Malware has long been a persistent problem in the Android operating system, but with it’s upcoming software, Android 7.0 Nougat, Google aims to keep users’ data and private information safe on devices. Android Nougat will have a feature to prevent a device from booting up its full system if malware is detected. Among a number of options, the device may instead boot up in safe mode until the user addresses the threat.
The Android developer team detailed the new Android Nougat feature in a blog post Tuesday. The feature is an upgrade on security standards first implemented on Android 6.0 Marshmallow, in which the system would notify users of malicious software, but would still boot up to a user's’ typical settings. The updated feature, Verified Boot, takes this precaution to another level by completely blocking access to the core part of a smartphone’s system.
“Starting with devices first shipping with Android 7.0, we require verified boot to be strictly enforcing. This means that a device with a corrupt boot image or verified partition will not boot or will boot in a limited capacity with user consent,” Android software engineer Sami Tolvanen said in the blog post. “Such strict checking, though, means that non-malicious data corruption, which previously would be less visible, could now start affecting process functionality more.”
The protocol is primarily for devices with locked bootloaders, mechanisms that prevent users from gaining root access to the core system in their device. Typically, developers and tech savvy users get devices with unlocked bootloaders or unlock the bootloaders on their smartphones to make customization easier. Such devices won’t be affected by this new feature, even if it's running Android Nougat. Users will be able to root and customize unlocked bootloader devices as usual.
However, most carrier-based smartphones in the U.S. now sell with locked bootloaders to prevent the kind of modifications that could leave smartphone vulnerable to malware. Devices with locked bootloaders will be scanned for modifications to their system and those modifications scanned for vulnerabilities before Android Nougat takes action.