Big news a few months ago: Google announced that all new devices which ship with Lollipop would have encryption enabled by default. Fast forward to today, and aside from Google’s own Nexus devices, none of the new Lollipop devices actually seem to have encryption enabled by default. It turns out that Google has quietly relaxed this requirement in the Android Compatibility Definition, from ‘MUST’ to ‘very strongly RECOMMENDED’.
Why? Performance, supposedly.
Our best guess at this point is that the encrypted-by-default requirement was relaxed to give OEMs more time to prepare their hardware for the transition. The performance problems can be offset by using faster flash memory, faster file systems like F2FS, and chips that are better at encrypting and decrypting data quickly, but phones and tablets take long enough to design that OEMs will need time to make these changes. Whether the change in policy was prompted by external pressure or an internal decision isn’t clear, but the performance explanation makes the most logical sense.
Ouch. It’s pretty clear Google wanted to quickly gain some positive press, especially after Apple announced it would turn encryption on by default in iOS, but failed to look at any possible performance repercussions. Sleazy move.
Not sleazy. Just incompetent.