Google is tightening security in Android 7.0. The next version of Android launches this summer, and when it does Google will require that devices that ship with Android 7.0 pre-installed use strict enforcement of the company’s verified boot software.
In a nutshell, that means if your device has malware or corrupt data in the boot image or a verified partition, the phone, tablet, or TV box won’t boot.
That sounds scary, but it’s actually a way of protecting you from potential security threats: if your phone contains malware that alters the boot image, you’ll know.
This could also make it harder to root or install custom ROMs on some devices.
You can unlock the bootloader on many devices to disable verified boot features, allowing you to replace or modify the operating system on your phone or tablet. But if you have a device with a bootloader that cannot be unlocked, the new verified boot requirements might make it harder to sidestep that constraint.
Generally speaking if you plan to install custom firmware on your new phone, you should probably opt for one with an unlockable bootloader.
Google notes that some data corruption can be detected and corrected, allowing Android 7.0 devices to boot in some situations even if problems are detected.