Most high-end Android phones that have shipped in the past few years have featured disk encryption. But up until recently, Google allowed phone makers to skip encryption on low-end phones that didn’t support hardware-based encryption and didn’t have the processing power to handle it in software alone.
Now Google says it’s eliminating that exemption. Phones that ship with Android Q will have storage encryption enabled, whether they’re entry-level devices or expensive flagships with powerful processors.
But that doesn’t necessarily mean Android 10 Q will run slower on low-power phones than Android 9 Pie.
Earlier this year, Google revealed a new encryption method called Adiantum that the company says can encrypt and decrypt data up to five times faster than AES-256-XTS.
Google says “phones, tablets, televisions, and automotive devices” that ship with Android Q will encrypt user data out of the box. The only caveat is that Google says this applies to “all compatible Android devices new launching with Android Q.”
In other words, you don’t get disk encryption simply by updating a device running an older version of Android. And your device needs to be “compatible,” whatever that means (perhaps there are exemptions for certain processors… or maybe Google isn’t making any guarantees for devices shipping with Android Open Source Project code, but which haven’t received Google Mobile Services certification… like Amazon’s Fire tablets and TV devices or many Chinese smartphones and tablets).
Mandatory disk encryption is just one of the new security features in Android Q. Google has also added support for TLS 1.3 for faster, more secure internet connections, new tools for developers that want to use fingerprints or face recognition to secure your data, and the company says it’s taken multiple steps to harden the platform against vulnerabilities.
Google is hoping to add support for Electronic ID features in the future, allowing you to use your phone as a driver’s license, among other things.
How long until the feds require they include a backdoor. LOL
It kinda already has one. Technically google has (varying levels of) inside access to any android phone (at least the non-rooted ones) as long as its on. Law enforcement just needs to ask them for the data before seizing the device.
Devil is in the finer details. Will it blow up in Google’s face or will it finally solve some longstanding issues? Time will tell.