Amazon To Restore Fire OS Encryption After Backlash

Amazon quickly flip-flopped after a firestorm of criticism burned the company for removing encryption from its Fire tablets.

Eric Zeman, Contributor

March 7, 2016

2 Min Read
<p align="left">(Image: JurgaR/iStockphoto)</p>

iPhone Encryption: 5 Ways It's Changed Over Time

iPhone Encryption: 5 Ways It's Changed Over Time


iPhone Encryption: 5 Ways It's Changed Over Time (Click image for larger view and slideshow.)

It's hard to say which is worse, that Amazon thought it was a good idea to pull encryption from FireOS, or that it took months for anyone to notice. After the change in policy became public knowledge, Amazon swiftly reversed its poor decision thanks to scathing blowback in the wake of Apple's encryption fight with the FBI.

Amazon released Fire OS late last year. The update added a wide number of features to Amazon's Fire-branded tablets, but also stripped out several tools.

"In the fall when we released Fire OS 5, we removed some enterprise features that we found customers weren't using," explained Amazon spokesperson Robin Handaly to Wired. That includes device-side encryption. But Handaly said, "[A]ll Fire tablets' communication with Amazon's cloud meet our high standards for privacy and security, including appropriate use of encryption." Handaly didn't define what that truly means.

It's one thing for the connection between the tablet and the server to be secure, and another thing entirely for the device itself to be secure. Without local encryption, Fire tablet owners' devices are at the mercy of hackers. One might argue that Amazon's Fire tablets are chiefly used for entertainment purposes, but vital customer info -- such as names, addresses, and payment information -- is likely available for the pilfering.

Amazon provided the first developer builds of Fire OS 5 in June 2015. The final version of the platform was pushed to new Fire tablets in September 2015, and reached older Fire tablets in December 2015. The story came to light only recently due to the current focus on device encryption thanks to Apple's battle with the government.

It's also worth pointing out that Amazon is one of a number of companies that backed Apple's use of encryption in the San Bernardino iPhone case.

[Read Apple, FBI, Congress: 5 Burning Questions Raised.]

Clearly, Amazon made the decision to remove device encryption a long time ago -- maybe even as far back as a year ago. Tablets running Fire OS 5 have been unprotected for many months. That's disconcerting, even if customers weren't using encryption in the first place.

To its credit, once the matter blew up in its face, Amazon acted swiftly.

"We will return the option for full-disk encryption with a Fire OS update coming this spring," said Handaly to Reuters via email over the weekend.

However, a spring target date is vague. Amazon would do well to return encryption to Fire OS sooner rather than later.

About the Author

Eric Zeman

Contributor

Eric is a freelance writer for InformationWeek specializing in mobile technologies.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights