Encryption: Apple pretty much going it alone

16 Mar 2016

When it comes to mainstream smartphones, Apple’s products are the kingpins of encryption. What of Android, you say? Well, it’s complicated.

Apple has been front and centre of a lot of encryption arguments of late, with the San Bernardino shooting leading to a stand-off between the iPhone maker and US authorities.

The FBI wants ‘legal’ permission and precedent to force the company to hack a dead man’s phone. I say ‘legal’ because it’s simply ludicrous to believe the cyber resources available to US law enforcement and surveillance can’t break into a device. Apple says no.

Indeed in a separate, yet mildly related case on the other side of the US recently, a judge found in favour of Apple’s encryption stance. As The Intercept explained at the time, US Magistrate Judge James Orenstein “repeatedly noted that the government could not demonstrate, or even state, that it would be unable to access the iPhone without Apple’s help”.

We’re behind you

Apple has gained support from far and wide, with software companies like WhatsApp, Microsoft, Facebook and Twitter quick to defend encryption – in some cases the key to retaining customers.

Google, too, supports Apple, but herein lies the uncomfortable truth. For all its support, the Google-driven Android operating system, which supports the majority of smartphones worldwide, is far from an encrypted haven.

As the Wall Street Journal points out, while almost every iPhone is encrypted, fewer than 10pc of the world’s 1.4bn Android devices are.

That’s because Google went for scale when it developed Android. In return for running some Google programmes (Search, Maps etc), manufacturers have relatively free rein on the software that supports these phones. 400 manufacturers, 4,000 devices, all going their own way.

A two-sided coin

On iOS, Apple’s latest iteration (9) is its most secure and almost 80pc of iPhones to date have upgraded to that. While Alphabet defends encryption – and the latest Android system Marshmallow supports far more encryption than older examples – few devices match that ethos.

True, Google Nexus devices are encrypted, and 2.3pc of all Android devices are on Marshmallow, but pretty much everything else is out in the wild.

“There is a push and pull with what Google wants to mandate and what the [manufacturers] are going to do,” said security analyst Andrew Blaich, claiming that, in some ways, Google is “at the mercy of the larger (manufacturers) like Samsung and LG that are driving the ecosystem”.

Many manufacturers don’t want encryption for fears of it slowing down their OS, adding another layer of manufactured complexity. Android security chief Adrian Ludwig said the company aims to eventually mandate encryption on all Android devices as components get less expensive. But ‘eventually’ is not now.

So, while support for Apple seems to gather pace on the outside, on the inside, despite Google’s best efforts, most are happy with the status quo.

Main image via Shutterstock

Gordon Hunt was a journalist with Silicon Republic