It’s only Wednesday and yet Android fans had so much to be excited about. Google confirmed the Pixel launch date, Pixel phones got leaked in clear photos, Google released yet another messaging app Allo and I’d say after the slow last week, it’s nice to see things happening at this pace. However, all is not roses and there’s some slightly bad news for the fans of rooting and modding.
We’ve heard about Google’s increased emphasis on security before, with the company going so far as to fight root by giving developers a root check API to hook into to block access to apps on insecure phones. While their reasons are sound and solid, that doesn’t stop users from hating the reality. Chainfire, the developer of SuperSU believes the fight to keep root is a losing one.
And unfortunately, things could be even worse once the Pixel phones and thereafter, several other phones running Nougat out of the box arrive. If you didn’t know, Ever since Android 4.4 KitKat, the OS has supported verified boot – albeit only through the optional dm-veritykernel feature initially – which checks for potentially unwanted rootkits that could compromise the security of the device.
As of Android 6.0 Marshmallow, Android has also begun alerting about possible system integrity issues, meaning that rooting most Android phones running Marshmallow or higher required a “systemless root” method, a method that could achieve root without editing the /system partition of a phone. This is because Google implemented a new check in Android that would make the phone fail to boot if /system was modified.
With the current implementation of systemless root methods, the ramdisk (a block of memory that’s used as if it were a secondary drive) is used to achieve the same result, but according to code commits found within both Android Nougat’s ROM code and kernel code, the ramdisk is now being tucked away inside /system. Long story short, the methods we use to achieve root today won’t be possible on the Pixel phones.
Moreover, the enforced system integrity boot checks introduced in Nougat won’t allow Android to boot if the boot image or partition are corrupt. Optionally, users may be asked if they want to use a limited capacity mode.
Is that to say that Pixels won’t be rootable? Absolutely not. Developers can still find ways around these limitations, such as unlocking the phones’ bootloaders to be able to edit the kernel and disable the dm-verity feature that’s blocking traditional methods, but that comes with the usual pitfalls (lack of OTA updates and support) that you come to expect when you tinker with things.
Enforcing verified boot is definitely a step toward greater security for Android users, but it could also lead to more problems on devices suffering from software and/or hardware issues, where the possibility for disc corruptions to occur is greater. This is where a new error correction system comes into play, which is supposed to help devices recover from loss of data storage blocks to some extent.
Enforcing verified boot could potentially make it harder to install custom ROMs. This is hard enough already on devices with “hard” locked bootloaders and Android 7.0 won’t help with that, which could be a good thing, or a bad thing depending on your point of view.
Google is not necessarily wrong in its efforts. Security is becoming increasingly important, and considering mobile devices — where we do banking, shopping, and have sensitive conversations — are as commonplace as televisions in a home these days, it’s imperative that no one can be compromised. Whether you’re in agreement or not, it’s what the industry is dictating. Google and the other OEMs very much wants root to go away, folks, so you’re just going to have faith that the development community will keep us afloat as long as they can, or get with the program otherwise.
Are yo pro-root? Are you anti-root? Let us know in the comments.
via : xda