Comment by jeroenhd
6 hours ago
The exact requirements for security updates depends on the Android version you're running and the one your device came with. From the docs:
MEETS_STRONG_INTEGRITY
The app is running on a genuine and certified Android device with a recent security update.
On Android 13 and higher, the MEETS_STRONG_INTEGRITY verdict requires MEETS_DEVICE_INTEGRITY and security updates in the last year for all partitions of the device, including an Android OS partition patch and a vendor partition patch.
On Android 12 and lower, the MEETS_STRONG_INTEGRITY verdict only requires hardware-backed proof of boot integrity and does not require the device to have a recent security update. Therefore, when using the MEETS_STRONG_INTEGRITY, it is recommended to also take into account the Android SDK version in the deviceAttributes field.
A single device will return multiple device labels in the device integrity verdict if each of the label's criteria is met.
The S10 should be on Android 13, so it should not pass STRONG_INTEGRITY. If it does, perhaps it's possible Google updated the docs early in anticipation of a change? The software update requirement wasn't always there.
I didn't know about this change, this is actually good news, it means no app can realistically rely on strong integrity as it will cut them from their user base.
I think you overestimate how far apps are willing to go for stupid reasons.
Also, there is still the DEVICE_INTEGRITY check that verifies the hardware side of things so if old devices have to be pushed, app developers still won't let you run their apps on LineageOS
I'm sure they are stupid but they already have some trouble to justify to their customers that they can't run the app on Android 11 so phasing out actual brand new devices that customers have is going to go a bit too far for them.
1 reply →