Encrypted-by-default on Google Android? Not exactly

Last year, Google announced Android 5, codenamed Lollipop. He also announced that the new operating system will encrypt the content of smartphones and tablets by default. But the company had to make some "discounts".Android security

In short, instead of boasting that Lollipop will encrypt the data by default, it should state that it does not happen on all devices running Android 5. Why;

Let's go a little behind

Apple, in September, announced that iOS 8 automatically encrypts files stored on iPhones and iPads.

This means that only hardware owners can unlock their data - and not, say, thieves or even Apple itself under pressure from the authorities, at least in theory.

A few days later, Google announced that they would follow suit and turn on file encryption by default, adding that full-time encryption was an option on Android for some time. Indeed, in this document for the design of Android 4.4 [PDF] at 27, November of 2013, Google reports:

If the device has a lock screen, the device supports full disk encryption.

By September 2014, in order to "hit" Apple, this rule had been extended from an optional feature to a default one. "In the next version of Android, encryption will be enabled by default out of the box, so you won't even have to think about activating it," said Google spokeswoman Niki Christoff at the time.

What is happening today

Today, Google lets device manufacturers (smartphones and tablets) turn on encrypted-by-default (and some do not)

Some Android Lollipop devices, especially those that were presented this week at Mobile World Congress 2015, simply do not automatically encrypt and preset their data. For example, let's mention Moto E (second generation) and Samsung Galaxy S6, according to Ars.

Design Document Android Lollipop [PDF] states:

If the application app has a lock screen, the device must support full disk encryption of private data, (/ datapartition), as well as the partition of the SD card if it is a permanent and non-detachable part of the device. For devices that support full disk encryption, full disk encryption should be enabled after the user has completed the out-of-box experience. While this feature is reported as it will come for this version of the Android platform, it is recommended that the user intervene as we expect this to change in future versions of Android.

Why, then, this change? Well, one of the reasons is that Android does not have all the drivers to use the feature on the smartphones and tablets chips.

For example, the Qualcomm Snapdragon 805 system-on-chip on Nexus Motorola 6 will implement AES encryption and decryption of data in hardware quickly and efficiently.

However, the driver for this feature is not available for Android 5, so default encryption and file decryption enable the software terribly slow - forcing many people to disable it.

So some manufacturers can not implement encryption.

Meanwhile, Google Nexus 9 fondleslab uses a Nvidia Tegra K1 processor with an 64-bit ARMv8-compatible processor. This architecture has standard AES encryption / decryption instructions that can be used by Android 5 without any specialized wizard. This means that Lollipop is happily encrypted-by-default on Nexus 9.

All this chaos makes Apple fans very happy. Apple uses a separate co-processor to accelerate encryption and therefore encryption of iOS is a much easier process. Apple has the absolute control over hardware and OS while Google has to rely on its third party to play ball.

Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News iGuRu.gr at Google news