Amazon Decrypts Fire Tablets in Latest Update, Invites the FBI to Come On In
While Apple continues to fight the court order requiring it to develop a new firmware so that the FBI can more easily hack a terrorist’s phone, another major tech company has taken a surprise step back from protecting its customers privacy through encryption.
In the latest Fire OS Bellini 5.1.1 update, Amazon has removed device encryption from the OS.
The change won’t impact Kindle or Fire phone owners, but it will impact millions of owners of Fire tablets running the latest version of Amazon’s OS, including the models launched last year as well as the Fire HD6 and Fire HD7. Both tablets are due to receive updates to Fire OS 5.1.1.
Device-level encryption, or full disk encryption, is the process of protecting all user data on an Android device using an encryption key. This is a core feature of Android 5.0 Lollipop, and once this option is enabled user-created data is automatically encrypted before being saved to a disk (it is disabled by default).
The change was first noticed by Rick Dillon, who wrote last week:
Even as the debate about whether the All Writs Act of 1789 can be used to compel a company to write new software that compromises the security of its own devices continues, Amazon has quietly removed all support for full disk encryption in their latest version of Fire OS, based on Android 5.0 ‘Lollipop’ (which has native encryption support). I discovered this while attempting to upgrade my 4th generation Kindle Fire, but got an error message indicating that I needed to backup all my data, do a factory reset on my device to remove encryption, and then install the update, since Fire OS 5 does not have support for encryption. Amazon did link to a page on their site explaining this, but it appears to not be indexed and I haven’t been able to find it again. Amazon’s removal of such a core privacy feature is somewhat surprising, since it represents a bit of a break from other high-tech firms like Google, Facebook and Twitter who have publicly expressed support forApple’s stance that it will not subjugate the privacy of its users to government whims.
This is a shocking move for Amazon; the retailer has always put its customers first, so you would think that Amazon would at least give us the option of device-level encryption.
Both Apple and Google adopted device-level encryption in the wake of revelations of wide-spread illegal spying by the US government, and Apple even took the next step of making the encryption mandatory (it is still optional on Android).
And now Amazon is taking a step in the wrong direction, which makes no sense.
I have reached out to Amazon for more information, and I will update this post with their response.