Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Makes Full-Disk Encryption Mandatory For Some Android 6.0 Devices (itworld.com)

Posted by samzenpus on from the raise-shields dept.

itwbennett writes: Google's plan to encrypt user data on Android devices by default will get a new push with Android 6.0, also known as Marshmallow. Devices with enough memory and decent cryptographic performance will need to have full-disk encryption enabled in order to be declared compatible with the latest version of the mobile OS. From the ITWorld article: "The move is likely to draw criticism from law enforcement officials in the U.S. who have argued over the past year that the increasing use of encryption on devices and online communications affects their ability to investigate crimes. In addition to encryption, Google also mandates verified boot for devices with AES performance over 50MB/s. This is a feature that verifies the integrity and authenticity of the software loaded at different stages during the device boot sequence and protects against boot-level attacks that could undermine the encryption."

10 of 150 comments (clear)

  1. Verified boot by who? by erapert · · Score: 5, Insightful

    Google also mandates verified boot for devices with AES performance over 50MB/s.

    Who verifies it?

    Google verifies it (with NSA consent)?
    Or is it completely, 100% open source such that I can compile my own boot loader and sign it with my own key and install it myself?

    Anything else really just means that the NSA have a backdoor to your device that you cannot remove because your boot loader is locked against you.

    1. Re: Verified boot by who? by hawguy · · Score: 4, Interesting

      Android's full disk encryption is just an adaptation of dm-crypt. All the source code is in AOSP and the Linux kernel.

      Yes, the radio firmware has privileged access and is closed. But that is true for ANY cell phone. If you're concerned about that, then don't use a cell phone, because malicious firmware can potentially pull anything else out of memory if it wanted.

      To call this anything but an improvement is extremely short sighted. Take off your tinfoil hat, please.

      Is there any way to audit whether the dm-crypt installed on your device matches the source code? Few people compile their own kernel, so it seems that it would be easy for Google or cellular carrier to slip a back door into the module.

      Likewise, I wonder how secure Apple's encryption is -- their very public fight against the DoJ could just be a smokescreen to hide the fact that the government can trivially crack the phones, they just don't want anyone to know. Their fight against the DoJ brings this quote to mind: "The lady doth protest too much, methinks."

    2. Re:Verified boot by who? by behrooz0az · · Score: 4, Informative

      Keys are generated on the fly, Go read the source code for fucks sakes. It's there.

      --
      Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion. -- Spazmania (174582)
    3. Re:Verified boot by who? by BronsCon · · Score: 4, Informative

      The actual OS portion of it is, actually. It is the Google apps and framework (e.g. non-AOSP) and hardware-specific drivers (e.g. not part of Android) that are not open source. Test this by fetching a system image for your phone (assuming a Nexus device, where Google is actually the one releasing the binaries; there is no guarantee that a different OEM doesn't change things, in fact that is quite common.. so, again, a Nexus device), extract the /system partition, and replace the binaries with your own versions compiled from source (same version of Android, of course, so drivers and the Google bits still work), roll that back into the image, and flash it.

      10 to 1 it'll boot and work just fine. If you weren't an AC I'd put money on it.

      --
      APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
  2. Honestly, this is good by surfdaddy · · Score: 4, Interesting

    First Apple and now Google are pushing back on the US government, which is trying its hardest to spy on people. These companies are compelled to give up information, in secret, without warrants, due to PATRIOT Act and other government "intelligence". This has hurt business for Apple, Google, Microsoft, and others. It seems that they've decided that they are going to make it hard/impossible for the US government to steal their customers' data. Bravo to them.

    1. Re:Honestly, this is good by pla · · Score: 5, Insightful

      Bravo to them.

      Make no mistake, they don't do this out of some love of privacy or benevolence toward their customers. Outside the US, the phrase "Made in America" has become synonymous with "pre-cracked by the NSA". Companies have no more noble goal with efforts like whole-device encryption than not watching their global sales drop to zero over the next few years.

    2. Re:Honestly, this is good by UnknowingFool · · Score: 5, Insightful

      I suspect also that Apple and Google don't want to be responsible any more for law enforcement duties. I can only imagine how many requests they get every week to break into someone's phone. Now they can legitimately say that they can't do it.

      --
      Well, there's spam egg sausage and spam, that's not got much spam in it.
  3. Priorities by Anonymous Coward · · Score: 4, Interesting

    Though this is a welcome move, Google has its priorities totally wrong.

    As it stands right now, a large percentage of the Android population is running insecure software which, in some cases, is remotely exploitable without user intervention, with no way to mitigate the risk.

    This is utterly embarrassing for Android if you think about it. Here we have a (mostly) open source stack that is MUCH LESS secure than its most significant opposition - Apple, which is closed source and absolutely restricted - but we can't do anything about the vulnerabilities because someone in the supply chain decided that it isn't cost-effective to provide something as simple as root access to the OS.

    This is partly the manufacturer's and carrier's fault, but it is very much also Google's fault.

    If I understand correctly, Google has a set of conditions that manufacturers must meet to be able to ship Google apps with their phone. One of the conditions that Google should be forcing RIGHT NOW is that manufacturers (and carriers) must provide a mechanism to allow updating the operating system (or to replace it entirely).

    This shouldn't be a hard thing for Google to do. Heck, for all the evil they do, Microsoft gives you unrestricted access to the Operating System (recent host file shenanigans notwithstanding), and I've never seen a x86 PC that doesn't allow you to wipe Windows and install something else, despite the whole "secure boot" scare.

    So, Google, good move, but get your priorities straightened out.

  4. Re:DRM by gstoddart · · Score: 5, Insightful

    Possibly, but you can be cynical and not think this is altruistic ... they get the PR of saying "we're on your side" to consumers, as well as eventually saying "now piss off, we can't help you" to law enforcement.

    It can benefit consumers AND be self-serving.

    --
    Lost at C:>. Found at C.
  5. About that boot encryption... by cloud.pt · · Score: 5, Interesting

    So, if I get this right, Google just made boot-level customization useless, because verified boot will pretty much prevent CWM, TWRP, unlocking the bootloader etc. There goes also easy rooting, easy custom ROMs (CyanogenMod), easy backups, MultiROM, fastboot de-bricking for the semi-knowledgeable, sideloading, custom flashing............. Right? RIGHT?