Verifying Android operating system

Toggle sidebar Toggle sidebar
M

mellandroid

Banned
Jul 1, 2014
138
0
0
Android is an open source operating system and I would like to know if it is possible to verify the operating system loaded on a phone.

for example Android 9, Pie can a sha256 hash be performed to determine the operating system is valid?
 
No, you can perform SHA256 on a file (and U do on every update), but performing a verification on the firmware itself would require SHA256 code in the firmware. (Which there is, in a way - firmware that doesn't pass the validity check doesn't get past the loading stage, which is why many phones get stuck in a "boot loop". And why phones aren't shipped rooted, the way Linux itself [Android is an app that's running in Linux] is.)

Unless you have some cheap no-brand phone, if it gets to the homepage, it's passed "safetynet" and a few other checks that verify that it's real. (That doesn't mean "no viruses", it means that the Android installation is valid. It's like checking the spare to see if you have any flats - there are other tires, but if you don't check them, the spare could be fine, but you could still have a flat somewhere else.)
 
I can download the latest Android version of Pie and examine the contents. How can I verify that the vendor complies with the Android version if I cannot at the very least view the Andorid content on the phone?
 
You, as an end user, cannot verify much of anything done by the phone maker.
The phone maker will make modifications to the OS as they desire.
The carrier can make app and OS changes as they see fit.

Taking a step back, what is the problem you are trying to solve?
 
the issue is android is open source but I cannot verify the source on the phone. I have asked Samsung to verify all firmware versions on the phone and they refused.
 
Given that the phone makers are allowed to modify, and do modify, the source code, I am not sure what it is you are hoping to verify.
 
Samsung software comes in .md5 files. If there's a single bit in the code (there's no source - you get object code) that's "incorrect", it fails the MD5 check and never loads into the phone. (Do an MD5 generation on a large file. (There are MD5 programs all over the web - or in Linux, just echo the file and pipe to md5sum.) Copy that MD5 hash. (It's just 32 bytes long.) Now change one bit in the file and run another MD5. Compare the two. Pretty different, huh?
 
You must log in or register to reply here.

Similar threads

J
  • Question Question
Question How does the Android file system work ?
Replies
4
Views
642
Ask a Question
Mooncatt
Mooncatt
androcubc
How to reinstall an Android operating system?
Replies
5
Views
3K
General Help and How To
mustang7757
mustang7757
B
Gmail Notifications, two all of a sudden
Replies
1
Views
961
General Help and How To
SpookDroid
SpookDroid
F
Galaxy S4 does not power on except when plugged in, but does not stay powered on
Replies
2
Views
7K
Samsung Galaxy S4
mustang7757
mustang7757
P
Android 15 Thinks USB Drive is a Tethered PC
Replies
4
Views
457
General Help and How To
mustang7757
mustang7757

Latest posts

Trending Posts

Members online

Total: 7,273 (members: 3, guests: 7,270)

Forum statistics

Threads
960,734
Messages
6,983,461
Members
3,164,554
Latest member
MightyExecutor

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom