1. Mobile

Google can bypass security on all Android systems that don't use full-disk encryption

John Casaretto
By

Android Phone
Here’s a great reason to switch phones and upgrade to the latest version of Android: At least 74 percent of the Android devices out there can be remotely reset by Google if law enforcement orders the company to do so. The discovery was made in a document released by the New York District Attorney’s Office.

Included in that percentage are all older Android phones running 4.4 and lower. However, Google told the Next Web that remote reset only worked on phones secured with a pattern (not a PIN or password) with older versions of Android. Most devices that run Android 5.0 and up cannot be remotely reset because they enable full-disk encryption by default.

Here’s the catch: Encryption isn’t a mandatory setting in Android 5.0. Some manufacturers don’t enable it, even if it’s an option. In other words, the estimate of 74 percent could actually be low, meaning even more devices are open to remote resets. Luckily, in the case of Android 6.0 Marshmallow, all devices ship with encryption enabled, making them safe from prying eyes.

Google revealed that encryption would be mandatory in a recent Android Compatibility Definition Document. The compatibility document describes various elements of Android 6.0 and defines how it is intended to run on a variety of devices. Those devices that support full-disk encryption and Advanced Encryption Standard (AES) crypto performance above 50MiB/sec, full-disk encryption must have this feature enabled by default. Full-disk encryption utilizes a key for all data that is stored from the disk. Data must pass through the key and be encrypted or decrypted before any data can be either written or pulled into system processes.

Encryption is something that Google has wanted to make mandatory on Android for a while, and the company almost got it completely enforced as a standard when Android 5.0 Lollipop rolled out just a year ago.

The feature’s addition to Android 6.0, along with fingerprint sensors on new phones, have combined to create a higher standard in security than was previously available. Full-disk encryption is not a new feature to Android, but the enforcement of the policy in the setup experience certainly is.

Security aficionados, privacy advocates, and corporate users welcome the higher security standard that the technology provides. The security level also raises the bar that government and police agencies must go through in order to retrieve data from seized devices.

Editors' Recommendations

Android vs. iOS: Which smartphone platform is the best?

android vs ios v cameras feat

From Android 1.0 to Android 10, here’s how Google’s OS evolved over a decade

Android

How to find a lost phone

how to find a lost phone

How to use recovery mode to fix your Android phone or tablet

Pixel 3 recovery mode

With Tesla bleeding money, Elon Musk initiates hardcore spending review

Tesla Model Y front

Sony TV Cyber Monday deals are here — from $600

Sony CES 2021 TV 1

This Celestron telescope is only $78 at Walmart for Cyber Monday 2021

The Celestron AstroMaster with a stand.

The Book of Boba Fett trailer offers a peek at Return of the Jedi aftermath

The cast of The Book of Boba Fett.

Alienware 55 OLED gaming monitor gets $1500 discount for Cyber Monday

Alienware 55 OLED Gaming Monitor - AW5520QF

Save $90 on this Dell Portable Monitor for Cyber Monday 2021

Woman sits at a desk using the Dell 14inch Portable Monitor.

The best laptops under $500 for Cyber Monday 2021

dell inspiron 15 3000 amd ryzen 6 inch labor day deal thumb

This Dell 2-in-1 Desktop PC is only $500 for Cyber Monday 2021

Dell Inspiron 24 5000 on desk.

Amazon Kindle Oasis vs. Kindle Paperwhite

amazin kindle oasis review (2017) two hands