, , , , , , ,

Google Will No Longer Require OEMs To Encrypt Lollipop Devices

Lollipops

Earlier this year, Google had announced that any manufacturer that has the intention of creating a device running Android 5.0 Lollipop would have to encrypt the device before it hits any user.

All of the Nexus devices had this feature enabled, but other devices receiving software updates are not being encrypted by default. With this change, it seems that Google is holding off on this requirement for the next version of Android.

Between the original announcement of Lollipop last fall and Google’s release of the hardware requirements in January, something changed. According to the Android Compatibility Definition, encryption is not required by default, but must be supported. Here is the section that is relevant:

“9.9 Full-Disk Encryption

If the device implementation has a lock screen, the device MUST support full-disk encryption of the application private data (/data partition) as well as the SD card partition if it is a permanent, non-removable part of the device. For devices supporting full-disk encryption, the full-disk encryption SHOULD be enabled all the time after the user has completed the out-of-box experience. While this requirement is stated as SHOULD for this version of the Android platform, it is very strongly RECOMMENDED as we expect this to change to MUST in the future versions of Android.”

With the change in stance, this allows new devices like the 2nd-generation Moto E to ship without default encryption. Indeed, even journalists currently at Mobile World Congress in Barcelona have noted that upcoming devices like the Samsung Galaxy S6 and HTC One M9 were not encrypted (though that is not representative of the final version).

The change in the requirement of encryption by default is unknown, but it is probably due to the lagginess some users running Lollipop have experienced since installing the OS. Even the Nexus 6 and Nexus 9 have been affected, so it’s likely Google is working on fixing that bug until mandating OEMs to have this feature by default.

Source: Google via Ars Technica