[bluesign]

This works for sure, but only on jailbroken devices.

On the other hand, facebook can check (at least on IOS) easily if the device is jailbroken and behave differently.

You can also patch binary and inject some code, (probably swizzle AVAudioRecorder methods) for the same effect.

In this case, Facebook can check binary integrity, and change behavior accordingly.

So this is kind a cat and mouse game.

[lucideer]

> On the other hand, facebook can check (at least on IOS) easily if the device is jailbroken and behave differently.

I'm not 100% sure what's involved in jailbreaking iOS, but I'm pretty sure on a rooted Android you could put measures in place to "fake" results for any root checks the Facebook app would run. You could patch any APIs Facebook could use to make such checks.

[userbinator]

Indeed, that's the whole point of having "root" --- to have complete control over the device and what the applications on it see.

It is a bit of a cat and mouse game, but as the long history of software cracking shows, as long as they still own the machine, the crackers always have the upper hand.

[perfectstorm]

what we really need is a Facebook whistleblower.

[brandontreb]

Interesting. So you are suggesting they may have already considered this and may have some defensive programming around it?

[bluesign]

I don't think Facebook will do this to be honest.

But if they decide to do, I think best way of action will be some defensive programming around it, with plausible deniability.

I am guessing they are already checking binary integrity etc, also they can probably push code updates from server. So when you put this pieces together, they have everything they need technically.

[brandontreb]

So, code updates from the server doesn't matter as we can hook all of the audio recording APIs at a system level. Their _only_ defense IMHO is to NOT do it on Jailbroken devices. You are right, it's super easy to detect jailbroken devices.

[bluesign]

Technically they can also check if you hooked on the recording APIs. This is like a rabbit hole :)

[conradev]

It's not a cat and mouse game if you put this detection in a process that Facebook does not have access to.