Skip to main content
  1. Home
  2. Phones
  3. Android
  4. Mobile
  5. News

Google can bypass security on all Android systems that don't use full-disk encryption

Add as a preferred source on Google

Here’s a great reason to switch phones and upgrade to the latest version of Android: At least 74 percent of the Android devices out there can be remotely reset by Google if law enforcement orders the company to do so. The discovery was made in a document released by the New York District Attorney’s Office.

Included in that percentage are all older Android phones running 4.4 and lower. However, Google told the Next Web that remote reset only worked on phones secured with a pattern (not a PIN or password) with older versions of Android. Most devices that run Android 5.0 and up cannot be remotely reset because they enable full-disk encryption by default.

Recommended Videos

Here’s the catch: Encryption isn’t a mandatory setting in Android 5.0. Some manufacturers don’t enable it, even if it’s an option. In other words, the estimate of 74 percent could actually be low, meaning even more devices are open to remote resets. Luckily, in the case of Android 6.0 Marshmallow, all devices ship with encryption enabled, making them safe from prying eyes.

Google revealed that encryption would be mandatory in a recent Android Compatibility Definition Document. The compatibility document describes various elements of Android 6.0 and defines how it is intended to run on a variety of devices. Those devices that support full-disk encryption and Advanced Encryption Standard (AES) crypto performance above 50MiB/sec, full-disk encryption must have this feature enabled by default. Full-disk encryption utilizes a key for all data that is stored from the disk. Data must pass through the key and be encrypted or decrypted before any data can be either written or pulled into system processes.

Encryption is something that Google has wanted to make mandatory on Android for a while, and the company almost got it completely enforced as a standard when Android 5.0 Lollipop rolled out just a year ago.

The feature’s addition to Android 6.0, along with fingerprint sensors on new phones, have combined to create a higher standard in security than was previously available. Full-disk encryption is not a new feature to Android, but the enforcement of the policy in the setup experience certainly is.

Security aficionados, privacy advocates, and corporate users welcome the higher security standard that the technology provides. The security level also raises the bar that government and police agencies must go through in order to retrieve data from seized devices.

John Casaretto
Former Digital Trends Contributor
John is the founder of the security company BlackCert, a provider of SSL digital certificates and encryption products. A…
Vivo X300 FE review: The compact flagship I didn’t expect to like this much
The Vivo X300 FE is the Hawkeye of flagships. It doesn't have superpowers, but somehow gets the job done better than everyone else.
Vivo X300 FE

Why Hawkeye?

Hawkeye was never the strongest Avenger, nor did he have the flashiest suit or superpowers. Yet he consistently proved his worth through precision, reliability, and doing the fundamentals exceptionally well. The Vivo X300 FE follows the same philosophy. It doesn't chase outrageous specifications or marketing gimmicks. Instead, it quietly nails the essentials with a superb display, dependable performance, excellent cameras, and outstanding battery life. It may not grab all the headlines, but when it matters, it's the flagship that gets the job done.

Read more
7 Apple Notes tips to elevate your note-taking experience
A few small tweaks buried in the menus that make Apple Notes feel like a completely different app.
Apple notes on iPhone

Over the years, Apple has turned Apple Notes into one of the best note-taking apps for the iPhone. The problem is that most people use the app just as a place to dump info and do not use it to its full potential. Today, I will share seven of my favorite Apple Notes tips that will elevate your note-taking experience. 

Switch between recently opened notes

Read more
This Android lock screen bug lets anyone text using Gemini without knowing your PIN
Google confirms a fix is coming for this risky Gemini lock screen bug
google-gemini

Your Android lock screen is supposed to keep your messages safe, even if someone gets hold of your phone. But a newly discovered Gemini bug could do the opposite. Since May, The Register has received multiple reports of people bypassing device authentication on Android 16 devices that allow Gemini access straight from the lock screen.

The flaw lets anyone use Gemini to send SMS and even WhatsApp messages without ever entering your PIN. It only works under specific conditions, but it is serious enough that Google has confirmed a fix is already rolling out.

Read more