Google postpones iOS 8-style full-disk encryption of Android devices

Posted:
in General Discussion edited March 2015
Despite initial promises by Google, and rival Apple implementing the technology in iOS 8 last September, new devices loaded with Android 5.0 Lollipop are not using default full-disk encryption meant to prevent criminals, police, and spy agencies from getting unauthorized access to private data.




In September, Google stated that all devices launching with Lollipop pre-installed would have encryption on "out of the box," according to ArsTechnica. The company echoed this sentiment in October, mentioning that user data partitions would be encrypted "at first boot." Indeed the latest first-party Android devices -- the Nexus 6 smartphone and Nexus 9 tablet -- are shipping with encryption activated.

Third-party Lollipop devices are being announced at this week's Mobile World Congress in Barcelona, but Ars observes that phones like the 2015 Moto E and Samsung Galaxy S6 aren't being fully encrypted automatically. Google instead appears to have altered its policies, stating in the most recent Android Compatibility Definition document (PDF) that while new devices must be capable of supporting full-disk encryption and should ideally have it on out-of-the-box, the company only expects to make default encryption mandatory in "future versions of Android."

Google may be backtracking because of complaints about the performance of the Nexus 6. Reviews have commented that with full-disk encryption on, the device can sometimes be slower than 2013's Nexus 5. The company may therefore be postponing default encryption as a standard until hardware vendors have memory and processors that can cope.

Both Apple and Google have pledged to improve device security in the wake of revelations from former National Security Agency contractor Edward Snowden, who exposed the vulnerability of many devices to external intrusion. The NSA was shown to have methods and programs for scooping up masses of personal data, even from people not accused of any crime; the agency secured cooperation from major American technology corporations. In theory Apple and Google's new encryption schemes are so secure that even they can't help spy or police agencies break through them.
«1

Comments

  • Reply 1 of 25

    That's what you get for using software based encryption (Android) instead of hardware (Apple).

     

    Funny that Apple has had on-device hardware encryption since the 3GS. How many years ago did that phone come out?

  • Reply 2 of 25
    slurpyslurpy Posts: 5,382member
    Of course they did. Did anyone expect Google to prioritize security, privacy, honesty, or consumers above pleasing it's OEMs? Samsung probably told Google to **** themselves, and they did.
  • Reply 3 of 25
    Encryption overhead. I wonder if this is why iOS 8 reportedly runs slower on older Apple devices?
  • Reply 4 of 25
    magman1979magman1979 Posts: 1,292member
    And weren't the Fandroids going "HA! Take that iSheep!" when this crap was announced? Who's laughing now???

    Not only was their encryption based on software, which is always more vulnerable and slower performing than hardware, but if left up to the OEM's, that shove every last possible vestige of bloatware onto their devices which already compromises the devices' performance, do you really expect them to take user security and privacy more seriously than the razor-thin profits they're able to eek out from that bloatware?

    Get real, this is Android we're talking about it, where the customer is the product, and they're personal privacy be damned.
  • Reply 5 of 25
    coolfactorcoolfactor Posts: 2,239member
    Encryption overhead. I wonder if this is why iOS 8 reportedly runs slower on older Apple devices?

    iOS 8 runs slower because it's doing much more. More features, more libraries to load, required support for more devices and now-larger displays.

    This story is pretty telling that Apple has planned their software and hardware platforms more thoroughly. Egg on Google's face.
  • Reply 6 of 25
    Quote:
    Originally Posted by Suddenly Newton View Post



    Encryption overhead. I wonder if this is why iOS 8 reportedly runs slower on older Apple devices?

     

     

    Quote:
    Originally Posted by coolfactor View Post





    iOS 8 runs slower because it's doing much more. More features, more libraries to load, required support for more devices and now-larger displays.



    This story is pretty telling that Apple has planned their software and hardware platforms more thoroughly. Egg on Google's face.

     

    Pretty much. That's why I want to see the 32-bit iDevices dropped ASAP. Slim down the OS in general, and not require loading as much libraries.

  • Reply 7 of 25
    sflocalsflocal Posts: 6,092member
    Quote:

    Originally Posted by TheWhiteFalcon View Post

     

     

     

     

    Pretty much. That's why I want to see the 32-bit iDevices dropped ASAP. Slim down the OS in general, and not require loading as much libraries.




    But...but.. Fandroids say 64-bit is useless if you don't have at least 4GB RAM!!!!  

  • Reply 8 of 25
    foggyhillfoggyhill Posts: 4,767member
    Quote:

    Originally Posted by Suddenly Newton View Post



    Encryption overhead. I wonder if this is why iOS 8 reportedly runs slower on older Apple devices?

     

    Apple has had encryption before IOS 8. IOS 7.1.2 worked well on older devices.

  • Reply 9 of 25
    sflocalsflocal Posts: 6,092member

    I don't know what's more pathetic.  Google coming out with crappy solutions (like software Encryption) or the borderline-clinical Fandroid users praising everything Google, even when they are being played by Google.

  • Reply 10 of 25
    solipsismysolipsismy Posts: 5,099member
    Pretty much. That's why I want to see the 32-bit iDevices dropped ASAP. Slim down the OS in general, and not require loading as much libraries.

    How much smaller are we talking about here? The app binaries are very tiny compared to every other part of the OS. Are we really talking about a significant drop in size? And doesn't each iOS build already get tailored for each device it's being installed?
  • Reply 11 of 25
    Quote:

    Originally Posted by SolipsismY View Post





    How much smaller are we talking about here? The app binaries are very tiny compared to every other part of the OS. Are we really talking about a significant drop in size? And doesn't each iOS build already get tailored for each device it's being installed?



    The 64-bit devices still have to load the 32-bit libraries for apps, if I'm not mistaken. And I'm not sure how much tailoring there is anymore.

  • Reply 12 of 25
    apple has had enryotion since iOS 4.0 and the iPhone 3gs.

    android delays encryption. and they want you to use their phones for payments go figure.

    all you android people might as well go back to unencrypted wifi at starbucks
    theres no point in using google to pay for stuff if your phone itself is not encrypted.

    running android is like running WEP. go back to WEP, you android users

    can you imagine a world where there are 500 million wfi networks that use WEP?
  • Reply 13 of 25
    stanthemanstantheman Posts: 332member
    The comment at the end, about future versions of Android being encrypted, illustrates the need in the Android camp of standardization to compete with Apple.

    We have always heard about "fragmentation" of operating systems, but going forward the idea of fragmentation will also apply to such things as encryption, Bluetooth support, 64 bit processors, fingerprint scanners, etc. Unless all of these (and other) components are present, there will be no standard Android smartphone that consumers can be certain will provide a full range of services. The result will be more confusion and inconvenience for consumers. Android consumers.
  • Reply 14 of 25

    Wait a minute. Isn't the only reason Android phones need 4GB of RAM is to run that super fast OS called Lollipop? LOL

  • Reply 15 of 25
    woochiferwoochifer Posts: 385member

    The encryption is a definite performance hit on Lollipop. That's why the OEMs resisted making full encryption mandatory. The charts below from Anandtech illustrate just how much full encryption slows down the NAND read/write performance. This will remain an issue with any Android device not using 64-bit ARMv8.

     

    http://www.anandtech.com/show/8725/encryption-and-storage-performance-in-android-50-lollipop

     

     

  • Reply 16 of 25
    woochiferwoochifer Posts: 385member
    Quote:

    Originally Posted by rigorkrad View Post



    apple has had enryotion since iOS 4.0 and the iPhone 3gs.



    android delays encryption. and they want you to use their phones for payments go figure.



    all you android people might as well go back to unencrypted wifi at starbucks

    theres no point in using google to pay for stuff if your phone itself is not encrypted.



    running android is like running WEP. go back to WEP, you android users



    can you imagine a world where there are 500 million wfi networks that use WEP?

    The issue is not that they they're delaying encryption, but delaying in making encryption mandatory, or at least switched on by default. Problem with enabling full encryption is the performance hit that it creates on non-ARMv8 devices.

     

    Pick your poison. Go unencrypted, or go slow.

  • Reply 17 of 25
    That's what you get for using software based encryption (Android) instead of hardware (Apple).

    Funny that Apple has had on-device hardware encryption since the 3GS. How many years ago did that phone come out?

    Gee, that was a long time ago. Wasn't Eric Schmidt still on Apple's board back then and one of the most diligent note takers on record. I think Lollypop is an appropriate version for Google to back out of a commitment to encrypt everything... after all it's a SUCKER. Bhuhahaha!

    This is gonna be good this year with ?Pay getting into full gear, Google will be trying to line up their minions at the checkout counters without their little blue overalls as cover as they "assume the position" for a good scamming, screwing and spin-doctoring over why Android without encryption is "as good as" ?Pay.

    Apple: KNOX KNOX
    Goog: Who is it?
    Apple: Who the hell knows, but they just emptied your bank account!
  • Reply 18 of 25
    magman1979magman1979 Posts: 1,292member
    woochifer wrote: »
    HOLY... JEEBUS...

    Um, words like pathetic, pitiful, distressing, wretched come to mind when I see crap like that... Android and their OEM's are a bloody joke!
  • Reply 19 of 25
    Encryption overhead. I wonder if this is why iOS 8 reportedly runs slower on older Apple devices?

    coolfactor wrote: »
    iOS 8 runs slower because it's doing much more. More features, more libraries to load, required support for more devices and now-larger displays.


    This story is pretty telling that Apple has planned their software and hardware platforms more thoroughly. Egg on Google's face.

    Pretty much. That's why I want to see the 32-bit iDevices dropped ASAP. Slim down the OS in general, and not require loading as much libraries.

    This points up one thing about Apple that the rest of the world just can't grock... Apple will build something out onto current platforms, and competition will go, "Why, that's stupid, who needs 64-bit?" By the time it becomes evident "why" this or that, it's too late to catch up to Apple once again... Apple now has an installed base of well over over 100 million iPhones and iPads capable of doing ?Pay... all many of them need is an ?Watch to link to complete the transaction at the checkout counter. That ought to jump-start ?Watch sales all by itself...
  • Reply 20 of 25
    magman1979 wrote: »
    HOLY... JEEBUS...

    Um, words like pathetic, pitiful, distressing, wretched come to mind when I see crap like that... Android and their OEM's are a bloody joke!

    HA! And it will get only worse this year when Samsung and all the other Goog minions start lining up at the checkout counters and wake up to the ever-widening security gap between Apple and Google's craptastic SW & HW. Can you say, "trillion-dollar class-action suit?" I knew that you could. :D
Sign In or Register to comment.