Can "Magisk" hide bootloader status?

Question

I am planning to flash Lineage OS 14.1 on my Lenovo p1ma40 to give it a new life.



But I often have to do various payment and transactions using banking apps. As you might know , these apps check for safetynet status. But if I unlock bootloader to flash custom ROM, then the safety net status will be definitely tripped.



My question is:



I learnt that Magisk can hide root status.But if I unlock bootloader then will it be able to hide bootloader status and ensure that safety net doesn't gets tripped?


overkill | Sources

Answer

Edit NO
It cannot hide. Developer of Magisk says in his tweet, after the latest Google update



Q6: Is MagiskHide meaningless now?


A6: It depends on your expectation. MagiskHide is still effective to hide anything in userspace, but is no longer capable of spoofing bootloader/verified boot status.



To put it simply, we can still hide "root", but not the bootloader status.


(Emphasis added)


For more details see this XDA blog shared by Robert (thanks)


Also see Magisk will fail Safety-Net hereafter. Why?


Answer below is not pertinent, but retained for context



Safety-Net Vs Magisk is a typical cat and mouse game. But thankfully, most of the time Magisk is one step ahead. So, to answer your title yes, most of the time but not always


Safety Net being tripped is not just because of boot loader being unlocked. There is more to it. From Magisk and MagiskHide Installation and Troubleshooting guide by XDA developer didgeridoohan's excellent guide



What triggers SafetyNet?


There are two parts to the SafetyNet check, CTS Profile and Basic Integrity.


Examples of when ctsProfileMatch will report as false (failed):



  • Uncertified device (the manufacturer haven't applied for Google certification)



  • Unlocked bootloader



  • Custom ROM



  • Signs of system integrity compromise (rooting, etc)



  • Signs of other attacks (Xposed, EdXposed, etc)




Examples of when basicIntegrity will report as false (failed):



  • Signs of system integrity compromise (rooting, etc)



  • Signs of other attacks (Xposed, EdXposed, etc)@





@ EdXposed does not trip safety net. Guide has not been updated


This is where Magisk comes to rescue



Magisk can hide



  • Magisk and most modules (it depends on what the module does).


*MagiskSU



  • Unlocked bootloader.



  • Permissive SELinux (most of the time. There have been reports that a permissive SELinux triggers SafetyNet even with MagiskHide enabled).



  • Some prop values (see "Sensitive props").



  • The Magisk Manager (separate option in the Manager settings).





Magisk has an option of Magisk Hide. You need to select your banking and any other apps to prevent them from seeing root. Also from Magisk Manager, hide the manager to prevent apps detecting root.


Note: Some banking apps may detect root despite passing safety net. Refer to the guide for help to fix such situations. Ver 20.1 of Magisk has sophisticated techniques to prevent this, so such incidents should be rare


Magisk itself allows you to verify your safety net status as shown


IMG:


(Click to enlarge)


Also see What Magisk can't hide for more information


Caution : It's best to keep Magisk and yourself updated with Magisk Github developments so that you minimize the risk
(and your device threads on XDA) . I have been using Magisk and EdXposed on Android 9 and 10 but never faced the issue of safteynet being tripped YMMV


Another useful resource is Magisk Documentation by topjohnwu, developer of Magisk


beeshyams | Sources

Q & A

Google Play store versus Amazon app store
What does this notification icon mean? Samsung s7
How do some android apps remember that this is not the first time they are being installed?
Which one is the 4G sim slot in Redmi 3s prime?
How to revert back to stock Sprint firmware (Galaxy S7) after installing the wrong one?
How do I unmute a contact?
Color saturation cm 13
Where is the chart that shows device model popularity?
Display battery usage
How to disable text message notifications when sleeping?
What might cause Notifications about Instant Messages to appear late and batched up on a Huawei P8 running Android 6?
Android smartphone battery suddenly drained twice as fast than usual
About Android versions and naming
Will Samsung Pay still work on the Gear S3 if you root your Galaxy phone?
Should you delete apps moved to SD card with new ROM?
Setting the CPU governor in CM13?
How do I know if it's safe to opt out of the Android Beta program without wiping my data?
Can chrome-cast be used without Wifi?
Android In-App Purchase Costs More In My Country
Unable to download Google Allo from Google Play Store - Pre-register/Unregister

Topics

2D Engines   3D Engines   9-Patch   Action Bars   Activities   ADB   Advertisements   Analytics   Animations   ANR   AOP   API   APK   APT   Architecture   Audio   Autocomplete   Background Processing   Backward Compatibility   Badges   Bar Codes   Benchmarking   Bitmaps   Bluetooth   Blur Effects   Bread Crumbs   BRMS   Browser Extensions   Build Systems   Bundles   Buttons   Caching   Camera   Canvas   Cards   Carousels   Changelog   Checkboxes   Cloud Storages   Color Analysis   Color Pickers   Colors   Comet/Push   Compass Sensors   Conferences   Content Providers   Continuous Integration   Crash Reports   Credit Cards   Credits   CSV   Curl/Flip   Data Binding   Data Generators   Data Structures   Database   Database Browsers   Date &   Debugging   Decompilers   Deep Links   Dependency Injections   Design   Design Patterns   Dex   Dialogs   Distributed Computing   Distribution Platforms   Download Managers   Drawables   Emoji   Emulators   EPUB   Equalizers &   Event Buses   Exception Handling   Face Recognition   Feedback &   File System   File/Directory   Fingerprint   Floating Action   Fonts   Forms   Fragments   FRP   FSM   Functional Programming   Gamepads   Games   Geocaching   Gestures   GIF   Glow Pad   Gradle Plugins   Graphics   Grid Views   Highlighting   HTML   HTTP Mocking   Icons   IDE   IDE Plugins   Image Croppers   Image Loaders   Image Pickers   Image Processing   Image Views   Instrumentation   Intents   Job Schedulers   JSON   Keyboard   Kotlin   Layouts   Library Demos   List View   List Views   Localization   Location   Lock Patterns   Logcat   Logging   Mails   Maps   Markdown   Mathematics   Maven Plugins   MBaaS   Media   Menus   Messaging   MIME   Mobile Web   Native Image   Navigation   NDK   Networking   NFC   NoSQL   Number Pickers   OAuth   Object Mocking   OCR Engines   OpenGL   ORM   Other Pickers   Parallax List   Parcelables   Particle Systems   Password Inputs   PDF   Permissions   Physics Engines   Platforms   Plugin Frameworks   Preferences   Progress Indicators   ProGuard   Properties   Protocol Buffer   Pull To   Purchases   Push/Pull   QR Codes   Quick Return   Radio Buttons   Range Bars   Ratings   Recycler Views   Resources   REST   Ripple Effects   RSS   Screenshots   Scripting   Scroll Views   SDK   Search Inputs   Security   Sensors   Services   Showcase Views   Signatures   Sliding Panels   Snackbars   SOAP   Social Networks   Spannable   Spinners   Splash Screens   SSH   Static Analysis   Status Bars   Styling   SVG   System   Tags   Task Managers   TDD &   Template Engines   Testing   Testing Tools   Text Formatting   Text Views   Text Watchers   Text-to   Toasts   Toolkits For   Tools   Tooltips   Trainings   TV   Twitter   Updaters   USB   User Stories   Utils   Validation   Video   View Adapters   View Pagers   Views   Watch Face   Wearable Data   Wearables   Weather   Web Tools   Web Views   WebRTC   WebSockets   Wheel Widgets   Wi-Fi   Widgets   Windows   Wizards   XML   XMPP   YAML   ZIP Codes