[Update] Amazon: Double-Minded About Security?

Security / Tech
Image Courtesy HuffPo

Apple’s security battle with the FBI has been aided by the competition. That includes Facebook, Microsoft, and Google, who had at one point suggested Apple should help the government in this one case.  Now you can add Amazon, among others, to the list.  The last two — Google and Amazon — are where that gets more interesting.

Google had originally intended to include encryption and have it turned on by default in Lollipop.  There was apparently enough pressure from device makers to squash that idea.  Encryption was included, but it was left up to the device owner whether to use it or not. Users with older hardware that upgraded to Lollipop, but might see a performance hit from enabling encryption, were left with the choice.  But the option was still there.  That certainly doesn’t appear to be double-mindedness on Google’s part.  But there is a big example of what appears to be some pretty good twisting in the wind.  And it came from Amazon.  International Business Times has this to say:

Amazon joined other major technology companies in filing an amicus brief supporting Apple on Thursday, asking a federal judge to overturn a court order requiring Apple to create software tools to unlock Farook’s phone.

Amazon spokeswoman Robin Handaly said in an email that the company had removed the encryption feature for Fire tablets in the fall when it launched Fire OS 5, a new version of its tablet operating system.

“It was a feature few customers were actually using,” she said, adding that Fire tablets’ communication with the company’s cloud meets its “high standards for privacy and security including appropriate use of encryption.”

Think about that one for a moment.  Amazon, while supporting Apple in their fight to protect customer security and privacy via encryption, removes that protection from its own branded devices.  It’s been suggested by one tech expert that it might be a component cost cutting decision for a line of tablets where selling price can be as low as $50.  That might make sense for new devices, but that doesn’t explain sending out a software update that removes encryption from devices that already have it. Another quote, via IBT:

“Removing device encryption due to lack of customer use is an incredibly poor excuse for weakening the security of those customers that did use the feature,” said Jeremy Gillula, staff technologist with the Electronic Frontier Foundation.

“Given that the information stored on a tablet can be just as sensitive as that stored on a phone or on a computer, Amazon should instead be pushing to make device encryption the default – not removing it,” Gillula said.

The result is that writers, bloggers, and commenters on various web locations are saying this is sufficient reason to stop recommending or buying any of Amazon’s hardware.  That includes Kindle devices and the Echo line of devices.  So, here are some questions you might want to answer in the comments:

  1. Is encryption important to you?
  2. Would the removal of encryption on some devices a company sells keep you from buying other electronics from them, even when they never included it or needed it?
  3. Do the devices you own include encryption?
  4. Do you use encryption?

UPDATE: 24 hours from when it was first reported that Amazon was dumping encryption, there’s a change in the story.  First reports were firm with that information.  That might not have told the whole story, but I believe it does.  There was a large negative reaction against dropping encryption.  The reaction included at least one writer suggesting he wouldn’t do reviews or purchase any Amazon branded electronics, because of the removal of encryption from their tablets.  This morning, we find this quote from Amazon, “We will return the option for full disk encryption with a Fire OS update coming this spring.”  So, encryption is returning.  And it sounds like Amazon is suggesting they need a little time to change the code, probably including modifying surrounding code to avoid any possible conflicts.  But, no matter what the reason, encryption is coming back!


  Source: IBT   Source: Engadget
To Top