Lock it down: Google shows off Android's boot verification warning system

Using a verified boot process, Google will make Android safer by warning device owners if their software has been tampered with.

Google is taking steps to make Android phones safer by including a verified boot system that checks for irregularities in the platform code. And device owners will know that their phone or tablet is safe based on startup messages from the system check.

Android Police spotted an updated Nexus support page showing the three possible boot verification messages.

If Android doesn't find any platform changes at bootup, the device will just start as it normally does. However, if there's a potential issue detected, one of three dialog messages will appear as a warning.

nexus2ceewarn-728x158.jpg
Credit: Android Police

Most people will never likely see any of these messages. And if they do appear, they're warnings only; after 10 seconds, the message will disappear and the device will boot as normal.

Get ready for Android M, for "more privacy"

The next-generation Android platform is said to double-down on privacy features.

Read More

But they raise a warning flag if the phone or tablet isn't running an expected version of Android from Google or one of its hardware partners. That's helpful in the case of a used phone, for example, where you may not know your software has been modified.

For those (like me) that run custom versions of Android or unlock their device bootloader, the messages will be a bit of an annoyance. There's no benefit to telling you what you already know.

Regardless, it's the "better safe than sorry" approach that could be helpful in preventing some people from running something other than a version of Android that they thought they had installed on their phone or tablet.

Android Police suspects the boot verification process is directly related to the dm-verity process, which is the "Linux kernel driver for verifying the integrity of a partition at runtime using a hash tree and signed metadata" that Google added to Android 4.4.

I think they're right as the warning messages bear more than a passing resemblance to those found in dm-verity on Google's Verifying Boot website. I'd expect the messages to begin appearing later this year on devices after Android M rolls out, unless Google adds them to a updated version of Android Lollipop.