I'm looking for a way to authenticate the bootloader and kernel images to ensure the OS has not been tampered with from some factory default.
One way I imagined doing this is to perform a cryptographic hash on /dev/mtd/mtd1 (bootloader image), and /dev/mtd/mtd2 (kernel image), but opening up either of these devices into a CheckedInputStream (for CRC32 validation, for example) results in an enormous crash. Not only does the device stop responding, but the android debug bridge crashes and no longer recognizes any attached devices until Windows Vista (go figure) is rebooted. Can anyone suggest a better method for validating that the Operating System has not changed (i.e. The bootloader and kernel are factory defaults?) Torin...
