device-root/com.pingidentity.device.root.detector/DangerousPropertyDetector

DangerousPropertyDetector

object DangerousPropertyDetector : SystemPropertyDetector

Pre-configured tamper detector that checks for dangerous Android system properties.

This detector extends SystemPropertyDetector and specifically looks for system properties that indicate the device is running in a potentially compromised or insecure state.

The detector checks for two critical security properties:

ro.debuggable=1: Indicates the system is built with debugging enabled, which:

  • Allows applications to be debugged even in production

  • Enables additional system access and debugging tools

  • Is typically only present in development or custom builds

  • May indicate a custom ROM or modified firmware

ro.secure=0: Indicates the system boot process is not secure, which:

  • Allows unsigned system images to boot

  • Bypasses Android Verified Boot security checks

  • Is commonly found on rooted devices or custom firmware

  • Represents a significant security vulnerability

These properties are set during the Android build process and are difficult to modify after compilation, making them reliable indicators of system integrity.

The scoring system returns a Double value:

  • 1.0 indicates at least one dangerous property was found (high confidence of tampering)

  • 0.0 indicates no dangerous properties were found

Example usage:

val detector = DangerousPropertyDetector()
val isTampered = detector.isTampered(context)

// Or in analyze DSL:
val isTampered = analyze {
    detector {
        add(DangerousPropertyDetector())
    }
}
Content copied to clipboard

See also

Properties

Link copied to clipboard
open override var logger: Logger

Logger instance for logging detector operations and results.

Functions

Link copied to clipboard
open suspend override fun analyze(context: Context): Double

Determines if the device has been tampered with by checking system properties.