With recent security and privacy issues resulting from the San Bernardino iPhone dispute, it’s a good time to learn more about encryption.
What is encryption?
Basically encryption is a method used to secure information stored on any electronic device. This includes data such as text messages, photos, emails, and documents on smartphones.
When data is “encrypted,” it means it’s in a scrambled format, which makes it unreadable for computers or people without a key (such as a PIN code or passphrase) to the device.
It’s actually more complex than simply requiring a PIN code – Apple for example, requires several pieces of information in order to access data within the device. In addition to a PIN code or a fingerprint required from the user, there is also a key embedded in the device’s processor (secure enclave), which is unknown to anyone.
Encryption on iOS
Apple only started encrypting their iOS devices during the release of iOS 8 in 2014. Prior to this version, certain data stored within the phone could still be accessed by Apple. An official warrant was later on presented to the company that prohibited them from accessing the data.
After the release of iOS 8, Apple is no longer able to bypass any iOS device’s lock screen and access data within the device, which was the issue surrounding the dispute between the company and the FBI.
Encryption on Android
Android first offered users the choice to encrypt their devices in 2011. This option was entirely up to the user, meaning manufacturers were not involved.
When Google released Android 5.0 Lollipop in 2014, the operating system had encryption enabled by default. However, it was still optional for phone manufacturers as it was not a requirement. Most of them disabled the setting and simply pointed to performance issues as the cause.
It was only until last year’s release of Android 6.0 Marshmallow that Google started requiring all manufacturers to enable encryption for all devices. There was still an exception for phones that were considered entry-level. Here is a more technical explanation regarding this exception.
With encryption enabled on Android phones all data is secured behind a PIN code, password, pattern, or fingerprint.
I use encryption every time on my company’s phone where there’s a lot of important, top secret data. As for my main phone.. I don’t really care about it, except for passwords and messages there’s nothing someone can steal from me. I think encryption isn’t used by regular users that much.
I have no idea if encryption is enabled on my smartphone? To be honest I don’t really know anything about it, I just assumed that my passwords etc would be safe as standard.
It’s built into the phone’s operating system, so you couldn’t turn it off even if you wanted to. That’s another question however who can access the back doors built into to. Hopefully, companies won’t bend over to the government as soon as they see a badge.
Interesting, I didn’t know that Android offered the encryption feature, actually I hadn’t even thought about it 😉 But it’s great to hear that 2014 update comes with that built in feature. It makes me feel way safer 🙂
Since the San Bernadino phone was eventually “hacked” I think Apple and Google should make it a little harder for anyone including hackers to access data that is in an encrypted device. I believe though the government could still find some backdoor to access everyone’s data if they wanted to and phone users wouldn’t be any wiser.
However in day to day use of phones data encryption does prevent lots of people from getting accessing anything you’ve saved on your phone.
Encryption doesn’t really help when the government knows howto break it. Just look at the latest ordeal between the FBI and Apple. They broke the encryption a long time ago, they just wanted Apple to hand over the keys and make a precedent.
I for one was extremely happy when the government broke through Apple’s encryption. I find it despicable that Apple was applauded for refusing to unlock the phone in this case. That entire situation was a slippery slope fallacy. Allowing the government to unlock a phone to solve a terror case would not suddenly allow anybody to have the phone unlocked for whatever reasons. It was clearly a different situation.
I like having my phone encrypted. It makes it so someone wouldn’t just be able to go in and see everything on the phone without having the PIN/Password. Glad to see that both iOS and Android encrypt the devices by default.
Mst of the manufacturers have default encryption system these days as the need for data security has become a matter of utmost importance over the years. But I think, as users, we cannot do anything about encryption as every company has their own set of rules and technology which govern the entire data security system. This is a good thing to happen as mobile phones are used these days for even delicate transactions like banking and sensitive state matters.