Android 7.0 Nougat To Strictly Enforce Verified Boot, Here’s What That Means For Modders
A new post published over at the official Android Developers Blog has highlighted some new information about Android 7.0 Nougat that will not come as welcome news to those who like to modify and root the Android operating system.
Sami Tolvanen, a software engineer involved in the continued development of the world’s most popular mobile operating system, has authored a post that essentially tells Android developers that as of Android 7.0 Nougat, the platform’s verified boot feature will be no longer be optional, but instead will be strictly enforced, at least on the bootloader locked devices.
The post starts off by waxing lyrical about Androids “multiple layers of protection” that have been put in place to protect the individual using the Android device. For those that may not be particularly au fait with the underlying technical composition of Android, the platform has shipped with a layer of security called ‘verified boot’ ever since Android 4.4 KitKat. That security layer uses cryptographic integrity checking to verify and detect any changes to the operating system. Up until now, that check has been optional thanks to a kernel feature.
This system has become further rooted into the Android OS as the platform has developed, resulting in Android Marshmallow alerting about any potential system integrity issues that are identified. With Android 7.0 Nougat, it will be ramped up further by making verified boot a mandatory process that won’t physically allow Android to boot up, or will only allow a limited capacity boot, if the system detects any type of internal corruption in the boot image or partition.
Android has alerted about system integrity since Marshmallow, but starting with devices first shipping with Android 7.0, we require verified boot to be strictly enforcing. This means that a device with a corrupt boot image or verified partition will not boot or will boot in a limited capacity with user consent.
This though will only be forced onto bootloader locked devices. If the device allows bootloader unlock (some non-Samsung and Nexus devices do), then it will be optional.
For users who simply use the Android operating system as intended out of the box, this is of course welcome news and will definitely ensure a more secure and safe experience for smartphone and tablet owners running Android Nougat. However, for those that love the flexibility of the Android OS, and who take great pleasure in not only tinkering with it, but also installing enhanced custom versions of Android, this enforced verify boot could definitely make it more difficult to install custom ROMs.
Depending on the type of user you are, and why you actually choose the Android OS over alternatives, will depend on whether or not you think this is a positive or negative move by the Android team.