“Amazon has confirmed it removed the ability to encrypt locally stored data on its Fire tablets, saying that customers weren’t using the service,” Mae Anderson reports for The Associated Press. “The change comes as Apple squares off against the FBI over access to an encrypted iPhone. Apple says giving the government access would make all other iPhones more vulnerable to hacks. But the encryption that Amazon has removed is somewhat different than the security involved in the Apple case. And Amazon made the change well before the brouhaha started.”
“Amazon made the switch when it introduced its new Fire OS 5 in September with new Fire tablets. But it was brought to light this week as older versions of the tablets get operating system updates,” Anderson reports. “Amazon removed device encryption, but communication between Fire devices and Amazon’s cloud, as well as data stored within the cloud, is still encrypted.”
“Jeremy Gillula, staff technologist at the Electronic Frontier Foundation, said the move is puzzling since Amazon uses a modified version of Android’s operating system for its Fire OS, so encryption was likely built into the Android system. ‘It’s concerning from a security point of view,’ he said. ‘If you lose your tablet or your tablet is stolen, any data that’s stored is readable.’ Cynthia Larose, chair of the privacy and security practice at the law firm Mintz Levin in Boston, said removing the security feature simply because customers weren’t using it sends the wrong message to users: ‘I would have preferred to see Amazon engage in some customer education about the use of the included security measures.'”
Read more in the full article here.
MacDailyNews Take: If you want an insecure pretend iPad, you know where to get it.
[Thanks to MacDailyNews Reader “MotivDev” for the heads up.]