Google Android 5.0 Lollipop

We were certain that Google would be adding encryption as default to the then upcoming Android L (now Android 5.0). A few months later, we discovered through a benchmark test by tech website AnandTech that Android 5.0 encryption was bringing storage performance issues to most smartphones already running Lollipop. Google seemed to be serious about requiring full-disk encryption on new phones but right now, the Internet giant is quietly backing away from its decision.

The full-disk encryption means that newer smartphones running Android 5.0 Lollipop would require it instead of the optional disk encryption on older Android versions. That didn’t quite sit well with some Android users because even if the intention was good–protecting people from possible profile leaks–others think that such would help criminals in protecting their activities. Phone will be secure alright but this could mean those criminals are also protected and are free to do what they want to do.

No formal and big announcement from Google about this development of backing away from full encryption but new phones are believed not to be encrypted by default now. New devices running Android 5.0 Lollipop are expected to be fully encrypted out of the box but there have been some changes. The Nexus 6 and Nexus 9 from Google were two of those units that were encrypted by default. That was expected but those that were upgraded later didn’t allow encryption by default.

Fast forward to three months later, Google has changed its decision. Why, the newest Android Lollipop phones are no longer encrypted by default. One major example is the highly anticipated Galaxy S6 recently launched at the Mobile World Congress in Barcelona.True enough, Google did some revision on the policy as per Motorola and Google. Noted in the latest Android Compatibility Definition document (PDF) version are the subtle changes in requirements:

 

9.9 Full-Disk Encryption

If the device implementation has a lock screen, the device MUST support full-disk encryption of the application private data (/data patition) as well as the SD card partition if it is a permanent, non-removable part of the device. For devices supporting full-disk encryption, the full-disk encryption SHOULD be enabled all the time after the user has completed the out-of-box experience. While this requirement is stated as SHOULD for this version of the Android platform, it is very strongly RECOMMENDED as we expect this to change to MUST in the future versions of Android.

 

Google still requires devices to support encryption but it’s up to the phone manufacturers to enable it–just like before. In Lollipop, it’s back to being optional. Perhaps future Android versions will finally have full-disk encryption. We’ll see again.

VIA: Ars Technica