- Joined
- Jun 30, 2010
- Messages
- 4,105
- Reaction score
- 2,276
- Current Phone Model
- Google Pixel XL/Galaxy Note 8
- DroidNCState
A recent report states in a bid to increase the security of the Android operating system, Google introduced a new check for malware as part of the boot process in all Android devices. Up until Marshmallow, the software ran a check as part of the boot process, the phone would warn you that your phone was compromised but would continue to let the phone boot up. In Nougat however, Google is taking this security check to a new level.
Nougat strictly enforces that boot check, giving you far more than a warning. What happens is if your phone is infected with types of malware, your phone will refuse to boot or will boot in a limited capacity mode (Maybe in safe mode). However, the corruption of data could also mean that your phone will refuse to boot up…
Android has alerted about system integrity since Marshmallow, but starting with devices first shipping with Android 7.0, we require verified boot to be strictly enforcing. This means that a device with a corrupt boot image or verified partition will not boot or will boot in a limited capacity with user consent. Such strict checking, though, means that non-malicious data corruption, which previously would be less visible, could now start affecting process functionality more.
In the changes we made to dm-verity for Android 7.0, we used a technique called interleaving to allow us to recover not only from a loss of an entire 4 KiB source block, but several consecutive blocks, while significantly reducing the space overhead required to achieve usable error correction capabilities compared to the naive implementation.
However, for those who root or use custom firmware, this could pose a problem as Google says that any device with a locked bootloader will use this to check for modifications. Unless your smartphone has an unlocked bootloader , using custom ROMs and tinkering with your smartphone will be a lot harder with Nougat.
What do you guys think of the changes to the boot process in Nougat and the additional security?
Source