Beyond the improved sandboxing for the media stack modules, better code sanitization, and other security features coming to Android 7.0 “Nougat,” the new version of Android will also get a ”strictly enforced verified boot” system, which should better protect against malicious code that runs at boot. Android will also add a feature called “forward error correction” to reduce the number of devices that stop booting due to random software errors.
Strictly Enforced Verified Boot
Google introduced the verified boot system in Android 4.4, and users started seeing warnings if their bootloader was unlocked or if the system image was corrupt in Android 6.0. After seeing the warning the user could continue to boot their device.
Starting with Android 7.0, the verified boot process will be strictly enforced, and the device won’t boot anymore if it’s been compromised by malicious code. Users should still be able to boot into safe mode and restore their devices to a clean image of Android.
The smartphone owners who still want to root their devices should be able to continue to do that, but only if the bootloader is unlocked first. Otherwise, the verified boot system will consider the OS image corrupted, and will not allow the boot process to continue. Most rooted devices need to have their bootloaders unlocked for the root to remain permanent, so this shouldn’t be an issue for most custom ROM users.
Forward Error Correction
The new version of the operating system will also feature “forward error correction,” or redundant code that it can use to repair the critical parts of the OS, to ensure that Android 7.0+ devices don’t lock-up because of random software corruption.
However, there’s a trade-off between how many errors the software can fix and how much overhead the redundant code produces. Google could’ve chosen to fix up to 16 errors per 255-bytes block, but the redundant code would’ve represented a 15 percent overhead. Google eventually went with one error per 255-bytes block that the software can fix, which only adds an overhead of 0.8 percent.
It’s possible that as budget smartphones gain more storage in the future and Google has more time to evaluate the feature that it can choose to increase the overhead, and therefore the level of correction the system can perform.