Amazon's Kindle devices run a custom version of Android that, until today, supported full-disk encryption. Now they don't.
The latest update to Amazon's Fireos disabled full-disk encryption. If you run the update and then lose your device, whomever finds it will be able to see any private or sensitive information you've stored on it (if you don't run the update, you won't get patches and your device will be liable to being taken over by hackers).
The move comes as Apple and the FBI are fighting in court over whether the government can force companies to make tools to backdoor their own security measures, and as the US Congress is contemplating legislation that would ban effective encryption in US-manufactured devices.
Ironically, Amazon's Kindle/Fire platform does use encryption: Digital Rights Management. The company uses DRM to control how you use your ebooks (though publishers can opt out if they choose to), and refuses outright to carry audiobooks unless rightsholders allow them to encrypt them with Amazon's DRM.
For privacy and encryption advocates, this move goes against the recent trend to make encryption available by default, and puts Amazon customers’ data at risk, given that they won’t be able to protect the information in their tablets and phones with encryption.
“This is a terrible move as it compromises the safety of Kindle Fire owners by making their data vulnerable to all manner of bad actors, including crackers and repressive governments,” Ari Balkan, a coder, human rights activist, and owner of a Kindle Fire, told Motherboard. “It’s clear with this move that Amazon does not respect the safety of its customers.”
Amazon Quietly Removes Encryption Support from its Gadgets
If you think that your phone may have been hacked so that your adversaries can watch you through the cameras and listen through the mics, one way to solve the problem is to remove the cameras and microphones, and only use the phone with a headset that you unplug when it’s not in use.
In A2: Analog Malicious Hardware, a paper given at the 2016 IEEE Symposium on Security and Privacy, a group of researchers from the University of Michigan detail a novel, frightening attack on the integrity of microprocessors that uses nearly undetectable tampering, late in the manufacturing process, to allow attackers to trip the “privilege” bit on […]
Random number generators are the foundation of cryptography — that’s why the NSA secretly sabotaged the RNG standard that the National Institute for Standards and Technology developed.
If you’ve got a killer app idea, but don’t have the technical expertise to pull it off, get a crash course in all things app development with the Comprehensive Android Development Bundle, now over 90% off in the Boing Boing Store. Across 83 hours of training, you’ll learn to develop for the world’s most popular mobile OS, mastering […]
Jared Sinclair developed the RSS reader app Unread, which made $10,000 in its first 24 hours on the iOS market. And we’ve all heard the story of Flappy Bird developer Dong Nguyen, whose creation was reportedly earning $50,000 a day at the height of its 2013 explosion. While those are rare examples, they’re also testament to the […]
If you or your company’s IT system are besieged by black hat cyber attacks, an ethical hacker might be all that stands between crippling damage and a company’s long-term prosperity. It’s no wonder that the market for IT security specialists is exploding. Certification is the key – so learn the tenets of ethical hacking and get […]