Slashdot Mirror
Google Makes Full-Disk Encryption Mandatory For Some Android 6.0 Devices (itworld.com)
itwbennett writes: Google's plan to encrypt user data on Android devices by default will get a new push with Android 6.0, also known as Marshmallow. Devices with enough memory and decent cryptographic performance will need to have full-disk encryption enabled in order to be declared compatible with the latest version of the mobile OS. From the ITWorld article: "The move is likely to draw criticism from law enforcement officials in the U.S. who have argued over the past year that the increasing use of encryption on devices and online communications affects their ability to investigate crimes. In addition to encryption, Google also mandates verified boot for devices with AES performance over 50MB/s. This is a feature that verifies the integrity and authenticity of the software loaded at different stages during the device boot sequence and protects against boot-level attacks that could undermine the encryption."
First Apple and now Google are pushing back on the US government, which is trying its hardest to spy on people. These companies are compelled to give up information, in secret, without warrants, due to PATRIOT Act and other government "intelligence". This has hurt business for Apple, Google, Microsoft, and others. It seems that they've decided that they are going to make it hard/impossible for the US government to steal their customers' data. Bravo to them.
I'm gone a bit too cynical to think this is an altruistic effort by Google to protect De People from the government spying on them. Could it just be an attempt to make their DRM more robust?
Though this is a welcome move, Google has its priorities totally wrong.
As it stands right now, a large percentage of the Android population is running insecure software which, in some cases, is remotely exploitable without user intervention, with no way to mitigate the risk.
This is utterly embarrassing for Android if you think about it. Here we have a (mostly) open source stack that is MUCH LESS secure than its most significant opposition - Apple, which is closed source and absolutely restricted - but we can't do anything about the vulnerabilities because someone in the supply chain decided that it isn't cost-effective to provide something as simple as root access to the OS.
This is partly the manufacturer's and carrier's fault, but it is very much also Google's fault.
If I understand correctly, Google has a set of conditions that manufacturers must meet to be able to ship Google apps with their phone. One of the conditions that Google should be forcing RIGHT NOW is that manufacturers (and carriers) must provide a mechanism to allow updating the operating system (or to replace it entirely).
This shouldn't be a hard thing for Google to do. Heck, for all the evil they do, Microsoft gives you unrestricted access to the Operating System (recent host file shenanigans notwithstanding), and I've never seen a x86 PC that doesn't allow you to wipe Windows and install something else, despite the whole "secure boot" scare.
So, Google, good move, but get your priorities straightened out.
As per the post earlier today, Apple said it was "impossible" for them to access the files on a customer's iPhone if they had a newer phone. In essence, what Apple is saying is that if law enforcement brings them only the phone of a suspect, Apple cannot technically access the files on the phone without the help of the phone's owner. They did it using a number of processes including full data storage encryption. I suspect that it has been optional on Android since not all devices had the all the hardware pieces in place to secure the phone completely.
Well, there's spam egg sausage and spam, that's not got much spam in it.
Android's full disk encryption is just an adaptation of dm-crypt. All the source code is in AOSP and the Linux kernel.
Yes, the radio firmware has privileged access and is closed. But that is true for ANY cell phone. If you're concerned about that, then don't use a cell phone, because malicious firmware can potentially pull anything else out of memory if it wanted.
To call this anything but an improvement is extremely short sighted. Take off your tinfoil hat, please.
Is there any way to audit whether the dm-crypt installed on your device matches the source code? Few people compile their own kernel, so it seems that it would be easy for Google or cellular carrier to slip a back door into the module.
Likewise, I wonder how secure Apple's encryption is -- their very public fight against the DoJ could just be a smokescreen to hide the fact that the government can trivially crack the phones, they just don't want anyone to know. Their fight against the DoJ brings this quote to mind: "The lady doth protest too much, methinks."
So, if I get this right, Google just made boot-level customization useless, because verified boot will pretty much prevent CWM, TWRP, unlocking the bootloader etc. There goes also easy rooting, easy custom ROMs (CyanogenMod), easy backups, MultiROM, fastboot de-bricking for the semi-knowledgeable, sideloading, custom flashing............. Right? RIGHT?