Android 7.0 Nougat: Strictly Enforced Verified Boot with Error Correction

A post on the official Android Developer blog by Sami Tolvanen, Software Engineer, revealed that the upcoming version of Android (currently in beta) will refuse to boot up, or will go into some kind of safe mode, if it detects a problem with the operating system. The idea is to prevent people from using tablets and phones that have malware. Android 7 is also going to include code that will help the device to recover from an accidentally corrupted OS.

Tolvanen's post starts with:

Android uses multiple layers of protection to keep users safe. One of these layers is verified boot, which improves security by using cryptographic integrity checking to detect changes to the operating system. Android has alerted about system integrity since Marshmallow, but starting with devices first shipping with Android 7.0, we require verified boot to be strictly enforcing. This means that a device with a corrupt boot image or verified partition will not boot or will boot in a limited capacity with user consent. Such strict checking, though, means that non-malicious data corruption, which previously would be less visible, could now start affecting process functionality more.​

Read the full text of this post at:

http://android-developers.blogspot.com/2016/07/strictly-enforced-verified-boot-with.html
​