When you’re working in law enforcement, smartphone security can be a double-edged sword. Sure, strong security measures can keep user information safe and reduce the value of stolen hardware, helping to deter thieves. But at the same time, sometimes that security is so good as to effectively lock the police out as well – a real problem for them when they suspect a handset is hiding evidence within. As we’ve already heard, Apple devices running recent software are quite secure, such that encrypted phones can’t be accessed by Apple even if a court tried to compel the company. In case you were curious what the situation looks like on Android, a recent report on smartphone security by the Manhattan District Attorney’s Office spells out just where and when Google’s capable of helping police access your phone.
If you’ve been following advancements in Android security, this likely isn’t anything new, but for those of you who have been hearing all this recent talk about phone security and have been wondering how you might be impacted, take note:
Unless you’re using Android’s full-disk encryption, either by manually enabling the option or by using something like a modern Nexus device (running Lollipop or later) that enables encryption by default, Google is very much capable of remotely unlocking an Android phone. So if the police get their hands on your unencrypted handset, and can convince a judge that they need to see what’s on it, there’s a good chance they’re going to get their wish.
Again, we know many of you are likely saying, “of course,” and you’re right: this shouldn’t be surprising. Full-disk encryption is the way of the future, and Marshmallow intends to enforce it by default. If you haven’t protected your own phone with it yet, what are you waiting for?