• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • Home
  • Advertise With Us
  • Contact
  • Cookie Policy
    • Privacy statement (CA)
    • Cookie policy (CA)
    • Privacy statement (UK)
    • Cookie policy (UK)
    • Privacy statement (US)
    • Cookie Policy (US)
    • Privacy statement (EU)
    • Cookie policy (EU)
    • Disclaimer

TechWalls

Technology News | Gadget Reviews | Tutorials

  • Reviews
  • Tech Guide
  • Home Improvement
  • Gadget & Apps
  • News

Despite default encryption, Google can still decrypt your Android device

Updated on Nov 24, 2015 by Guest Authors

A quite unsurprising revelation from the Manhattan district attorney’s office last week revealed what could be a damning report about the state of privacy for Android users.

According to a white paper from the office, Google has the outright ability to gain backdoor access to the majority of Android devices by just resetting the passcodes that are served as one-time use keys for unlocking an encrypted system.

encryption1

That means law enforcement authorities have every opportunity to continue to crack down on citizens’ private data as part of their investigative process, even if that means intruding into the privacy of users. This is despite Google’s repeated insistence on its innocence from the government’s attempts at mass surveillance.

The process of resetting the passcodes can be done from a remote server, according to the white paper, and the government can then ask Google to extract data from a device and surrender the information to authorities asking for it.

Although this loophole in the Android security system does not affect the Lollipop 5.0 and above versions of the mobile operating system, which use a default encryption that prevents Google from gaining back door access to the devices, the number of handsets running these Android versions are only minimal compared to the great majority that run the older versions of Android.

So it is still easy for police authorities to request access to sensitive information of users who are using the KitKat and lower versions of the operating system.

When Android Lollipop was released in 2013, Google said the operating system will incorporate encryption by default so that it is the owner that authorities will have to go to when they need information for criminal cases instead of requesting access from Google, sort of leaving behind the onus to users instead of sharing the responsibility of protecting them.

The encryption embedded in Android devices makes Google and the original equipment manufacturers unknowledgeable about what information is contained in an Android handset. This has irked the United States government because it slows down their criminal probe, though there is greater concern for them with Apple devices than with Android.

In fact, Google can still have a participation with the government’s surveillance programs because at least 75 percent of all devices running Android do not have encryption.

The only way to address this concern is to upgrade to the latest Nexus device that runs Marshmallow or have your handset updated with the newest Android operating system if you have the option.

Disclosure: We might earn commission from qualifying purchases. The commission help keep the rest of my content free, so thank you!

Footer

Review of the Waterpik Evolution and Nano Water Flosser Combo Pack

Transparent Shaving: The yoose ICE Electric Shaver Review

INKBIRD IBS-TH5 Review – Smart Thermo Hygrometer with E-Ink Display

LISEN MagSafe CD Phone Holder for Car Review

Follow TechWalls

YoutubeFacebookTwitterInstagram

Recent Posts

  • Review of the Waterpik Evolution and Nano Water Flosser Combo Pack
  • Transparent Shaving: The yoose ICE Electric Shaver Review
  • The Hidden Cost of Cryptocurrency: Bitcoin’s Energy and Water Footprint
  • Free Places To Sleep Inside Hong Kong Airport During Long Transits

Copyright © 2023 · All Rights Reserved

Manage Cookie Consent
We use technologies like cookies to store and/or access device information. We do this to improve browsing experience and to show personalized ads. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional cookies Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
View preferences
{title} {title} {title}