It has been revealed in a document prepared by the NY District Attorney’s Office that Google has the ability to bypass device passcode of devices running older versions of Android if it’s forced to do so by a court order.
Advertisement
The document, which looks at the impact of full disk encryption on access for law enforcement, says that devices running Android 5.0 (and newer) are unable to be remotely reset as they use full disk encryption – it’s not switched on by default for many devices, however.
“Apple’s and Google’s decisions to enable full-disk encryption by default on smartphones means that law enforcement officials can no longer access evidence of crimes stored on smartphones, even though the officials have a search warrant issued by a neutral judge”, the document reads. The reasons why Google hasn’t been able to abide requests for newer versions is that it started implementing device-side encryption, and it simply does not have the decryption keys to perform the unlocks when authorities ask for it.
The process to turn it on varies by model, but can usually be found somewhere in the settings menu.
Android Developer Dashboard – have old versions of software running on their phones and could be at risk for these remote password changes.
Advertisement
Android users that don’t want anyone remotely resetting their or phone or browsing their data, should enable full disk encryption. It should be noted that just because Google can reset user-generated Android passwords remotely doesn’t mean that it ever has. The technology company has consistently refused to do so as it is afraid that obliging could set a precedent that prevents users from controlling their own data. In contrast, the nature of the Android ecosystem means many devices never get updates that could add in features like full disk encryption.
