Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Encryption Cellphones Communications Google Handhelds Privacy

Next Android To Enable Local Encryption By Default Too, Says Google 126

An anonymous reader writes The same day that Apple announced that iOS 8 will encrypt device data with a local code that is not shared with Apple, Google has pointed out that Android already offers the same feature as a user option and that the next version will enable it by default. The announcements by both major cell phone [operating system makers] underscores a new emphasis on privacy in the wake of recent government surveillance revelations in the U.S. At the same time, it leaves unresolved the tension between security and convenience when both companies' devices are configured to upload user content to iCloud and Google+ servers for backup and synchronization across devices, servers and content to which Apple and Google do have access.
This discussion has been archived. No new comments can be posted.

Next Android To Enable Local Encryption By Default Too, Says Google

Comments Filter:
  • by praxis ( 19962 )

    Already the industry is realizing what it needs to do.

    • by Threni ( 635302 )

      Realizing there's a commercial opportunity to take advantage of, you mean?

      • by zlives ( 2009072 )

        i guess they are tired of paying lawyer fees to pretend to fight the usgov

        • by skids ( 119237 )

          There is actually a sort of sad irony/schadenfreude to be had here, if I could just get myself to stop chronically sobbing in a quivering ball in the corner about the general state of IT security.

    • by Sloppy ( 14984 )

      Already the industry is realizing what it needs to do.

      Yep. In the wake of Snowden, people need to feel better. Performing encryption on a computer that you can't trust, is the best of both worlds and gives everyone what they need.

      Users will be put at ease, manufacturers can check the "encryption" bullet point, and thanks to the computer working for someone other than the user, various other parties who "need" the data will be able to quietly get the keys without an unpleasant confrontation with the user.

      • by praxis ( 19962 )

        Already the industry is realizing what it needs to do.

        Yep. In the wake of Snowden, people need to feel better. Performing encryption on a computer that you can't trust, is the best of both worlds and gives everyone what they need.

        Users will be put at ease, manufacturers can check the "encryption" bullet point, and thanks to the computer working for someone other than the user, various other parties who "need" the data will be able to quietly get the keys without an unpleasant confrontation with the user. Everybody wins.

        Trust is not a binary. If it were, I would say I don't trust anything that I don't fully control (like the compiler trust issue), become extremely paranoid and have no sane life. I choose to have some trust in some things and live a normal life.

  • it leaves unresolved the tension between security and convenience when both companies' devices are configured to upload user content to iCloud and Google+ servers for backup and synchronization across devices

    The existence of the Third-Party Doctrine makes the decision simple for me.

  • by zeigerpuppy ( 607730 ) on Thursday September 18, 2014 @04:37PM (#47940449)
    You need your head read. Google has shown time and again that it does not care about your security. There is no need to trade off convenience for security in cloud backup. Encrypt locally and send the data encrypted to backup. This would be great but i bet that Google also holds they keys and decrypts on their end. Google says it wouldn't be able to use your data for their massive data mining and information theft machine if it were properly encrypted. This is why the data sits on their servers unprotected by encryption, they are the antithesis of your guardians of security. If you value your data, turn off all Google services and manage your own backups.
    • by sribe ( 304414 )

      Encrypt locally and send the data encrypted to backup.

      But then you cannot make the data available to the user through web-based apps...

      • this is true. I get my icloud email through a web app, but I can't get imessages through a web app. pop3/imap were not designed with this level of security.
    • by steelfood ( 895457 ) on Thursday September 18, 2014 @04:59PM (#47940655)

      I know everybody talks about encryption, but the word itself is just the tip of security. What's the key size? What's the algorithm? What data is encrpyted? Is it even relevant to talk about local encryption with respect to metadata (which is just as if not more useful to the NSA than the actual data). What about backups? Is it a snapshot of the encrypted contents each time? Or does the backup use a different encryption key, and the data transferred securely? There are so many layers to security (including the user), the "encryption" buzzword is meaningless without full context.

      My guess is, Google's not encrypting anything they're really interested in. They're probably not nearly as interested in your pictures or your contact list as say, Facebook. That's data they may currently collect, but ultimately throw away. They're probably more interested in the websites you go to, the links you used followed to get there, the links you followed from that site, the people you actually contact (text, chat, etc.), the geographical location of that person as well as your location, the date and times of your conversations, the contents of your conversations, etc. Local encryption does not apply to any of that data.

      In fact, local encryption doesn't even matter much with regards to securing your phone's data. Your phone is probably leaking the encrypted data through one if not more applications. Facebook, Candy Crush, Twitter, etc. largely negate the effects of local encryption. The only thing it will do is keep your private information out of the hands of someone who picked up your lost phone and decided to keep it (or sell it).

      • by sabri ( 584428 )

        I know everybody talks about encryption, but the word itself is just the tip of security.

        Rknpgyl gung. "Rapelcgrq" qbrf abg nyjnlf zrna "Frpherq".

        • by DeVilla ( 4563 )
          There you go! Encode it all in Polish or Swedish and no one will be able to decode it! Njrfbzr!
        • by mjwx ( 966435 )

          I know everybody talks about encryption, but the word itself is just the tip of security.

          Rknpgyl gung. "Rapelcgrq" qbrf abg nyjnlf zrna "Frpherq".

          Ahh, the Clthulu algorithm

      • by swillden ( 191260 ) <shawn-ds@willden.org> on Thursday September 18, 2014 @07:50PM (#47941611) Homepage Journal

        I know everybody talks about encryption, but the word itself is just the tip of security. What's the key size? What's the algorithm?

        It uses Linux dm_crypt. Here's the source code that configures it, and protects the dm_crypt master key: https://android.googlesource.c... [googlesource.com]

        What data is encrpyted?

        The /data partition, which holds everything which isn't part of the system image. An easy way to understand the distinction is to note that on unrooted Android devices everything but /data is mounted read-only. So any data that is stored after the device leaves the factory is in /data, and is therefore encrypted, unless it's written to removable media (SD card).

        Most of the rest of your post is speculation assuming that Google is intensively mining everything backed up. I'm quite certain that's not true, but I probably shouldn't comment in more detail.

        The only thing it will do is keep your private information out of the hands of someone who picked up your lost phone and decided to keep it (or sell it).

        Yes, that's what device encryption is for.

        (Disclaimer: I'm an Android security engineer. I'm speaking for myself, not for Google.)

    • You need your head read. Google has shown time and again that it does not care about your security. There is no need to trade off convenience for security in cloud backup. Encrypt locally and send the data encrypted to backup. This would be great but i bet that Google also holds they keys and decrypts on their end. Google says it wouldn't be able to use your data for their massive data mining and information theft machine if it were properly encrypted. This is why the data sits on their servers unprotected by encryption, they are the antithesis of your guardians of security. If you value your data, turn off all Google services and manage your own backups.

      There are two different threat models to consider. Device encryption protects against one, but not the other.

      The purpose of device encryption is to protect your data from someone who obtains physical possession of it, because it was lost, stolen, confiscated, etc. The goal really isn't so much to protect it from law enforcement or the NSA -- if the NSA is interested in your data, they'll get it, period -- but against people who might want to, for example, steal your bank account information, etc.

      Device

      • by skids ( 119237 )

        Also, I have to say that from my perspective as a security engineer at Google you couldn't be more wrong about Google's concern for user security. Actually, if you look at the company's track record on security technology creation and deployment, I think that point is unarguable.

        From my perspective as a WiFi network administrator, for years you've been accepting any old certificate for WPA-Enterprise PEAP authentication and not allowing the users to configure certificate the subject_match option that have been available in the underlying wpa-supplicant software all this time. Nor is there any process for oboarding for using local PKIs for WPA-Enterprise. You don't even lock in the first encountered cert until the wifi profile is deleted as apple does. Despite persistently repeat [google.com]

        • Yeah, Android's support for enterprise has been weak. That's been a pain point for Google's own enterprise security team, though it's not really surprising because Android has been focused on the consumer space. The "Android for Work" (announced at I/O) is fixing that.
          • by skids ( 119237 )

            Yeah, well, outside of a corporate IT despotism there is nearly no such thing as a "consumer space" at all. You can usually convince management to kick off everything that simply won't do WPA enterprise to get rid of the hassle of AAA web portals, but excluding Androids is not going to happen, so you fire up wpa-enterprise and let the chips fall where they may and try not to worry that all the Androids can get themselves phished. So it's been a more than just a "pain" but an actual security threat to mill

            • Yep. Google addresses it internally by requiring two-factor auth and using Device Policy to enforce pasword, lock timeout, etc. requirements. Oh, and not letting Android devices on the corporate network, only on the partitioned guest network. It is a problem, no argument there.
    • by AmiMoJo ( 196126 ) *

      To what data are you referring? Google holds keys for some stuff like email, which is sent in plaintext anyway and which they need to offer webmail access. They claim not to have the keys to synced browser data though, and apart from some innuendo and "of course they do" you offer no evidence to the contrary.

      Unlike Apple, Google can't recover your backups if you are completely locked out of your account and don't know the password. That suggests that they really don't have the key.

      Besides which, local encry

      • by mjwx ( 966435 )
        Woah, woah, woah. Dont go contradicting his baseless rant against Google with facts.
  • Really? (Score:3, Interesting)

    by ArcadeMan ( 2766669 ) on Thursday September 18, 2014 @04:39PM (#47940473)

    Google has pointed out that Android already offers the same feature as a user option and that the next version will enable it by default.

    Why isn't it already the default setting?

    • Re:Really? (Score:4, Interesting)

      by BarbaraHudson ( 3785311 ) <barbarahudson@gm a i l.com> on Thursday September 18, 2014 @05:08PM (#47940715) Journal

      Because some of us really don't care if some droid somewhere is poking around in the text massages in our droids.

      And anyone stupid enough to take nude selfies, maybe they need to learn that selfies are neither an art nor an art form? Take a lesson from Mother Nature - clouds leak (it's called rain).

      I don't encrypt my phone data because I don't see any benefit for my own use, just more hassles. Just like I don't encrypt my on-disk or on-usb-key data. If/when I come into a situation where I need to, I will, but really, so far that hasn't happened.

      • You're right that most user data doesn't *need* to be encrypted, strictly speaking. As for nude selfies and whatnot -- if you don't like them, don't take them; just because you don't like them doesn't mean that people who WANT to take them deserve any less privacy, though. It might be dumb to have them on a device/account that can be so easily cracked, especially if you're a public figure, but that doesn't absolve the hacker of any wrongdoing.. they've still intentionally victimized someone.
        • So many people have learned the hard way that sharing nude pics or a racy video with just ONE person can lead to the whole world having it. As the beer commercial says, "Ex" says it all ...

          Quote from a 1950 movie [imdb.com], Born Yesterday:

          He always used to say, "Never do nothing you wouldn't want printed on the front page of The New York Times."

          It's still good advice today. We're inundated with examples of what can happen. In too many cases, the victim is guilty of contributory negligence, at the very least. Example: "What do you mean, 1-2-3-4-5 isn't a good password? [wikiquote.org]"

          Dark Helmet: 1-2-3-4-5? That's the stupidest combination I've ever heard of in my life! That's the kinda thing an idiot would have on his luggage!

          Banks have already established that your funds are

          • I completely agree with your sentiment that it's really dumb to take the pictures in the first place if you aren't prepared for the risk, but that doesn't detract from the wrongness of actively stealing someone's photos. An Internet "leak" of photos isn't like a leaky pipe, they don't just appear on their own -- someone took them and shared them without the victim's permission. Negligence on the part of the victim doesn't diminish the culpability of the perpetrator; the victim may have contributory negligen
            • Nothing I wrote in any way gives an impression that I support, in any shape, manner or form, a "blame the victim" mentality. However, contributory negligence is a fact of life, and in no way is the same as saying "you deserved to get raped because of how you dressed."

              Picking weak, easy-to-guess passwords is contributory negligence. Ask any bank. You're using a service with certain rules, including the responsibility to choose a reasonably secure password. There's no similar rule in our society saying "It

      • by skids ( 119237 )

        The biggest conceptual mistake people make about encryption is that it is only for protecting read access. It's also for protecting against write access. Specifically to your live sessions, so that you don't merrily think you are talking to your bank when you're actually talking to a thief.

      • by mjwx ( 966435 )

        Because some of us really don't care if some droid somewhere is poking around in the text massages in our droids.

        Pretty much this.

        If the law is interested in what I had for dinner last night, they dont really need to go through my text messages to get it.

        Really important things I will not keep on my phone.

      • The primary reason to password protect and encrypt the phone is to protect against the mundane threat of someone who steals your phone, then tries to leverage that to gain access to your financial accounts or other accounts.

        If you travel on any form of public transit, it's a risk. (Pickpockets, muggers, etc.)

        Granted, most thieves are only after the phone for its hardware value. But others will dig into the phone and see what sort of personal information they can glean (emails, bank details, list of con
    • There's a huge problem with Android device encryption.

      Unlike Apple's usual forms of encryption, once an Android device is encrypted, it is not reversible. There is no way to UN-encrypt it, except to back up all your programs, flash your original unencrypted OS back to the phone, then restore the programs. And that requires unlocking and rooting the phone.

      There are LOTS of problems caused by that.
    • Re:Really? (Score:5, Informative)

      by swillden ( 191260 ) <shawn-ds@willden.org> on Thursday September 18, 2014 @07:00PM (#47941365) Homepage Journal

      Google has pointed out that Android already offers the same feature as a user option and that the next version will enable it by default.

      Why isn't it already the default setting?

      (Android Security Team member here... though these are my own perceptions and opinions, not an official statement.)

      Two reasons:

      First, because it's not completely trivial to make it work correctly, all the time, every time, on hundreds of different devices. Android uses dm_crypt, so the foundation is solid, well-proven code, but that doesn't mean there aren't tricky corner cases. With the huge number and variety of Android devices out there, you can be certain that if there's a way it can go wrong, it will. So, conservatism suggests it's a good idea to make it optional for a while and shake out any issues. It's been optional for three years now, and is in use on many devices (I don't know how many; I'd guess tens of millions, though), so it's time to take the next step.

      Second, performance was a problem. Not run-time performance -- AES is really fast -- but the initial encryption required reading and writing many gigabytes so it took a long time just to do that much I/O. Encrypting by default means that either the device has to be encrypted in the factory, which would be a major production bottleneck, or else users would have to wait 20 minutes for their phone/tablet to start up just after they unbox it. That's a bad user experience. For L this was optimized so it only encrypts blocks that are in use. Since on a new device very little of the data partition is in use, very little has to be encrypted. That makes the initial encryption very fast (a few seconds).

      There's actually another device encryption-related improvement coming in L. I'd love to describe it in detail since I worked on parts of it, but the article doesn't mention it so I'll hold off.

      • by Zebedeu ( 739988 )

        Since you're in the security team, could you comment on why Android requires you to set up some sort of lock security just in order to have a VPN configured (even if it's not in use)?

        That never made any sense to me. I believe it assumes corporate use of a VPN, which makes sense that it should be secure (you don't want an unidentified party with free access to your company's internal network), but for many users it's just a way to encrypt potentially unsafe connections, such as when you're connected to some

        • I'm not sure what the motivation for that decision was. I think some of the coming work will make it less painful, though I can't provide any detail.
        • Since you're in the security team, could you comment on why Android requires you to set up some sort of lock security just in order to have a VPN configured (even if it's not in use)?

          You know what makes even less sense than forcing people to use lock screens even if not saving VPN access credentials?

          Having infrastructure with keychain and all of that in place and then not using it in browser and Android email client to secure stored credentials.

          Even worse email client cannot be configured to prompt for passwords when checking/sending mail... you *have* to store your password.

  • In other news Google points out that although the Sun and stars shine with bright light they also have light bulbs in the Google offices and in their next office buildings they will be eliminating the light switches so that lights shine by default.

  • by wronkiew ( 529338 ) <wronkiew@protonmail.ch> on Thursday September 18, 2014 @04:56PM (#47940639)
    That's great that Google is going to enable device encryption by default. But are they going to fix the usability and security problems for Android L?

    If you enable device encryption on Android, you can no longer back up and restore your data over USB or through third party tools. You can create encrypted backups over USB, but you can't restore them because of bugs in the ADB tools. The only way to back up and restore is by uploading your data to Google's cloud servers, where your data is much more likely to be purloined than if you had just left your device unencrypted in the first place.

    When you enable encryption, you set a password. The encryption password becomes your lock screen PIN and there is no way to change it. So, which are you going to choose? A secure encryption password that you'll spend 15 seconds entering on the tiny keyboard every time you want to unlock your phone? Or a useable PIN that is trivial to crack if an attacker gets your encrypted data?

    It's clear someone added device encryption to Android to check it off the list and didn't intend for anyone to use it. I hope their product team realizes this before they bring it to a wider audience.
    • by Anonymous Coward

      I agree with all your points. There are workarounds, for example third party backup based of rsync, but you got everything right with the annoyances. It's also tough to backup or rescue a system when you are encrypted.

      For people reading this you might check the play store for "Cryptfs Password", it allows you to set an encryption password different than your unlock PIN. You will need to be rooted.

    • The only way to back up and restore is by uploading your data to Google's cloud servers, where your data is much more likely to be purloined than if you had just left your device unencrypted in the first place.

      As an Android fan, let me just say that these problems do not just stop with encryption. Unless you root your phone, you can't back it up properly because Google doesn't let you have access to your own files on your own f'ing device. Apparently nobody sees a problem in the fact that users are forced to make the decisions to either run stock or be able to access all their files. I'm sure it's to reduce piracy or something, but it's a nightmare. Unless your apps keep their data in an accessible folder or you

    • by AmiMoJo ( 196126 ) * <mojo&world3,net> on Thursday September 18, 2014 @08:49PM (#47941935) Homepage Journal

      I have a Nexus 5 with a long boot time encryption password and a shorter unlock pin. Seems it was already fixed.

    • by zlogic ( 892404 )

      The encryption password becomes your lock screen PIN and there is no way to change it.

      Wrong, the encryption password has to be entered when booting the phone only. It's even different screen (ugly Android 1.6-style buttons painted black).
      I have a device with corporate policies enforced and have 3 codes to enter:
      - Encryption password
      - SIM PIN
      - Lock PIN.
      When device becomes locked after inactivity, I only need to use the lock PIN.

      • I'd be interested to know how that was done.

        The cryptfs password/lock PIN issue is an open bug reported here [google.com].
        • by zlogic ( 892404 )

          Whoops, you're absolutely right. Just did a test and confirmed that indeed the pin changes the encryption password as well. Shame on me :(

  • It is nice that Apple added encryption to iOS 4 including the encryption of email attachements. But it seems like it was a mistake to depend on it since the protection was silently removed from iOS 7. [thehackernews.com] Does additional encryption in iOS 8 really matter if the feature can be silently removed with an future revision?

    I would prefer that data be encrypted by the application regardless of the OS so I can count of the behavior remaining consistent across OS upgrades.

  • by koan ( 80826 )

    Apple and Google (Android) are blowing smoke.

  • Unless something has changed with a recent system update, last time I checked the local device encryption for Android disabled the Gesture and PIN input, leaving Password as the only option. I don't exactly care to enter a full-on alphanumeric password every time I take my phone out of stand-by, so the feature is of limited use.

    I prefer to use TextSecure. This hooks into the SMS and MMS handlers and redirects them from the internal store, to an encrypted store with an application passphrase. Keeps my phone

  • show stopper (Score:5, Informative)

    by multi io ( 640409 ) <olaf.klischat@googlemail.com> on Thursday September 18, 2014 @05:46PM (#47940989)
    The device encryption feature is apparently designed to always use the lock screen password. So you're forced to have such a password, which you have to enter every time the device comes out of sleep mode, AND (much worse) it breaks essential apps like SkipLock [benhirashima.com] that want to disable the lock screen under certain conditions, e.g. when you're within range of a known WiFi network, thereby relieving you of the need to enter your PIN about 5,000 times a day while you're sitting on your couch at home.

    See also https://code.google.com/p/andr... [google.com]

    Unfortunately, this is a total show stopper for full device encryption.

    • I probably shouldn't go into too much detail but, yes, the Android team has thought about and addressed that issue with L.
      • by Geeky ( 90998 )

        I've seen talk of automatically unlocking when connected to specific bluetooth devices or by location (which looks like it might require GPS?). That's handy, but I haven't seen anything about specific wifi networks. I don't want GPS running all the time because of the battery drain, but would like my phone unlocked on my home wifi. Preferably out of the box without needing a third party app that wants all sorts of permissions.

        Off topic, but for me the biggest issue with (non-rooted) Android is the permissio

        • Sorry, I can't comment on future changes, planned or possible.
          • by Geeky ( 90998 )

            Well hopefully it's not too long to wait until L comes out and the first one will be answered. As for the second, it's just irritating that I can't get apps that just connect to their respective services. Not much chance of it, but it'd be great if the likes of Twitter and Facebook released cut down versions that only connected to them and didn't demand access to contacts, SMS etc. It's a refreshing change when an app requires no special permissions, or at least none that aren't obvious for its primary role

  • Well, it doesn't do any good right now if it's on an android version that nobody uses. What about Pre L versions?

    And won't this really be a carrier option? And what about that sharing data part?

    • by sd4f ( 1891894 )
      I guess that means it's going to be a gradual phase in. Two years from now, 25% of devices, if history is any indicator.
  • California law will require that handsets be able to be remotely disabled by the user. This is one of the easiest ways to do that - to encrypt the phone so that there is no way to operate it without entering the passcode. No resets, no workarounds. Both Google and Apple know that this is the chance to get it into the only x.0 release before that deadline.

    It's not high and mighty, it's just getting into compliance. IMHO, it's a good thing, but it's not some special high road either one is taking.

    • by Anonymous Coward
      Encrypting the phone just denies you access to the data. If you want to be about to use the phone, but are fine with losing the data, then encryption does nothing.
  • Just so that I understand google play can install shit on your device when it feels like, google reads all of your email, google further nerfs intentionally nerfed permissions system and just about everything by volume in the app store is spyware designed to sell YOU to the highest bidder.

    Relax folks your device is "encrypted" ...LOL..

    • by ledow ( 319597 )

      Agreed.

      But, please, what makes you think that Apple, or even Samsung, aren't doing exactly the same?

      Apple can install stuff on your device when it feels like it. In fact, you have even less control over an Apple devices and its whims. You'll happily plug in your Exchange details into the Apple device, you have no idea what it is or isn't doing with that. Apple doesn't even have permission systems. You either install, or not. And Apple spyware is just as - if not more - rampant.

      So, your concern is reall

      • by Rosyna ( 80334 )

        Apple doesn't even have permission systems.

        Apple doesn't have a permission system? Have you used iOS? It has an excellent on-demand permission system. An app wants both location, camera, and microphone access? But you don't want it to have location access? Deny it! Only want it to have microphone access sometimes? OK!

      • by Geeky ( 90998 )

        With Android you have to accept all permissions an app wants or not install it. On iOS apps have no permissions other than internet access and have to ask for permission. The permission can be refused, and the app still works just without the feature being requested - e.g. refuse location access and the app can't offer you location based features, obviously.

        This granularity is not available with Android.

      • But, please, what makes you think that Apple, or even Samsung, aren't doing exactly the same?

        I assume they are.

        Apple can install stuff on your device when it feels like it. In fact, you have even less control over an Apple devices and its whims.

        What does apple have to do with TFA? For the record Apple's actions ignoring factual inaccuracies in your comments are also inexcusable as are Microsofts...etc. It doesn't matter who's doing it.

        So, your concern is really about modern devices, not anything to do with the meat of the story - encryption

        Pointing out encryption is meaningless when you don't have control over your own devices is relevant.

        P.S. With Android, you can see the source, and build from clean source, without any Google services whatsoever if you want. People have done it for you. Almost every big-selling Android phone is supported. You can get root access and check everything you like. And then encryption really means something.

        Great for the technically inclined, not so great for everyone else.

  • by joh ( 27088 ) on Friday September 19, 2014 @03:25AM (#47943569)

    As others already said, iOS had mandatory full device encryption (that you even can't disable) since 2009, when the iPhone 3G added hardware for that. What was added now is a different thing (encryption of single apps data with the key dropped from memory as soon as the device is locked).

    Full device encryption is not enough since the key needs to be in memory as long as the device runs (or no process will be able to access the file system when the device is locked).

    Also Apple's full device encryption uses a key saved in a safe enclave in the SoC, while Google's uses the PIN or password you setup for unlocking your device. If you use a PIN, this is easily brute-forced. If you use a strong password you have to type this in every time you want to use your phone. With a swipe pattern you can't use encryption at all.

    Still, it's a start. I would like to see some performance tests though, encryption in software isn't free.

    • If you set up your swipe pattern first, and then encrypt from the command line, you can have a strong password for boot with a swipe to bring it out of sleep.

  • An Android 4.1.2 that allows me to encrypt the entire storage on the phone. So it's nothing new.
  • by Anonymous Coward

    After reading the FA today, I enabled encryption on my i9300 (after doing a backup, of course)

    About an hour later, I had my phone back -- sluggish to do everything. And I had to enter a pin every time to unlock, not just at boot as promised (I'd be OK with that -- I can use the Android Device Manager if I lose my phone). Then I went for a TWRP restore -- and TWRP couldn't read my existing partition even after I entered my passkey, so I guess there's some mixup there... I restored from my sd card and it's li

The amount of time between slipping on the peel and landing on the pavement is precisely 1 bananosecond.

Working...