Full disk encryption isn't really that much of a big deal for the average user on a lot of modern mobile SoCs. The messaging of this is a lot worse than the security implication in practice.<p>Full disk encryption doesn't protect you against most 'normal' security attacks like privilege escalation, because once an attacker has gained that privilege they can read any data off the mounted encrypted file-system.<p>The way FDE works is that you're encrypting the blocks stored on the physical storage eMMC[1], so if someone gets their hands on your device and physically tampers with it, in theory, with enough skill and fiddly soldering and wiring to an SD card adapter you could access the data.<p>However, many SoCs stack the eMMC on top of the application processor directly, look up package on package or "POP". This means you can't even access any pins to wire up an adapter without "extremely" specialized equipment. We're talking about slicing a layer off the chip package without damaging it.<p>[1]I've left out physical SDcards because until recently there was no facility to encrypt you data in a cross platform compatible way on these devices. Android treats SDcards as plain unencryted FAT/exFAT storage by default anyway.
Hopefully the market reacts accordingly.<p>It can be hard to gauge public opinion from the HN echo chamber, but the apple case is causing national awareness of this important issue. The real question is: will consumers make decisions in the next 6, 12, 24 months based on the information they hear about these devices? I'd like to say yes, but i suspect the answer is no.
Meh. For me this is such a non-issue. While very privacy-conscious in general, since my very bad experience with an encrypted backup drive, a lost password/passphrase, and losing 2 years of data/photos as a result, I've cooled on full-device encryption.<p>Sure, it's preventable, and it was my own stupid fault, but I bet it happens to a lot of people and it caused them, and Amazon, more heartache than the added level of 'security' encryption would provide. "What do you mean, you can't retrieve my data? You made this thing! Can't you reset the password?"
Meanwhile (I posted 3hrs ago but it got no traction)<p><a href="https://news.ycombinator.com/item?id=11223185" rel="nofollow">https://news.ycombinator.com/item?id=11223185</a>
<a href="http://www.thelocal.fr/20160304/french-mps-back-fines-for-apple-unless-it-unlocks-phones" rel="nofollow">http://www.thelocal.fr/20160304/french-mps-back-fines-for-ap...</a><p>> French parliamentary deputies, defying government wishes, on Thursday voted in favour of penalising smartphone makers
who fail to cooperate in terrorism inquiries
> Claiming users weren’t using the encryption feature, and therefore that encryption is unnecessary, is of course a disingenuous argument on Amazon’s part. Users also hate using strong passwords — is Amazon going to encourage users to ditch those too?<p>I think it's TechCrunch that's being disingenuous here. Disk encryption is a feature, and has performance, maintenance and UX costs, unlike allowing strong passwords.
Since this is now front page and last night's thread on this has fallen off, I'll repost what I said there, supporting the theory that encryption might actually have been turned off for performance:<p>People unfamiliar with full-device encryption on Android devices need to be aware of the following: until Marshmallow, it was <i>SLOW</i>. It was so bad that while Google recommended turning on encryption by default on Lollipop, they had to back off of the recommendation because full-disk encryption made the devices run like crap. [0] The reason suspected for this is that up to and including Lollipop, Android handsets did not support hardware-backed encryption/decryption, which meant it all had to be done in software.[1] This had the end result of putting huge overhead onto the device once FDE was turned on, and over time its performance would continue to degrade. Anecdotally, I tried encrypting my HTC One M7 a few years ago when it was my daily driver, and I eventually I had to factory wipe the damn thing to turn it off. The overhead with encryption on got <i>so</i> bad that I would periodically turn on the screen, and it would take so long for the phone to respond that the auto-idle would turn the screen back off before I was even presented with a lockscreen!<p>The M7's specs were top shelf in 2013. Given the limited specs of Amazon's cheaper tablets, I would not be surprised if encrypting them could slow them down further to the point of being unusable.<p>[0] <a href="http://www.androidpolice.com/2014/11/20/anandtech-posts-side-by-side-nand-performance-for-nexus-6-encrypted-vs-unencrypted-its-not-pretty/" rel="nofollow">http://www.androidpolice.com/2014/11/20/anandtech-posts-side...</a>
[1] <a href="http://www.androidpolice.com/2014/11/20/anandtech-posts-side.." rel="nofollow">http://www.androidpolice.com/2014/11/20/anandtech-posts-side...</a>.<p>EDIT: Removed the aside, since I was mistaken that the Kindle reader OS's were affected.