RELEASE NOTES
------------------------------------------------------------------------------
Shield for Android - Version 5.6.0 - 2023-05-31


Highlights:
------------------------------------------------------------------------------
- Rooting Hider Detection
- Fix mapping.txt generation for crashlytics


Supported platforms:
------------------------------------------------------------------------------
- Shield is supported on Android 4.4 (API 19) up to Android 13 (API 33).

- The Shielder tool is supported on 64-bit Java 11 or 17 on Windows 10,
  Mac OSX (10.9+) and Ubuntu Linux LTS 20.04 or 22.04.

- ShieldGradlePlugin version 2.0 is supported.


Deprecations:
------------------------------------------------------------------------------
- Google has announced that the next Android NDK (r26) will no longer support
  KitKat (API 19 and 20). The minimum OS supported by the NDK for r26 will be
  Lollipop (API level 21). Shield will switch to that NDK after it is released
  as LTS version. That is will be effective from September 2023.


Changes:
------------------------------------------------------------------------------
* SHAND-3191: The rooting check scans and detects root hider applications.

  This check is designed to detect rooting packages which been hidden by
  advanced tools such as Magisk Manager. The check is executed as part of the
  rooting check.

* SHAND-3502: Fix mapping.txt for Crashlytics.

  Crashlytics needs a mapping.txt that contains entries for both obfuscated and
  not obfuscated classes and members. Previously Shielder wrote only the classes
  and members that were obfuscated. Now Shielder writes the not obfuscated names
  as well.



Highlights from 5.5.0:
------------------------------------------------------------------------------
* SHAND-3344: Amazon App Store Support

  Amazon App Store modifies your application's files.  For all applications,
  Amazon App Store injects some code and files into the application.  This
  modification triggers Shield's default repackaging checks.

  Now Shielder provides a collection of Shielder rules to skip the integrity
  check of the files that are known to be modified by Amazon App Store.  In
  order to use these rules, add the following include statement to your Shielder
  rules:

  ------------
  include "builtin:amazon-app-store-support.cfg";
  ------------

  Note: these rules should only be used if you intend to publish your
  application through the Amazon App Store.

  For more information read the Shielder Usage documentation.


* SHAND-3203: LSPosed hooking framework detection.
  Shield detects now if the LSPosed hooking framework is installed on a device
  and targets a shielded app.


* SHAND-3389: Shielder can now load the application signer certificate from the
  apk if the app is signed with APK Signature Scheme 2 or 3 and does not have
  the v1 Scheme Signature any more.  The v1 scheme signature is no longer added
  for a default Android Studio project with `minSdkVersion > 24`.  The APK
  signature is used in shield's repackaging check when the application is
  configured with `applicationSignerCertificate` "auto" (this is the default) or
  "original".

  Example:
  ---
  <?xml version="1.0" encoding="UTF-8"?>
  <shield>
    <config>
      <applicationSignerCertificate v="auto" />
      <applicationSignerCertificate v="original" />
      ...
    </config>
  </shield>
  ---

  See also https://source.android.com/docs/security/features/apksigning


Highlights from 5.4.0:
------------------------------------------------------------------------------
* SHC-221: Added configuration option to check for config updates on launch

  If an application uses "configUpdate", then Shield looks for a configuration
  update if Shield is shutting down due to security policy violations.  With the
  new configuration option "checkConfigUpdateOnLaunch", Shield can be configured
  to check for a configuration update at launching the application.  The updated
  configuration is going to be effective in the next launch.

  Example:
  ---
  <?xml version="1.0" encoding="UTF-8"?>
  <shield>
    <config>
      <configUpdate>
        <URL v="https://config-update.example.com/update/config.dat" />
      </configUpdate>
      <checkConfigUpdateOnLaunch v="true" />
      ...
    </config>
  </shield>
  ---


* SHAND-3224: Added detection of VMOS Emulators.

  VMOS is an Android application, which can create emulators on an Android
  device.  VMOS provides the possibility to create highly configurable emulator
  images.  Some of these images may be rooted, some may have Xposed installed.

  VMOS Emulator detection is part of the "checkEmulator"/"exitOnEmulator" shield
  configurable (config.xml):
  ---
  <?xml version="1.0" encoding="UTF-8"?>
  <shield>
    <config>
      <checkEmulator v="true" />
      <exitOnEmulator v="true" />
      ...
    </config>
  </shield>
  ---
  Note: checkEmulator and exitOnEmulator are enforced for the release profile.

  There may be VMOS images which are not yet detected by libshield as emulators.
  Rooted VMOS images may be detected as rooted.  So it may be useful to enable
  checkRooting (is enforced for the release profile) and exitOnRooting:
  ---
  <?xml version="1.0" encoding="UTF-8"?>
  <shield>
    <config>
      <checkEmulator v="true" />
      <exitOnEmulator v="true" />
      <checkRooting v="true" />
      <exitOnRooting v="true" />
      ...
    </config>
  </shield>
  ---

* SHAND-3111: Add option to exclude an activity from the screenshot block.

  If shield is configured with "blockScreenshots" to block screenshots from
  being taken of the app, that is, in config.xml:
  ---
  <?xml version="1.0" encoding="UTF-8"?>
  <shield>
    <config>
      <blockScreenshots v="true" />
      ...
    </config>
  </shield>
  ---

  Then the Shielder rule "allowScreenshotsForActivity" can be used to exclude an
  activity class from this block.  That is, adding this rule in rules.cfg:
  ---
  allowScreenshotsForActivity com.example.DontBlockScreenshotsFromMyActivity;
  ---
  tells shield to allow screenshots if the specified activity is visible, even
  blockScreenshots is enabled.

  The argument for "allowScreenshotsForActivity" is the class name of an
  activity.

  A use case for this feature may be an app that wants their users to take a
  screenshot of a specific activity to verify payments, receipts, etc.


Highlights from 5.3.0:
------------------------------------------------------------------------------
* Added new feature App Attestation, which can be used to verify on a
  server-side that an app with Shield is being used on the client side.

  App Attestation comes with client side APIs that must be used with Shield,
  and a Java backend implementation which should be integrated server-side.


Highlights from 5.2.0:
------------------------------------------------------------------------------
* SHAND-3204: Fixed crash on Android 7 and 8 for applications using Gson

  If an app used Gson (com.google.code.gson) to convert between json and Java,
  and the app was big enough to be split into several classes.dex, then there
  may be a crash like the following on starting the application on an Android 7
  or Android 8 device:

    java.lang.AssertionError: illegal type variable reference
       at libcore.reflect.TypeVariableImpl.resolve(TypeVariableImpl.java:111)
       at libcore.reflect.TypeVariableImpl.getGenericDeclaration(TypeVariableImpl.java:125)
       at libcore.reflect.TypeVariableImpl.hashCode(TypeVariableImpl.java:47)
       at java.util.Arrays.hashCode(Arrays.java:4153)
       at com.google.gson.internal.$Gson$Types$ParameterizedTypeImpl.hashCode($Gson$Types.java:502)
       at com.google.gson.reflect.TypeToken.<init>(TypeToken.java:64)
       ...

  The crash is caused by a problem in the Android ClassLoader that expects the
  com.google.gson.* classes and their Annotations to be in the same classes.dex
  file.  The com.google.gson.* classes rely on a lot of reflection to be able to
  convert generic json into som Java representation.

  Shielder used a random assignment for classes into classes.dex and thus could
  not ensure that some classes were required to be packaged with the same
  classes.dex index.

  With this fix Shielder tries now to retain the original classes.dex index when
  encoding the shielded application.

  Note: The ClassLoader for Android versions 6 and earlier or 9 and newer
  doesn't have this problem.


* SHAND-3189: Fix downloading updatable config when the application exits early.

  If updatable configuration is enabled, that is, the application is shielded
  with configuration like:

    <configUpdate>
      <URL v="https://config-update.example.com/config/config.dat"/>
    </configUpdate>

  and Shield was configured to exit on detection of a security risk with loading
  some a URL in a browser:

    <exitOnXxxxURL v="https://www.example.com?reason=%REASON%&amp;..."/>

  and Shield detected this security risk early on starting the application,
  then the application was terminated without trying to download the updatable
  configuration file.

  With this fix, the updatable configuration is downloaded.

  Note: see also the documentation "Updatable Configuration".


* SHC-297: Update org.apache.commons.text to version 1.10.0 in Shielder

  There is the vulnerability CVE-2022-42889 in org.apache.commons.text in
  version 1.5 to 1.9.
  Though Shielder never used any of the vulnerable code.


* SHAND-3174: Disable scanning of installed hooking frameworks packages.

  The hooking framework package scanner uses an Android API (PackageManager) to
  check if some well known hooking framework packages are installed.  This API
  may be restricted by the PIPL.  To avoid violating the PIPL, the scanning of
  installed packages is skipped if PIPL support is enabled in the Shield
  configuration (see also below):

      <PIPLSupport v="true" />

  Note: this increases the risk of not detecting the hooking frameworks
  packages slightly.


Highlights from 5.1.0:
------------------------------------------------------------------------------
* SHAND-3104: Support PIPL (Personal Information Protection Law)

  In some countries (for example, China) the regional app stores enforce a
  "Personal Information Protection Law" (PIPL), which requires applications to
  ask app users for consent to use some Android APIs.  Shield uses some of the
  Android APIs that are covered by the PIPL in the security assessment of the
  application environment.  To comply with the PIPL, an application can add a
  dependency on the new ShieldSDK-PIPL library:

  app/build.gradle
  ---
  dependencies {
      implementation 'no.promon.shield:ShieldSDK-PIPL:+'
      ...
  }
  ---

  The ShieldSDK-PIPL library provides an annotation `@ConsentActivity`.  This
  annotation can be used by the application to automatically register the
  consent activity for the PIPL requirements.  In this activity, Shield will not
  run security checks that are restricted by the PIPL.

  The annotation is used like:
  ---
  package com.example.myactivities;

  import androidx.appcompat.app.AppCompatActivity
  import no.promon.shield.pipl;

  @ConsentActivity
  class MyConsentActivity : AppCompatActivity() {
      ...
  }
  ---

  Inside this activity you need to inform the user that the application uses
  Android APIs that are restricted by the PIPL.

  In addition you need to enable the configuration option "PIPLSupport" in the
  Shield configuration:

  config.xml:
  ---
  <?xml version="1.0" encoding="UTF-8"?>
  <shield>
    <config>
      <PIPLSupport v="true" />
      ...
    </config>
  </shield>
  ---



Shield Gradle Plugin:
------------------------------------------------------------------------------

Shield Gradle Plug-in can be downloaded from:

https://dl.promon.no/pub/android/gradle/doc/shield-gradle-plugin-2.0.1.pdf
https://dl.promon.no/pub/android/gradle/jar/shield-gradle-plugin-2.0.1.jar


Known limitations:
------------------------------------------------------------------------------
- Android App Bundles:
  Shielder's support for Android App Bundles with multiple modules
  does not work for apps with minSdk set to Android 4.x or lower (<21)

  In those cases, building an APK is a better option.

  The Shield Gradle plug-in version 1.x does not support building app bundles,
  in those cases Shield Gradle plug-in version 2 is needed.

- Magisk and root hider tools on new Android versions
  Root hider tools such as Magisk Hide is designed to hide the fact that
  the device is compromised (rooted).

  Android has been increasingly restricted in what can be inspected and
  observed of the system from inside an app.

  This means that a rooted system with a root hider tool can be hard to
  detect due to missing privileges.

  On Android 8+, Shield may not able to reliably detect a rooted device with
  Magisk Hide depending on the version of these tools.

- The SecureEditText in-app keyboard has focus problems on dialog windows on
  tablet devices.


Tested devices:
------------------------------------------------------------------------------
Asus Nexus 7 (Android 4.4.4 - KitKat)
Asus Nexus 7 (Android 5.0 - Lollipop)
Asus ROG Phone (Android 8.1 - Oreo)
Asus Zenfone 2 (Android 5.0 - Lollipop)
Asus Zenfone 4 (Android 7.1.1 - Nougat)
Asus Zenfone4 SelfiePro (Android 7.1 - Nougat)
Asus ZenPad 10 (Android 7.0 - Nougat)
Google Pixel 2 (Android 10 - Q)
Google Pixel 2 (Test) (Android 11 - R)
Google Pixel 2 (Android 9.0 - Pie)
Google Pixel 2 XL (Android 10 - Q)
Google Pixel 3 (Android 10 - Q)
Google Pixel 3 XL (Android 10 - Q)
Google Pixel 4 (Android 11 - R)
Google Pixel 4 XL (Android 11 - R)
Google Pixel (Android 9.0 - Pie)
Google Pixel 5 (Android 11 - R)
Google Pixel 5 (Android 12 - S)
Google Pixel 5a (Android 12 - S)
Google Pixel 5 (Android 13 beta 3.2)
Google Pixel 5a (Android 13 beta 3.2)
Huawei Honor 6 (Android 4.4.2 - KitKat)
Huawei Honor 6X (Android 7.0 - Nougat)
Huawei Honor 7 (Android 5.0.2 - Lollipop)
Huawei Honor 9X 9.0 (Pie)
Huawei Mate 10 Pro (Android 8.0 - Oreo)
Huawei Mate 30 (Android 10 -Q)
Huawei Mate 30 Pro (Android 10 - Q)
Huawei Mate 9 (Android 7.0 - Nougat)
Huawei MediaPad M5 BAH2-W19 (Android 8.0 - Oreo)
Huawei MediaPad M5 CMR-W09 (Android 9.0 - Pie)
Huawei Nexus 6P(Nexus 6P) (Android 8.1.0 - Oreo)
Huawei Nova 5T (Android 9.0 - Pie)
Huawei P Smart (Android 8.0 - Oreo)
Huawei P10 (Android 7.0 - Nougat)
Huawei P20 Pro (Android 8.1 - Oreo)
Huawei P9 (Android 6.0 - Marshmallow)
Huawei P9 Lite (Android 6.0 - Marshmallow)
Huawei Y6II Compact (Android 5.1 - Lollipop)
Lenovo Vibe K5 Note (Android 6.0 - Marshmallow)
Lenovo Yoga tablet (Android 4.4.2 - KitKat)
LG G4 (Android 5.1 - Lollipop)
LG G4 Dual(LG-H818) (Android 6.0 - Marshmallow)
LG G5 (LG-H860) (Android 6.0.1 - Marshmallow)
LG G6 (Android 7.0 - Nougat)
LG Nexus 5 (Android 6.0 - Marshmallow)
LG Nexus 5X (Android 8.0 - Oreo)
LG V30 (Android 7.1.2 - Nougat)
Motorola Moto E (6) Plus (Android 9.0 - Pie)
Motorola moto G (6) plus (Android 8.0 - Oreo)
Motorola Moto G (8) Power (Android 10 - Q)
Motorola Moto G4 Plus (Android 7 - Nougat)
Motorola Moto X4 (Android 7.1.1 - Nougat)
Nokia 2.3 (Android 11 - R)
Nokia 2.4 (Android 11 - R)
Nokia 7.2 10.0 (Android 10 - Q)
OnePlus OnePlus 5 (Android 7.1.1 - Nougat)
OnePlus OnePlus 6 (Android 8.1 - Oreo)
OnePlus OnePlus 6T (Android 9.0 - Pie)
OnePlus OnePlus 7T Pro (Android 10 - Q)
OnePlus OnePlus 8 Pro (Android 11 - R)
OnePlus OnePlus 9 (Android 12 - S)
Oppo A37fw (Android 5.1.1 - Lollipop)
Oppo A5 (Android 8.1 - Oreo)
Oppo A5s (Android 8.1 - Oreo)
Oppo F1 plus (Android 5.1 - Lollipop)
Oppo R9m (Android 5.1 - Lollipop)
Oppo Reno5 5G (Android 11 - R)
Samsung Galaxy A50 (Android 9.0 - Pie)
Samsung Galaxy A6 plus (Android 9.0 - Pie)
Samsung Galaxy A71 (Android 10 - Q)
Samsung Galaxy A8 (Android 8.0 - Oreo)
Samsung Galaxy A9 (2) (Android 8.0 - Oreo)
Samsung Galaxy A9 (Android 9.0 - Pie)
Samsung Galaxy J2 (2015) (Android 5.1.1 - Lollipop)
Samsung Galaxy J2 (2016) (Android 6.0.1 - Marshmallow)
Samsung Galaxy J3 (Android 8.0 - Oreo)
Samsung Galaxy J4 plus (Android 8.1 - Oreo)
Samsung Galaxy J5 (Android 7.0 - Nougat)
Samsung Galaxy J6 (Android 8.0 - Oreo)
Samsung Galaxy J7 (Android 7.0 - Nougat)
Samsung Galaxy Note 10 Lite (Android 10 - Q)
Samsung Galaxy Note 4 (Android 6.0.1 - Marshmallow)
Samsung Galaxy Note 8 (Android 8.0 - Oreo)
Samsung Galaxy Note 9 (Android 8.1 - Oreo)
Samsung Galaxy On Nxt (Android 8.1 - Oreo)
Samsung Galaxy S10 (Android 12)
Samsung Galaxy S10 (Android 10 - Q)
Samsung Galaxy S10 e (Android 9.0 - Pie)
Samsung Galaxy S10 plus (Android 9.0 - Pie)
Samsung Galaxy S20 5G (Android 11 - R)
Samsung Galaxy S4 (Android 5.0.1 - Lollipop)
Samsung Galaxy S5 (Android 6.0.1 - Marshmallow)
Samsung Galaxy S6 (Android 7.0 - Nougat)
Samsung Galaxy S6 Edge (Android 6.0 - Marshmallow)
Samsung Galaxy S6 Edge (Android 7.0 - Nougat)
Samsung Galaxy S6(SM-G920I) (Android 7.0 - Nougat)
Samsung Galaxy S7 (2) (Android 8.0 - Oreo)
Samsung Galaxy S7 Edge (Android 6.0.1 - Marshmallow)
Samsung Galaxy S7(SM-G930FD) (Android 8.0 - Oreo)
Samsung Galaxy S8 (Android 8.0 - Oreo)
Samsung Galaxy S8 plus (Android 8.0 - Oreo)
Samsung Galaxy S9 (Android 8.0 - Oreo)
Samsung Galaxy S9 plus (Android 8.0 - Oreo)
Samsung Galaxy Tab S4 (Android 9.0 - Pie)
Samsung Galaxy Xcover 4 (Android 7.0 - Nougat)
Samsung Galaxy Z Flip (Android 10 - Q)
Samsung Galaxy Z Fold 2 5G (Android 10 - Q)
Sony Xperia 1 (Android 9.0 - Pie)
Sony Xperia Z (Android 5.1.1 - Lollipop)
Sony Xperia Z3 (E6553) (Android 6.0 - Marshmallow)
Sony Xperia Z4 Tablet (Android 5.0.2 - Lollipop)
Sony Xperia Z5 Dual(E6683) (Android 7.1.1 - Nougat)
Vivo 1916 (Android 9.0 - Pie)
Vivo S1 1907 (Android 9.0 - Pie)
Vivo S7e (Android 10 - Q)
Vivo V2029 (Android 10 - Q)
Vivo X30 Pro (Android 9 - Pie)
Vivo X60 (Android 11 - R)
VSmart Live (Android 9.0 - Pie)
Xiaomi MI 8 (Android 8.1 - Oreo)
Xiaomi MI 9 (Android 9.0 - Pie)
Xiaomi Mi A2 (Android 8.1 - Oreo)
Xiaomi MI MAX 2 (Android 7.1.1 - Nougat)
Xiaomi MI Mix 2s (Android 8.0 - Oreo)
Xiaomi MI Mix 3 (Android 9.0 - Pie)
Xiaomi Mi Note 10 (Android 9.0 - Pie)
Xiaomi Redmi 3S (Android 6.0.1 - Marshmallow)
Xiaomi Redmi 4 (Android 6.0.1 - Marshmallow)
Xiaomi Redmi 4A (Android 6.0.1 - Marshmallow)
Xiaomi Redmi 5 (Android 7.1.2 - Nougat)
Xiaomi Redmi Note 4 (Android 7.0 - Nougat)
Xiaomi Redmi Note 8 Pro (Android 9.0 - Pie)