Take Amazon, for instance.
Yes, it seems that Amazon has effectively announced which side of the fence it sits on.
Because Amazon has proactively removed encryption from Fire OS 5, the latest version of the operating system used by the Amazon Kindle Fire, Fire Phone, Amazon Fire HD, and Amazon Fire TV Stick.
— David Alexander (@davidscovetta) March 3, 2016
Encryption was never enabled by default on Fire OS. It was always something that users had to turn on. And, as Amazon told Ars Technica, consumers just weren’t taking advantage of the privacy feature:
“In the fall when we released Fire OS 5, we removed some enterprise features that we found customers weren’t using. All Fire tablets’ communication with Amazon’s cloud meet our high standards for privacy and security including appropriate use of encryption.”
In other words, when your Amazon tablet sends data up to their servers it is (quite rightly) encrypted. And that helps hackers and intelligence agencies from snooping upon your communications.
But if someone was able to get physical hold of your device, they would be able to easily extract the data and your personal information from it.
That is, of course, very different from an Apple iPhone.
Fire OS not using encryption by default for data stored locally was always a mistake. But the fix should have been to ensure it was always enabled, not to rip the feature out.
All we (and the FBI) can hope is that terrorists, drug lords and paedophiles will suddenly all choose to adopt Amazon’s products because clearly security and privacy is not a priority.
It certainly doesn’t sound like they are a great choice for the rest of us.
Update: Amazon appears to have had a change of heart following the outcry online, and will be reintroducing the encryption option in a future update.
“We will return the option for full disk encryption with a Fire OS update coming this spring.”
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.