Quote: Originally Posted by Naudiz Originally Posted by But build-number in "about phone" shows "release-keys" for me 🤔

I do not know what that means.Let me belief on what I did so people could comment if I'm using the correct methodology.I copied one of the APK that is shipped with the ROM with a root explorer.Next, I extract the APK and find the CERT.RSA file in the META-INF directory.As a last step, the certification file is dumped with 'keytool -printcert' for eyeballing, confirming it to be the same testkey in that github repo.Actually I'm not confident if I'm doing the right thing here, because I know very little about how the platform-key signing works.I've never heard of it before, until got warned by a thread in a Chinese forum discussing this specific security risk recently.That thread links to a demo of such platform-key signed app which claims to provide similar feature as icebox.Most people in that thread reported back 'fail to install'. However, unfortunately it got through with @ Sultanxda 's ROM.The installed app shown up in XPrivacyLua with a UID 1000, which is used in many system app.This really makes me feel uncomfortable..