Terrorists, drug lords and paedophiles – please use the Amazon Fire

But perhaps the rest of us should steer clear…

Amazon fire

While Apple is engaged in a high profile battle with the FBI over privacy, and receiving the support of fellow tech companies, some firms clearly take a different view.

Take Amazon, for instance.

Yes, it seems that Amazon has effectively announced which side of the fence it sits on.

Sign up to our free newsletter.
Security news, advice, and tips.

Because Amazon has proactively removed encryption from Fire OS 5, the latest version of the operating system used by the Amazon Kindle Fire, Fire Phone, Amazon Fire HD, and Amazon Fire TV Stick.

Encryption was never enabled by default on Fire OS. It was always something that users had to turn on. And, as Amazon told Ars Technica, consumers just weren’t taking advantage of the privacy feature:

“In the fall when we released Fire OS 5, we removed some enterprise features that we found customers weren’t using. All Fire tablets’ communication with Amazon’s cloud meet our high standards for privacy and security including appropriate use of encryption.”

In other words, when your Amazon tablet sends data up to their servers it is (quite rightly) encrypted. And that helps hackers and intelligence agencies from snooping upon your communications.

But if someone was able to get physical hold of your device, they would be able to easily extract the data and your personal information from it.

That is, of course, very different from an Apple iPhone.

Fire OS not using encryption by default for data stored locally was always a mistake. But the fix should have been to ensure it was always enabled, not to rip the feature out.

All we (and the FBI) can hope is that terrorists, drug lords and paedophiles will suddenly all choose to adopt Amazon’s products because clearly security and privacy is not a priority.

It certainly doesn’t sound like they are a great choice for the rest of us.

Fbi poll

Update: Amazon appears to have had a change of heart following the outcry online, and will be reintroducing the encryption option in a future update.

“We will return the option for full disk encryption with a Fire OS update coming this spring.”

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

3 comments on “Terrorists, drug lords and paedophiles – please use the Amazon Fire”

  1. Bob

    I can see many technically oriented (and privacy conscious) people will be boycotting this device as a result. This isn't a Kindle; it's a fully blown tablet that stores email, calendar information, private pictures, confidential documents etc.

    I know many lawyers (other professionals use them too – e.g. doctors) and the growing trend, at least for the past 5 or 6 years, has been to use an iPad for storing casework/document bundles on. It saves heaving about/printing/annotating incredibly heavy (and prone to break) lever-arch files for voluminous work where 20,000+ bundles are the norm.

    Why has the iPad become so popular amongst lawyers? Apart from the many other benefits that using a tablet brings (and especially one with access to the Apple ecosystem) the main reason is ENCRYPTION. The iPad is the only government-approved tablet for use in the UK because encryption is enabled by default and is properly implemented by the manufacturer. It doesn't require any fiddly setting up, like on many Android devices (not always available), and there's no room to make a mistake which might seriously compromise the security of your device – providing the user disables iCloud backup.

    By inexplicably removing an essential function that is included (but not necessarily turned on by default) in modern versions of Android it appears that Amazon have made a very daft political choice.

  2. wrq

    This is why I don't own or will ever own a Kindle. Not that I would carry a kindle around all day with me in the first place.

  3. Bob

    And after all the negative publicity Amazon have decided to reverse their stupid decision. Pity they couldn't use hardware-accelerated encryption and enable it by default on devices.

    Still, we've been told that they've removed VPN functionality so these devices will still not appeal to the security conscious.


What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.