Does a failing RootBeer check prevent users from warning others using the SRS feature?

Question

Does a failing RootBeer check prevent users from warning others using the SRS feature?

Ein-Tim opened this issue 2 years ago · 6 comments

Avoid duplicates

Question is not already answered in the FAQ
Question is specific for Android only, for general issues / questions that apply to iOS and Android please raise them in the documentation repository
Question has not already been asked in another issue

Your Question

The app perfroms RootBeer checks to detect if the device is rooted. If the RootBeer check fails, will this disable the ability to use others using the new SRS feature of version 3.0? Or will the SafetyNet attestation also fail in all cases where the RootBeer check fails?

Answer 1 · 2023-01-20T22:25:13.000Z

The SafetyNet attestation is very similar to the RootBeer checks.
But only the SafetyNet attestation is used to ensure the rate limit for SRS submissions.

Answer 2 · 2023-01-20T22:30:44.000Z

@thomasaugsten Thanks for the fest answer, however, I'm not sure, I fully understand. Let's get concrete:
If I root my device, which leads to a failing RootBeer check, will I be able to warn others using the SRS feature (because SafetyNet attestation succeeds) or will this not be possible (because attestation fails)?

Answer 3 · 2023-01-20T22:48:34.000Z

SafetyNet will also check for root access and the attestation will fail

Answer 4 · 2023-01-20T22:52:49.000Z

Thanks, answered!

Answer 5 · 2023-01-21T08:37:01.000Z

@Ein-Tim

This case should probably also be added to the description on
https://www.coronawarn.app/en/faq/results/#rooted_devices "[Google/Android]: Can I use the app on a rooted device?"

Maybe you would like to propose a PR for this, since you initiated this topic?

Answer 6 · 2023-01-21T09:02:39.000Z

@MikeMcC399 I'll take care of that later today!