Bypass Android 9 — Addrom

C10. Testing plan: verify boot state with getprop ro.boot.verifiedbootstate and vbmeta; use adb shell su?; check dm-verity status via dmesg and vbmeta/veritysetup status; avoid writing to partitions; document outputs, hashes, chain-of-trust, and reproduction steps. Include commands: adb reboot bootloader; fastboot getvar all; adb shell getprop ro.boot.verifiedbootstate; dmesg | grep -i verity. Emphasize consent and backups. C11. ADB over network risk: remote shell access, key interception; mitigations: disable TCP ADB, require authorization (adb keys), network firewall rules, MDM policies to block, charging station policies (USB Restricted Mode), educate users, use USB host-based charging-only cables; expected effectiveness assessed. C12. Detection checklist: high-value signals — ro.boot.verifiedbootstate not "green", changes to bootloader unlocked flag, presence of unknown system suid binaries, unexpected persistent services, vbmeta mismatches, kernel logs showing verity errors, abnormal boot count/resets, ADB over network enablement. Log sources: device logs (logcat, dmesg), MDM enrollment telemetry, SafetyNet/Play Integrity signals, fastboot state responses. Prioritize boot verification and bootloader lock state.