com.scottyab.rootbeer.sample&utm_source=global_co&utm_medium=prtnr&utm_content=Mar2515&utm_campaign=PartBadge&pcampaignid=MKT-Other-global-all-co-prtnr-py-PartBadge-Mar2515-1"><imgwidth="200"alt="Get it on Google Play"src="https://play.google.com/intl/en_us/badges/images/generic/en-play-badge.png" /></a>
107
107
@@ -123,7 +123,7 @@ There must be more root checks to make this more complete. If you have one pleas
123
123
If you dig this, you might like:
124
124
125
125
* Tim Strazzere's [Anti emulator checks](https://github.com/strazzere/anti-emulator/) project
126
-
* Scott Alexander-Bown's [SafetyNet Helper library](https://github.com/scottyab/safetynethelper) - coupled with serverside validation this is one of the best root detection approaches. See the [Google SafetyNet helper docs](https://developer.android.com/training/safetynet/index.html).
126
+
* Scott Alexander-Bown's [SafetyNet Helper library](https://github.com/scottyab/safetynethelper) - coupled with server-side validation this is one of the best root detection approaches. See the [Google SafetyNet helper docs](https://developer.android.com/training/safetynet/index.html).
0 commit comments