Android Encryption

Google’s been taking serious steps to make Android a secure computing experience for ages now, and with last year’s release of Android Lollipop, the company took one of its boldest stances to date: devices shipping with Android 5.0 were required to take advantage of the platform’s full-disk encryption, securing user data even in the case of loss or theft. And while that may have been an admirable goal, it wasn’t long before pressure (presumably from OEMs) forced Google to back down: earlier this year we saw the company admit that the performance trade-off inherent in encrypting and decrypting all the data going on and off device storage was sometimes just too severe to make encryption mandatory, and it remained an optional feature … for the time. Now that Marshmallow’s here, Google’s revisiting the topic, and while there are still exceptions, the company’s taking a much firmer stance that will see encryption mandated on most Android hardware.

In the latest version of its Android Compatibility Definition document, Google pulls out the big guns: unless a Marshmallow-running device is specifically exempt due to having low RAM or fails to meet a formally defined encryption throughput target (50MB a second), manufacturers are required to enable encryption, out of the box.

This doesn’t affect phones and tablets which previously launched with Lollipop or earlier, and will only upgrade to Marshmallow, but from the next crop of hardware – devices which will run Marshmallow from day one – manufacturers have no choice but to force users to encrypt.

By and large, that’s very much a good thing, as it can be difficult to convince users to accept trade-offs (however small) to keep their data more secure, and removing user (to say nothing of manufacturer) choice from the equation should help see adoption rates seriously improve.

Then again, there’s also something to be said for giving informed users the choice to opt-out, which sounds like it won’t be happening going forward. If you’ve got an “indoor” tablet that lives in your nightstand or on your coffee table, there’s a fair case to be made for why mandatory encryption is just hurting performance with no tangible security gain. Still, this is the route Google’s going, so we’d better get used to it.

Source: Google (PDF)
Via: Android Police




Stephen has been writing about electronics since 2008, which only serves to frustrate him that he waited so long to combine his love of gadgets and his degree in writing. In his spare time, he collects console and arcade game hardware, is a motorcycle enthusiast, and enjoys trapping blue crabs. Stephen’s first mobile device was a 624 MHz Dell Axim X30, which he’s convinced is still a viable platform. Stephen longs for a market where phones are sold independently of service, and bandwidth is cheap and plentiful; he’s not holding his breath. In the meantime, he devours smartphone news and tries to sort out the juicy bits

Read more about Stephen Schenck!

You May Also Like
Huawei P50 series launch confirmation
Huawei P50 series is officially set to launch on July 29
We’ll see a new era of mobile photography, according to Richard Yu, the company’s CEO. The new Huawei P50 series are coming on July 29.
Apple-iPhone-12-featured-photo
Best iPhone you can buy in 2021 so far
We’re always on the search for the best deals possible — now…
Galaxy S21 review
Samsung 65W PD charger gets certified
The Samsung Galaxy S22 might support the new 65W adapter that was certified recently, and reveals the charging speed, and other useful information.