The pre-release window for Android L continues to be full of surprises. The new Android OS, due out before the end of the year, is set to encrypt device data by default, a first for the Android universe—but it’ll probably be a while before default encryption comes to every Android user.
Savvy Android users already know how to keep their phones and tablets safe with encryption. Beginning with Android Honeycomb in early 2011, Google has offered access to optional full-disk encryption via the Settings app. As Honeycomb was a tablet-only release, smartphones didn’t get this feature until Android 4.0 Ice Cream Sandwich was released, several months after Honeycomb.
Based on the original report from The Washington Post, it’s not clear if the default encryption in Android L will just be the standard encryption Android offers now or if this will be something new. It’s also unknown if people with older devices upgrading to Android L will also see encryption turned on by default.
Google was unavailable for comment at this writing, but we’ve asked the company for more information and will update this story should we get a response.
Defaulting to encryption is nothing but a good thing. It means bad actors (as well as overzealous law enforcement) will have a difficult time cracking into your phone without your authorization. Google won’t be able to access (or hand over) your phone’s data, either—although law enforcement will still be able to retrieve some information from Google’s servers with a proper warrant.
A slow roll-out
But even with encryption turned on by default in Android L, it will likely be a long time before the majority of Android users have devices that default to a more secure state.
Android suffers from a serious case of fragmentation. At this writing, the majority of Android users worldwide (around 54 percent) were using Android 4.1-4.3 (Jelly Bean), according to Google’s own count. Only 24.5 percent meanwhile are running the most recent version of Android, version 4.4 KitKat.
The biggest problem for Android is that Google depends on phone manufacturers and carriers to roll out timely updates to older phones. That severely delays the roll out of new features to users—if devices get updated at all.
That’s a decidedly different situation from iOS, where the vast majority of users are always on the latest version of iOS within a few weeks of its release. That level of adoption happens because Apple tends to roll out its latest version of iOS to as many old devices as it reasonably can. Apple also has the advantage of bypassing the carriers and supplying iOS updates directly to users. Apple devices as old as the iPhone 4S and the iPad 2 can upgrade to the just-released iOS 8.
Large scale adoption of the newest version of iOS also enables Apple to deliver important new features relatively quickly. In iOS 8, for example, Apple is beefing up device encryption so that Apple can’t retrieve data protected behind a passcode. For pre-iOS 8 phones, the company could retrieve select data from iPhones and iPads.
Apple’s advantages aside, it’s heartening to see Android defaulting to encryption with the release of Android L.
But why wait? With only a tiny minority of Android users running pre-Android 4.0 devices, most Android owners can already turn on encryption for their devices if they wanted to. Check out Greenbot’s tutorial on how to encrypt your Android device today.