IT'S BAD NEWS for those of you who were eyeing-up Huawei's Mate 30 flagship, as it's once again unable to install Google Play Services - even unofficially.
While, hardware-wise, the Mate 30 is arguably Huawei's most exciting smartphone to date, it's also its first handset to launch without access to Google apps after the firm failed to secure an exemption to the US ban that prevents it from launching devices with Google Play certification.
To make matters worse, Huawei confirmed at the launch that it wouldn't be unlocking the Mate 30's bootloader, which would have allowed users to sideload Google Play.
Last week, however, a shady Chinese app called 'LZPlay' offered a glimmer of hope for Mate 30 users by enabling them to sideload Google Play onto the device without unlocking the bootloader or rooting the device.
This, unsurprisingly, rang alarm bells among the security company, and John Wu, one of Android's leading security researchers and the creator of Magisk, has dug deeper into how the third-party app was able to install Google apps on the Huawei Mate 30.
Wu perhaps uncovered more than he had bargained for; he found that LZPlay hooks into a set of undocumented Huawei APIs hidden in the Mate 30's software, acting as a sort of "backdoor" that allows non-system apps access to elevated permissions and privileges.
What's more, in news that likely has the US government rubbing its hands together in glee, Wu's research claims that in order to use these undocumented permissions, the anonymous developer of LZPlay would need to have received certification from Huawei.
"At this point, it is pretty obvious that Huawei is well aware of this 'LZPlay app, and explicitly allows its existence," Wu claims. "The developer of this app has to somehow be aware of these undocumented APIs, sign the legal agreements, go through several stages of reviews, and eventually have the app signed by Huawei.
"The sole purpose of the app is to install Google Services on a non-licensed device, and it sounds very sketchy to me."
In a statement given to INQ, a Huawei spokesperson said: "Huawei's latest Mate 30 series is not pre-installed with GMS, and Huawei has had no involvement with www.lzplay.net."
Since Wu published his findings, LZPlay has been taken down. Curiously, Mate 30 phones that used the workaround to install Google Play now fail Google's SafetyNet tests, which essentially labels the devices as compromised and insecure and blocks the use of services like Google Pay. µ
Watch your back, Huawei
Porn-based prattery gets fisted
As long as it follows the rules
The Home in the home could be a legal minefield