BuddyChristMKBuddyChristMK ✭✭
edited February 8 in General

How it happens that even if you decline permission to read internal storage to ingress app it still reads it? And why it even cares about twrp folder? Why it even cares about any folder? Privacy here is the main concern. What it does with my photos for example? I don't want to share my data with any third party, specially if it happens without me even knowing it.

What do you think?

Post edited by BuddyChristMK on


  • HydraulinskiHydraulinski ✭✭✭✭✭

    It checks were you placed the spoofapp folder.

  • CliffMCliffM ✭✭✭✭
    edited February 9

    What I think you are saying is that you are denying Ingress the permission to read Internal storage at install/first time you run the App, yet it is still able to run without it, and detect a file or folder on the filesystem. I agree, this is troublesome. Ingress should not be able to read the filesystem, if you specifically tell it not to. However, if you deny Ingress access, it shouldn't run at all. Niantic has decided, right or wrong, that they do not wish for Ingress and their other games to not run on a rooted phone. Rooting does allow you to modify or fake your location, so this is a valid concern. Player are begging them to do something about spoofers, or cheaters who are able to modify or fake their location, and so I applaud them for doing something, even if some believe it's not the right approach.

    What I am not so thrilled about is the apparent ability to bypass OS permissions to read the file system. Ingress should request the permission, and then not run if denied.

    Post edited by CliffM on
  • SSSputnikSSSputnik ✭✭✭

    Hard to tell without detailed knowledge of what happens. Anyone got a phone rooted with twrp they can report details on? Most apps need basic access. Like telegram for instance to send a file.

    I fully endorse Niantic not allowing rooted phones.

  • MoogModularMoogModular ✭✭✭✭

    Preventing rooted phones from playing is a bandaid. It's also a very false fallacy to assume that if I root my phone, it's of a malicious behavior.

    The spoofing that has been going on does not need root especially if it's being done by emulation through the computer (you can run android on any computer) or a modded apk. I'm surprised they are checking the storage for TWRP - that is for phone recovery and flashing. I understand looking for magisk files but it seems a bit odd.

  • I well understand that.

    These days root is usually more trouble than it's worth. I used to run custom roms back in the day but only due to supplied OS being suboptimal. (IE not for malicious reasons).

    Now, the hassle of getting updates to OS its just not worth it unless you have a specific requirement.

    Still unsure why Niantic are not throwing machine learning at the spoofer issue.

  • MoogModularMoogModular ✭✭✭✭

    Or hiring white hats. There's a lot of people interested with programming that would love to understand more on how their favorite games run. I understand this is essentially Niantic's product but at the same time this can provide extra security for Niantic's products - provided they negotiate NDA to the interested users. Think the same idea of bug bounties with Google's code.

Sign In or Register to comment.