That's actually a good idea but there is no TPM (or MTM) on any of the Android devices. And I don't know of any announcements (or even rumours) about it becoming available any time soon. So, I guess this isn't an option right now.
On Nov 3, 5:59 am, "[TH]" <[email protected]> wrote: > This is the Root of Trust (ROT) question, which seems > to be asked again and again. (e.g. how do I know the pre-boot > environment and the loader have not been tampered with, etc etc). > > If you are serious about seeking an answer, > I would suggest looking at the work of the folks > in the Trusted Computing Group (TCG), in particular > on using the TPM hardware as a root of trust. > > And no, the TCG and TPM is not about DRM :-) > > /thomas/ > hardjono[at]mit.edu > > On Nov 1, 5:12 pm, Torin Walker <[email protected]> wrote: > > > I'm looking for a way to authenticate the bootloader and kernel images > > to ensure the OS has not been tampered with from some factory default. > > > One way I imagined doing this is to perform a cryptographic hash on > > > /dev/mtd/mtd1 (bootloader image), and > > /dev/mtd/mtd2 (kernel image), > > > but opening up either of these devices into a CheckedInputStream (for > > CRC32 validation, for example) results in an enormous crash. Not only > > does the device stop responding, but the android debug bridge crashes > > and no longer recognizes any attached devices until Windows Vista (go > > figure) is rebooted. > > > Can anyone suggest a better method for validating that the Operating > > System has not changed (i.e. The bootloader and kernel are factory > > defaults?) > > > Torin...
