Obviously I don't know the implementation details of how Netflix is detecting rooted devices, but my guess is they're using Play Services's new "GMS Certification".
This involves using signed hardware that helps determine if the execution environment is trusted. So, users can still root the device, but Android + Play Services can still determine if features (such as DRM) can be relied on.
It makes sense for Google to develop these features, especially as it wants to move Android to new devices (Cars?), reduce risk for mobile payments, in addition to giving stronger security features to content distributors. This also lets Android devices compete with security features like Apple's secure enclave.
Honestly, if you are going to root your device you must accept you are not using it in the supported way the vendor intends. Therefore, you should not expect all the features of the supported configuration. I think that's a fair trade-off. Rooting your device is awesome!
I think it's actually the SafetyNet Attestation API. Checking for root means requiring "certified, genuine device that passes CTS". It also excludes "genuine but uncertified device, such as when the manufacturer doesn't apply for certification".
https://developer.android.com/training/safetynet/attestation...
I was reluctant to unroot an old phone to try Android Pay, but having to do it just to watch some movies a tad too far. For me anyway.
https://phunehehe.net/xperia-android/
My Nexus 6p is running the latest purenexus room, so it is unlocked. Before I rooted, I installed both DirecTV and Netflix and logged in to both. Rebooted recovery, flashed magisk 12, rebooted. installed magisk manager from playstore, enabled su hide in magisk settings. Rebooted again. pass safety net, Netflix works like always
So ... because the vendor doesn't support you modifying something that you bought from them, it's also ok that they then intenionally break it? I'm not sure I am following ...
This is very unlikely. If they use the Safetynet API provided by Google (and why should they not), your phone tells the Google server whether your phone is okay (this includes root and other things) and the Netflix server would ask Googles servers whether the client is acceptable. Changing code in the app won't help much because the check is serverside.
Actually the check is a combination of serverside and client side. The server generates a random binary with a predictable output. The client then executes the binary and verifies its output with the server. It's a very clever trick and nearly impossible to spoof.
This involves using signed hardware that helps determine if the execution environment is trusted. So, users can still root the device, but Android + Play Services can still determine if features (such as DRM) can be relied on.
It makes sense for Google to develop these features, especially as it wants to move Android to new devices (Cars?), reduce risk for mobile payments, in addition to giving stronger security features to content distributors. This also lets Android devices compete with security features like Apple's secure enclave.
Honestly, if you are going to root your device you must accept you are not using it in the supported way the vendor intends. Therefore, you should not expect all the features of the supported configuration. I think that's a fair trade-off. Rooting your device is awesome!