Image for post
Image for post
Cover of the book “Linux System Programming“ from O’Reilly

本篇作者是 Magisk 開發者;Magisk 是一套開源的 Android 刷機工具。文章中僅會提到 Linux 系統程式設計,與 Android 本身無太大關聯。

最近在寫 Magisk 一個看似很直觀的功能時,發現實作起來異常困難,而且有非常多「陷阱」在裡頭,決定來記錄一下整個思路歷程整理思緒。希望讀者在讀完本篇文章後,能夠對多線程 (multi-threading) 及多程序 (multi-processing) 有更深入的了解,並同時能夠透過此例深刻體會混用 multi-thread 跟 multi-process 是多悲慘的惡夢 😂

(本篇內的 pseudo code 語法介於 Python 跟 JavaScript 之間)


以下討論的所有程式碼將會跑在一個多線程的背景程式 (d …

Back in 2016, I was the typical Android enthusiast: rooting, flashing ROMs, custom kernels, messing with Xposed and such. I just learned C++and know very little in programming other than writing some algorithm assignments. I taught myself scripting (yay, noob upgraded to script kiddo) from snippets of shell scripts throughout XDA: SuperSU and Xposed installation scripts being the most prominent ones I referred to.

I first released Systemless Xposed, the first sort-of impactful release to the community, and immediately start working on a general solution. August 2016, I released Magisk to the public, and the rest is history.

The Struggle

The first…

Image for post
Image for post
Image from

Update: The “LZPlay” website and download links are no longer accessible. Even if you grabbed the APK before it was gone, it no longer works, as the special certificate required to access the “backdoor” is either revoked by the developer or Huawei. In addition, existing devices that used LZPlay to install GMS no longer passes full SafetyNet Attestation, rendering many apps and services unusable, such as Google Pay and many games.

Right off the bat, here’s the TL;DR

The currently widespread method to install Google Services on newly released Huawei devices relies on undocumented Huawei specific MDM APIs. Although this…

Hello, I’m @topjohnwu, the developer of the popular Android modding tool: Magisk. In this article I’d love to share the whole journey from the process of analyzing the root detection mechanism of a popular anime game Fate/Grand Order (US/JP), to discovering a widespread security/privacy bug that exists on potentially millions of Android devices.

Table of Contents


A massive amount of Android devices are affected by a bug that causes /proc to be mounted without hidepid=2, which opens up the ability for unprivileged applications to read many information of other processes. Google promptly updated

John Wu

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store