Google quietly backs away from encrypting new Lollipop devices by default

[Victorious Secret]

 

Someone else will have to chime in on how Google does encryption on their phones and why it was such an issue on the Nexus 6 (apparently the cause of all the slowdowns that the phone experienced). I had assumed it was similar to how Apple encrypts their devices, but I guess what Google did was a little more intensive (whether by design or not). 

I like how they spoke of making it default and thought it was a great move, I just don't like how they didn't make the same amount of noise in letting people know that they were holding off on deploying it across the board. 

 

“For over three years Android has offered encryption, and keys are not stored off of the device, so they cannot be shared with law enforcement,” Google spokeswoman Niki Christoff told The Washington Post in September. “As part of our next Android release, encryption will be enabled by default out of the box, so you won't even have to think about turning it on.”

 

Google reaffirmed the statement in an October blog post about Lollipop's security features. Encryption of the userdata partition would occur "at first boot," and it would be "on by default from the moment you power on a new device running Lollipop."

 

For a while, the only new devices we had that ran Lollipop were Google's own Nexus 6 and Nexus 9, both of which were indeed encrypted by default. Older devices that were upgraded to Lollipop—a number of older Nexus devices, the 2014 Moto G, and a handful of others—didn't enable encryption by default, even when you performed a full reset of the phone. This made some amount of sense; suddenly encrypting devices that weren't designed with encryption in mind could impact performance and cause complaints.

 

Here's what we think is most likely. Lollipop's encryption requirement made headlines again in November, this time because it had a huge impact on the new Nexus 6's performance. Our review of the Nexus 6 showed that the new phone could be slower than the old Nexus 5 in certain tasks, and AnandTech supplied additional numbers that showed just how severe the performance impact was.

 

Those reports were circulated pretty widely—Google "Lollipop encryption" and stories about the slowdown dominate the first page. By the time the compatibility definition document was updated in January, full-disk encryption was no longer a required feature.

http://arstechnica.com/gadgets/2015/03/google-quietly-backs-away-from-encrypting-new-lollipop-devices-by-default/

 

[totjup5]

Way to pussy out google.

[RH00D]

I hope people will still enable it regardless. If people are willing to give up security for performance then I don't want to live on this planet anymore.

 

Ok, that's kind of an overreaction. But still.

[euniqe]

I hope people will still enable it regardless. If people are willing to give up security for performance then I don't want to live on this planet anymore.

 

Ok, that's kind of an overreaction. But still.

 

 

also most people don't understand or care, so they need some kind of nannying for their own benefit.

[AlexGoesHigh]

they back tracked because the shitty performance was due to AOSP nature, so they couldn't take advantage on the encryption capabilities in most SoC since those are closed sources, so the only way it could take advantage of it, was if OEM's implemented it in their forks and keep their code fully closed, anandtech has a deep article about it and the nexus 6 and explaining why there's such a massive performance hit

[Victorious Secret]

they back tracked because the shitty performance was due to AOSP nature, so they couldn't take advantage on the encryption capabilities in most SoC since those are closed sources, so the only way it could take advantage of it, was if OEM's implemented it in their forks and keep their code fully closed, anandtech has a deep article about it and the nexus 6 and explaining why there's such a massive performance hit

 

I'll have to read up on that, thanks. 

 

So its just the nature of the implementation right now that causes the performance hits? From what I understand, BB is encrypted by default and iOS is these days as well; is it just different implementations or is the same style and because BB and Apple control their own hardware and code, its easier to do for them? 

[AlexGoesHigh]

I'll have to read up on that, thanks. 

 

So its just the nature of the implementation right now that causes the performance hits? From what I understand, BB is encrypted by default and iOS is these days as well; is it just different implementations or is the same style and because BB and Apple control their own hardware and code, its easier to do for them? 

apple makes their own soc so its bloody easy for them to make the drivers for it and put it in ios, BB probably uses the closed libraries that the manufacture made for their chip, since BB OS is closed source, so yeah it is different implementations, is pretty much the oldest thing in the planet, closed vs open, like windows vs linux on desktop, photoshop vs gimp, directx vs opengl, you see the pattern there, i'm not saying closed is better, but the walled garden methodology does has its advantages

[RainfallWithin]

apple makes their own soc so its bloody easy for them to make the drivers for it and put it in ios, BB probably uses the closed libraries that the manufacture made for their chip, since BB OS is closed source, so yeah it is different implementations, is pretty much the oldest thing in the planet, closed vs open, like windows vs linux on desktop, photoshop vs gimp, directx vs opengl, you see the pattern there, i'm not saying closed is better, but the walled garden methodology does has its advantages

 

Is this comparable to encryption on my computer; Intel and AMD CPUs support AES instruction sets and so encryption is much quicker than if it was done through pure processing power?

[qwertywarrior]

only devices coming WITH android 5.0 has encryption by default

2014 Moto G came with 4.4.4

[qwertywarrior]

Is this comparable to encryption on my computer; Intel and AMD CPUs support AES instruction sets and so encryption is much quicker than if it was done through pure processing power?

 

yes

also the 800 and 805 has AES acceleration but google isnt using the drivers (they arnt like what u see on intel chips)

 

but all 64bit socs from arm has encryption acceleration on by default even on a53 so thats good news for future encrypted devices

[beebskadoo]

My nexus 6 is encrypted, I wish I could have had a choice in the matter honestly. The performance difference is noticeable between encrypted and unencrypted Nexus 6's!

My phone takes almost a minute to turn on for fuck sake. 

[spartaman64]

so you can still enable it youself? i dont see whats the problem

[EleventHour]

this is hilarious to see as my friends LG G3 updated to Lollipop the other week and when it restarted it automatically turned on the encryption setting. Stupid thing is that he has a knock code and not a traditional password, so he couldnt unlock his phone.  Ended up having to send it in to his carrier to have it replaced!