How an anime game discovered an Android security flaw

game anime bug security android

The popular Android video game Fate / Grand Order uses a detection system root which has made it possible to detect a security failure in the system. This is the story and the anime is to blame.

The root detection system of Fate / Grand Order lets you discover an Android security flaw

Fate / Grand Order is a anime video game for Android very popular that also poses a problem for those users who use the rooting on your devices. The game uses a root detection system to block its use in case the mobile is rooted. It is something that also happens with other applications, which do not like to allow its use to those with superuser permissions.

For those root users who wanted to play Fate / Grand Order a system was created that allowed to skirt that limit. In general, it worked without problems ... except on devices OnePlus. No matter how hard you tried, it was not possible to jump the limit in the smartphones of the Chinese firm. Finally, and after thoroughly investigating the problem, it was concluded that it was due to a system security failure.

Download Fate / Grand Order from the Google Play Store

Procfs, this is the information about the memory usage of other applications

Long story short, the problem lies in the file system procfs, which contains the information regarding the memory usage of other applications. From Android Nougat, Google blocks applications from accessing this file by giving it a certain value. Each app can only read its own use, requiring user permissions to be able to read.

game anime bug security android

Google enforces this restriction on its own devices; but some smartphones from LG, OnePlus, Huawei / Honor, Xiaomi and other brands are not. As a result, the value of procfs it is not correct and any application can read the memory usage that other applications are doing. And that's what Fate / Grand Order did to detect the use of tools such as Magisk and determine whether or not root was used on a device.

Is it a serious failure? It has a solution?

Although we are not facing a serious system failure, we are facing a security failure that allows us to detect which apps are installed on a terminal and what use they make of memory. This is relevant because it is usage data that remains uncovered. Luckily, it has a solution. Google will start forcing all brands to ride procfs with the correct value. Also, manufacturers like OnePlus they have already been briefed to work on their own solutions and protect consumers. And if you want to see if you are affected, just download ProcGate and check the results.