A new update to Niantic’s Pokémon Go takes a more zealous approach to ferreting out potential cheaters by scanning Android phones for certain jailbreak-related folder names, regardless of the user’s permissions. Ars has independently confirmed reports that Pokémon Go will not launch on Android phones that have an empty folder named “MagiskManager” on their SD card.
That folder name is associated with a popular piece of rooting software, which gives users low-level access to the phone and finer control over the way it functions. But the Pokémon Go check currently blocks access even on unrooted phones where the MagiskManager software hasn’t even been downloaded. The folder name alone is enough to generate an “unauthorized_device_lockout” error from the game, and that error goes away if the folder is deleted.
Surprisingly, Ars testing shows the lockout error happens even when the user hasn’t granted “storage permissions” to Pokémon Go, which would usually be necessary for the app to scan through outside files. A user on the Pokémon Go-focused Silph Road subreddit points to an XDA forums post that suggests Niantic may be using a loophole in Android’s error reporting to get around that lack of permissions.
Basically, when an Android app checks for a file on the phone, the OS sends back a different error for a file that doesn’t exist than for a file that exists but can’t be accessed because of permissions settings. By monitoring those errors, Pokémon Go could scan for the existence of certain file names in the phone’s storage, even if it doesn’t have permission to access those files directly.
A new front in an old war
Pokémon Go has long included a check for evidence that players are running on a rooted Android phone. That’s because rooted phones have an enhanced ability to run cheating software that sends false information to Pokémon Go‘s servers, giving players an effective way to advance in the game without actually playing.
But many legitimate Pokémon Go players use a rooted phone for other purposes without even attempting to cheat at the game. And Niantic’s new check goes further than those in the past, blocking users on unrooted phones who merely show evidence of storing the uninstalled MagiskManager software on their SD card. Niantic has yet to respond to a request for comment from Ars Technica.
XDA user .NetRoller3D first noticed the new file check last Friday, on version 0.115.2 of the game. That check has persisted through another update Niantic rolled out for the game on Monday, suggesting it is more than a temporary test.
Pokémon Go players are already suggesting ways that players can sandbox the game, sequestering it from checking for these files. Nonetheless, it appears Niantic has opened up a new front in its war on potential cheaters on “uncertified devices.”
Ron Amadeo contributed to this report.
Listing image by Nathan Mattise
- Android Q — Google Adds New Mobile Security and Privacy Features
- New Ransomware Not Just Encrypts Your Android But Also Changes PIN Lock
- Warning: Critical WinRAR Flaw Affects All Versions Released In Last 19 Years
- Google Play warns searchers that Fortnite “is not available”
- Latest WinRAR Flaw Being Exploited in the Wild to Hack Windows Computers