The tireless developers at Team Win released their custom Android recovery for the Nexus 6P and Nexus 5X last week, but at the time it didn't support decryption. This makes working with the stock software (which Google encrypts by default, gleefully thumbing their noses at the NSA and FBI in a show of customer protection) somewhat tricky. But ROM flashers and phone modders can now use the latest version of TWRP on the Nexus 6P with the encrypted stock software, or any other ROM that uses the feature. Read More
With every major Android release comes a new version of Google's not-so-famous Android Compatibility Definition Document. As reading goes, it is roughly between the excitement level of "doing your taxes" and "doing somebody else's taxes." Which is to say, I am well-caffeinated this morning. Anyway, the newest version of the CDD for Android 6.0 contains a change we've been on the lookout for since Lollipop was announced last year: mandatory full-disk encryption.
Since the announcement of encryption being enabled by default of the Nexus 6 and Nexus 9, Google has been on the encryption warpath (rightfully so!), and did in fact attempt to make this change in the initial Lollipop CDD back in January. Read More
Since the Snowden leaks began back in 2013, there has been a justifiable increase in public scrutiny of the US federal government's attitudes towards surveillance and information access. So when President Obama voiced the opinion that encrypted files should be accessible to law enforcement (presumably via some kind of backdoor or exclusive decryption method), privacy advocates joined security experts in a nationwide groan. Thankfully the administration seems to have changed its tune nine months later.
According to a report by Reuters, White house spokesman Mark Stroh said that the administration is no longer looking to introduce encryption-weakening legislation to Congress. Read More
Despite some interesting tablet hardware in the earlier days of Android, French manufacturer Archos hasn't had anything notable to show for several years. Perhaps that's why the company is jumping into the small but growing niche of ultra-secure cell phones, like the Blackphone and the Turing Phone. Archos has partnered with SIKUR (read: Secure), a vendor of encrypted company-focused communications apps, to create the GranitePhone. It's available to purchase today for a whopping $850.
Thanks to the GranitePhone's Android-derived "Granite OS," basically everything on the device is encrypted, even the custom homescreen that eschews a conventional grid layout for a modified version of the SIKUR inbox. Read More
The Nexus 6 had a lot of fine qualities, but the sluggish storage performance was a disappointment. This was mostly due to the automatic device encryption, which was managed by software rather than hardware. In today's Reddit AMA, the Nexus team was asked about encryption support in the Nexus 5X and 6P. VP of Engineering Dave Burke responded, saying it's still software-based, but it should be even faster than hardware encryption this time. Read More
If you're in the market for the Turing Phone, you already know who you are. This is an Android phone designed around the idea of being completely unhackable. It doesn't even have a USB port or headphone jack that could be used to manipulate the software in some fashion. Niche products like this often have the feel of vaporware, but the company has posted a release and order timeline for the Turing Phone. So they're at least trying to make it happen. Read More
If you're a frequent ROM flasher (why does that sound mildly dirty?) and a OnePlus One owner, you might want to grab the latest build of TWRP. A Team Win developer says that it now supports Qualcomm's native encryption scheme in addition to Android's standard AOSP encryption. Why does this matter? According to Ethan "Dees Troy" Yonker and cited benchmarks, Qualcomm's encryption offers better performance when compared to Google's encryption applied to the same hardware.
...for slower encryption methods.
The hardware-based encryption offers an approximate 30% boost to read-write speeds over Android's software encryption, though it's still well below the performance of unencrypted flash storage. Read More
Google made news earlier this year when it announced that Android 5.0 Lollipop devices would ship encrypted by default. And indeed, the first few Lollipop devices (all Nexus) were encrypted out of the box. However, OEM Lollipop phones are not shipping with encryption enabled. It looks like Google is backing off on this requirement, pushing it to a future version.
Not long after British Prime Minister David Cameron did the same, President Obama said Friday that he opposes encryption methods that are inaccessible to law enforcement. Rather naively, he advocated that the technology should still exist, but with methods of access for approved entities like police and preferred spy agencies. This is his first clear issue stance on the matter, though it is not necessarily out of step with his previous actions and statements.
Of course, cybersecurity experts collectively groaned at the President's suggestion of strong encryption that is only accessible to authorities. Taking for granted that law enforcement can be trusted - and, of course, Edward Snowden and countless others have shown us it cannot - there are a host of problems. Read More