Last year, Google announced Android 5, codenamed Lollipop. He also announced that the new operating system will encrypt the content of smartphones and tablets by default. But the company had to make some "discounts".
In short, instead of boasting that Lollipop will encrypt data by default it should state that it doesn't happen in all Appliances running Android 5. Why?
Let's go a little behind
Apple, in September, announced that iOS 8 automatically encrypts files stored on iPhones and iPads.
This means that only hardware owners can unlock their data - and not, say, thieves or even Apple itself under pressure from the authorities, at least in theory.
A few days later, Google announced that they would follow suit and turn on file encryption by default, adding that full-time encryption was an option on Android for some time. Indeed, in this document for the design of Android 4.4 [PDF] at 27, November of 2013, Google reports:
If the device has a lock screen, the device supports full disk encryption.
By September 2014, in order to "hit" Apple, this rule had been extended from an optional feature to a default one. "In the next version of Android, encryption will be enabled by default out of the box, so you won't even have to think about activating it," said Google spokeswoman Niki Christoff at the time.
What is happening today
Today, Google lets device manufacturers (smartphones and tablets) turn on encrypted-by-default (and some do not)
Some Android Lollipop devices, especially those that were presented this week at Mobile World Congress 2015, simply do not automatically encrypt and preset their data. For example, let's mention Moto E (second generation) and Samsung Galaxy S6, according to Ars.
Design Document Android Lollipop [PDF] states:
If the device app has a lock screen, the device must support full private disk encryption data, (/datapartition), as well as the SD card partition, if permanent, and a non-removable part of the device. For devices that support full disk encryption, full disk encryption should be enabled after the user has completed the out-of-box experience. While this feature is listed as coming for this version of the Android platform, user intervention is recommended as we expect this to change in future versions of Android.
Why, then, this change? Well, one of the reasons is that Android does not have all the drivers to use the feature on the smartphones and tablets chips.
For example, the Qualcomm Snapdragon 805 system-on-chip in the Nexus Motorola 6 will implement AES encryption and decryption of data on the hardware quickly and efficiently.
However, the driver for this feature is not available for Android 5, so default encryption and file decryption enable the software terribly slow - forcing many people to disable it.
So some manufacturers can not implement encryption.
Meanwhile, Google Nexus 9 fondleslab uses a Nvidia Tegra K1 processor with an 64-bit ARMv8-compatible processor. This architecture has standard AES encryption / decryption instructions that can be used by Android 5 without any specialized wizard. This means that Lollipop is happily encrypted-by-default on Nexus 9.
;
All this chaos makes Apple fans very happy. Apple uses a separate coprocessor to speed up the encryption and hence iOS encryption is a much easier process. Apple has complete control over it hardware and OS, while Google must rely on third parties to play ball.