Google is making encryption standard in the next version of Android

[techbeck]

Less than a day after Apple detailed new efforts in user privacy for its products, Google now says it plans to encrypt user data on all Android devices. Speaking to The Washington Post, Google says data encryption will now be a part of the activation process instead of an optional feature. The end result is that whatever data is stored on that device, be it a phone or tablet, will be inaccessible unless the person has the correct password.

 

"For over three years Android has offered encryption, and keys are not stored off of the device, so they cannot be shared with law enforcement," a Google spokesperson told The Verge. "As part of our next Android release, encryption will be enabled by default out of the box, so you won't even have to think about turning it on."

 

In Apple's case, the company already began encrypting user data for all users as part of iOS 8, a free update that became available yesterday. The company said that not even it can bypass a user passcode to access their data, tying its hands from offering such a service to law enforcement officials.

 

More....

http://www.theverge.com/2014/9/18/6436037/google-is-making-encryption-standard-in-the-next-version-of-android

[+John Teacake MVC]

(Android Security Team member here... though these are my own perceptions and opinions, not an official statement.)

Two reasons:

First, because it's not completely trivial to make it work correctly, all the time, every time, on hundreds of different devices. Android uses dm_crypt, so the foundation is solid, well-proven code, but that doesn't mean there aren't tricky corner cases. With the huge number and variety of Android devices out there, you can be certain that if there's a way it can go wrong, it will. So, conservatism suggests it's a good idea to make it optional for a while and shake out any issues. It's been optional for three years now, and is in use on many devices (I don't know how many; I'd guess tens of millions, though), so it's time to take the next step.

Second, performance was a problem. Not run-time performance -- AES is really fast -- but the initial encryption required reading and writing many gigabytes so it took a long time just to do that much I/O. Encrypting by default means that either the device has to be encrypted in the factory, which would be a major production bottleneck, or else users would have to wait 20 minutes for their phone/tablet to start up just after they unbox it. That's a bad user experience. For L this was optimized so it only encrypts blocks that are in use. Since on a new device very little of the data partition is in use, very little has to be encrypted. That makes the initial encryption very fast (a few seconds).

There's actually another device encryption-related improvement coming in L. I'd love to describe it in detail since I worked on parts of it, but the article doesn't mention it so I'll hold off.

 

 

Food for thought....

[Praetor]

it's been optional for 3 years.

And ChuckFinley, thanks for the article, it shows that while huge steeps are necessary for a certain feature to be able to work in ALL of the hundreds of devices, Apple clearly has a more "simple" job since they have fewer devices to support.