Android Nougat to Get Strictly Enforced Boot Verification

Android 7.0 Nougat is expected to be launched with the next Nexus platform lead devices, and Google has changed things around this year already this year – giving developers a chance to play with the then unnamed operating system a full two months ahead of Google I/O with the first developer preview.

The search giant released Android N Developer Preview 5 earlier this week, which will be the final beta build before the full release expected in September or October. To talk about the changes the new preview brings, and discuss some plans for the future of Android, Google engineers held an AMA session on Reddit on Tuesday. Alongside, Google via the Android Developers blog detailed how boot checks will be implemented in Android Nougat.

In the Reddit AMA, Google engineers addressed topics ranging from when Android Nougat updates can be expected from OEMs, the way battery life issues are addressed on the bug tracker, and the removal of night mode from the developer preview. As to the first, the team communicated that Google has been working with several OEMs alongside the developer preview to help them have their updates ready as soon as possible.

Discussing a concern about how some high-profile battery life bugs have been left open for nearly a year, and about how the public Android bug tracker has several open bugs, the Android engineering team admitted it was difficult to keep up. The team said for the past couple of Android releases it had a team “dedicated to triaging public issues”, but agreed some bugs still slip through the cracks. The team added there indeed was a “need to prioritize issues”, and added that “heavily-starred issues with clear issue reports (sample projects highly recommended) help greatly”.

Coming to the much-lamented removal of two night mode features in the Android N Developer Preview, the team said both dark theme and screen tinting had to be abandoned for similar reasons – both wouldn’t be ready by the time Android N launched publicly, and the team did not want to leave a “half-working” feature in the platform. Implementation on an ecosystem-wide scale was difficult, and work on the features was not judged to be a sound allocation of resources.

You can head over to the full AMA to check out all the answers the team had for Reddit users. Separately, Google in an Android Developers blog post on Tuesday detailed how the boot verification process will work on Android Nougat to prevent rootkits and malware from taking hold unnoticed.

Specifically, phones with locked bootloaders with a corrupt boot image or verified partition will start either in a limited use mode, or not start at all. This is a step above and beyond the boot verification process implemented in Marshmallow, which warned users the boot image may be corrupt but allowed them to boot up regardless.

Apart from causing problems for the loading of custom firmware, the team notes that even “non-malicious data corruption” would affect entire data blocks, causing unpredictable behavior. Phones with unlocked bootloaders will not be affected by the implementation of ‘strictly enforced verified boot’, as the team is calling the Nougat implementation.

Source