March 4, 2015 weblog
Never mind: Android L full-disk encryption by default not required
2014: Google says with Android L you don't even have to think about turning on encryption. 2015: With encryption for Android L, you have to, uh, think. Times change and so has Google regarding Android L encryption by default out of the box.
Back in September, Hot Hardware was one of a number of tech sites that were able to interest readers concerned about privacy with reports that in the next version of Android, Android L, encryption, which had been an Android optional feature, would be enabled by default. "It will be the first version of Android to enable the setting by default, which means that a password will be required to view pictures, messages, and other data stored on the phone or tablet," said Hot Hardware's Paul Lilly. The Android official blog carrying news and updates from the Android team said last year that Lollipop represented a big update and meant business about security. "With each new release of Android, we try to stay two steps ahead of the bad guys. When it comes to security, Lollipop is the biggest update for Android to date. From the moment you turn on a device running Android 5.0, you'll have a wealth of new security features protecting you, like encryption by default and a lock screen that's easier and more powerful than ever." Washington Post reporter Craig Timberg quoted Google spokesperson Niki Christoff in September: "As part of our next Android release, encryption will be enabled by default out of the box, so you won't even have to think about turning it on."
This week, the story took a turn. The Hot Hardware headline said it all: "New Android Lollipop Phones Lose Default Disk Encryption." Lilly wrote on Tuesday, "We're not sure why Google changed its mind, but instead of requiring its partners to enable encryption by default, the guidelines OEMs must follow for official Lollipop certification now say encryption "is very strongly RECOMMENDED." On Monday, Andrew Cunningham, senior products editor, Ars Technica, said that "we're starting to see new Lollipop phones from Google's partners, and they aren't encrypted by default." He said "At some point between the original announcement in September of 2014 and the publication of the Android 5.0 hardware requirements in January of 2015, Google apparently decided to relax the requirement." Google's Nexus 6 and Nexus 9 were encrypted by default but Cunningham also noticed that, in a little over three months after Lollipop's release, they were starting to see new devices from Google partners not encrypted by default. With the second-generation Moto E, he said, its "userdata" partition is not encrypted by default. His colleague, Ron Amadeo, told him that Galaxy S6 demo units at Mobile World Congress were not encrypted by default.
The Android 5.0 Compatibility Definition document, last updated in January 11, has guidelines for OEMs to follow to make Lollipop devices that are Google-approved. There is a section on full-disk encryption. This is the wording that OEMs are expected to understand:
"If the device implementation has a lock screen, the device MUST support full-disk encryption of the application private data, (/datapartition) as well as the SD card partition if it is a permanent, non-removable part of the device. For devices supporting full-disk encryption, the full-disk encryption SHOULD be enabled all the time after the user has completed the out-of-box experience. While this requirement is stated as SHOULD for this version of the Android platform, it is very strongly RECOMMENDED as we expect this to change to MUST in the future versions of Android."
Cunningham was able to translate, into "devices are required to support encryption, but it's still up to OEMs to actually enable it," he wrote. "Full-disk encryption is expected to become a requirement in some future Android version, but it remains optional in Lollipop."
Jeremy Kirk of the IDG News Service said, "Ensuring encryption is on by default helps protect less sophisticated users who may not know such an option exists."
The Android team, meanwhile, stated in a blog update to their September announcement, that they still valued encryption but there were performance issues. "In September, we announced that all new Android Lollipop devices would be encrypted by default. Due to performance issues on some Android partner devices, we are not yet at encryption by default on every new Lollipop device. That said, our new Nexus devices are encrypted by default and Android users (Jelly Bean and above) have the option to encrypt the data on their device in Settings —-> Security —-> Encryption. We remain firmly committed to encryption because it helps keep users safe and secure on the web."
More information: static.googleusercontent.com/m … lity/android-cdd.pdf
© 2015 Tech Xplore