Google is making it harder to root Android 7.0 Nougat
Rooting Android remains very popular with a certain crowd of users, but fact of the matter is for most folks it is an unnecessary hassle. I have gone through the pros and cons of hacking the operating system in previous articles, so I will not discuss them again here, but suffice to say that both the software and the hardware have matured so nicely that the vast majority of people can be perfectly happy with their new smartphone or tablet as it comes out of the box.
Google has been somewhat permissive with regards to rooting, but, behind closed doors, it has been working hard to close the open avenues. While hacking Android has become harder, Nougat will take things to the next level, bringing new security features to make sure that your device stays the way its maker intended.
Using a feature called verified boot, Android 7.0 Nougat will check the cryptographic integrity to detect if your device has been tampered with. Rooting certainly meets this criteria, as the process involves modifying system files in order to introduce a new class of user with elevated permissions. It basically enables superuser access, a feature which is available in Linux but is dropped in the standard version of Android for -- mainly -- security reasons.
(Now would be a good time to check the two articles I mentioned in the opening paragraph to get an idea of what I am talking about, if you have not done so already.)
In a way, rooting Android can make the device more secure, but realistically speaking it opens up a can of worms. And this is something especially worrisome as Android devices are increasingly targeted by malware and used in larger numbers in the enterprise. Understandably, Google wants to make its OS safer and to do that it has come up with features like verified boot to make sure that everything is working as it should be, and that no one -- not even the intended user -- can do something to change that and expose themselves to unnecessary risks.
Marshmallow is the first Android distribution to provide alerts on the system integrity, but this is only with Android 7.0 that they are made mandatory. This is a pretty big deal, and here is why: if your device fails the tests -- Google gives a corrupt boot image and verified partition as examples -- it may not boot at all. But if it does boot, it will do so in a "limited capacity" and only with your consent.
Among other things, rooting affects the boot image. As enthusiasts may know, this is where the kernel -- a core component of an operating system -- is, so any attempts to modify it will most likely be quickly detected by verified boot. That is not to say that hackers will be unable to root Android -- far from it -- but for the most part it will be much harder to do it.
Android vendors are already cracking down on rooting using all sorts of techniques. Samsung, for instance, has implemented a flag in its software that, if triggered, will show that the device is tampered, which may lead to some issues depending on how you use your Galaxy device: your warranty may be voided if you send it for repairs and your company might rightfully refuse to enroll it due to security concerns.
Other vendors have made it impossible to unlock the bootloader, which basically stops any rooting attempts dead in their tracks. I have tried all sorts of apps and tricks to root a Xiaomi Mi Pad 2 only for rooting to fail every single time. It wasn't until I unlocked the bootloader -- because Xiaomi allows it on that device -- that I managed to do it, and that was through a pre-rooted ROM, mind you.
Nexus devices may seem safe at the moment, but realistically speaking that is because Google is making it super easy to unlock their bootloaders. It is so simple that everyone can do it with a little bit of patience and time to spare. More importantly though is the fact that Nexus handsets are aimed at developers and enthusiasts, who, among other reasons, buy them for being easy to hack.
But, as far as other vendors and manufacturers are concerned, their desire is to close as many doors as possible. And they will embrace features like verified boot, which will trigger an error if a single byte in a whole block is corrupted. You can read more about how it works by hitting the link in the third paragraph, but there is also a downside to it.
Google says that by using verified boot the impact of data corruption increases, and therefore reliability is reduced. However, there is an error correction feature that will help recover from data loss, which should also minimize the chances of it impacting users. Google notes that there is an overhead of 0.8 percent with regards to space but no performance toll, unless, of course, there is data corruption detected. That said, for the most part, it looks like a mature implementation though only time will tell how good it will actually be when used on production devices.
Vendors may find a way to drop this feature, as Android is open source after all and quite easy to modify with the right tools and knowledge, but they risk losing access to Google's services in the process. Those make the difference between a useless Android phone and one that you might want to buy, with access to the Play store, Chrome and Maps preinstalled and so on. And, really, who in their right mind would take that chance?