Integrity doesn't guarantee any security to your device, just that the device is same as from the factory. That's a common misconception.

▲

jeroenhd an hour ago | parent [-]

"strong integrity" also takes into account if a security update has been installed recently enough. I don't believe hardware integrity spoofing has been accomplished on Android yet. Software integrity and compatibility with old hardware has been used to spoof device IDs and pretend a phone doesn't have the ability to do hardware attestation.

It's technically possible to exploit a kernel and get root access on a running device, of course, but the persistent root that is used most often will be detected by hardware integrity mechanisms. Exploit based root might be as well if it makes itself detectable enough.

	▲	Terr_ 7 minutes ago \| parent \| next [-]
		> if a security update has been installed recently enough In turn, this enables any tyrannical or anti-competitive demand which can be implemented in software, such as "user is not on the blasphemer list" or "all communications are being CC'ed to the Ministry of Truth."
	▲	realusername an hour ago \| parent \| prev [-]
		> "strong integrity" also takes into account if a security update has been installed recently enough. My Galaxy S10, last update in 2023 passes strong integrity. With the little amount of security updates most Android devices have, I'm pretty sure you can find an exploit for pretty much everything except the most expensive flagships. What does integrity really means when nobody really knows what's in the device and with a terrible software update policy anyways.