According to the report, security researcher John Wu published a blog post http://bit.ly/2p5d2Cu Tuesday that explained how users of Huawei's Mate 30 Pro were able to manually download and install Google apps, despite a US blacklisting that prohibits the Chinese company from using American components and software.
That most significantly means no access to the Google Play Store and its vast library of apps, but it also locks you off from the likes of Google Maps and Gmail.
Huawei is not allowed to have any Google apps pre-loaded on their new devices, such as the Mate 30, due to the ongoing US-China trade war, which bans American firms from doing business with the Chinese tech giant.
A Huawei spokeswoman denied any relationship with LZPlay.
The now widespread method to install Google Services on newly released Huawei devices relies on undocumented Huawei specific MDM APIs.
Google digitally "signs" these stubs with a secret code so that they will not be used to install counterfeit or malicious clones of Google apps. Huawei has been on a United States trade blacklist since May.
Wu goes into some detail in his post, though through manually installing Google Mobile Services via an app called LZ Play, users were able to take advantage of an oversight. Instead of using Google's normal verifications to install and run Google apps, which would have failed, the LZPlay app bypassed them by using Huawei's system permissions, which include two extra hidden options for high-level installation privileges.
Thus, Huawei fans were relieved when LZPlay appeared recently.
Huawei's own apps, plus its own storefront, the App Gallery, are the smartest replacement for the Play Store and Google's apps, but the App Gallery is not now optimised for users outside China. It could install GMS packages on the Mate 30 Pro without rooting or unlocking the bootloader, both of which require security workarounds.
For some reason, Huawei has undocumented MDM APIs that allow apps to install system apps and install undetachable apps.
According to the report, Mate 30 devices had passed Google's SafetyNet anti-abuse check last week.
So, the Mate 30 Pro is in a rough spot.
It's a change that isn't terribly surprising given that the Huawei Mate 30 range was never meant to have access to these things anyway, but it's still unfortunate, especially as the workaround sounded quite simple, so a large number of people may have taken advantage of it.