New OTA from 20 minutes ago already secured, dumped and patched. Seemingly the only API security that changed is that the C++ file now outputs a different string, nothing else. Cringe.
@JackRhysider
The way the API checks for if you actually own an r1 device, and not run the dumped APK like we have been doing on different devices, is to check a few request headers.
These headers are set by the app and include device credentials like IMEI, OS version and App version. These…