Amazon's Kindle devices run a custom version of Android that, until today, supported full-disk encryption. Now they don't.
The latest update to Amazon's Fireos disabled full-disk encryption. If you run the update and then lose your device, whomever finds it will be able to see any private or sensitive information you've stored on it (if you don't run the update, you won't get patches and your device will be liable to being taken over by hackers).
The move comes as Apple and the FBI are fighting in court over whether the government can force companies to make tools to backdoor their own security measures, and as the US Congress is contemplating legislation that would ban effective encryption in US-manufactured devices.
Ironically, Amazon's Kindle/Fire platform does use encryption: Digital Rights Management. The company uses DRM to control how you use your ebooks (though publishers can opt out if they choose to), and refuses outright to carry audiobooks unless rightsholders allow them to encrypt them with Amazon's DRM.
For privacy and encryption advocates, this move goes against the recent trend to make encryption available by default, and puts Amazon customers’ data at risk, given that they won’t be able to protect the information in their tablets and phones with encryption.
“This is a terrible move as it compromises the safety of Kindle Fire owners by making their data vulnerable to all manner of bad actors, including crackers and repressive governments,” Ari Balkan, a coder, human rights activist, and owner of a Kindle Fire, told Motherboard. “It’s clear with this move that Amazon does not respect the safety of its customers.”
Amazon Quietly Removes Encryption Support from its Gadgets
In 2012, Google rolled out Certificate Transparency, a clever system to spot corrupt “Certificate Authorities,” the entities who hand out the cryptographic certificates that secure the web. If Certificate Authorities fail to do their jobs, they put the entire electronic realm in danger — bad certificates could allow anything from eavesdropping on financial transactions to […]
Troy Hunt, proprietor of the essential Have I Been Pwned (previously) sets out the hard lessons learned through years of cataloging the human costs of breaches from companies that overcollected their customers’ data; undersecured it; and then failed to warn their customers that they were at risk.
A security researcher has published a vulnerability and proof-of-concept exploits in Google’s Internet of Things security cameras, marketed as Nest Dropcam, Nest Dropcam Pro, Nest Cam Outdoor and Nest Cam Indoor; these vulnerabilities were disclosed to Google last fall, but Google/Nest have not patched them despite the gravity of the vulnerability and the long months […]
Custom coffee vessels are the perfect piece of office flair, but it’s just a matter of time before your VOTE FOR PEDRO mug will start to lose its relevant wit. Why not have a new one every day, with whatever silly nonsense you want sticking off the sides? You can save big on your novelty […]
The Lightning port has thus far resisted the cruel fate that befell the headphone jack, and despite rumors that it may be disappearing come iPhone 8, for the present and foreseeable future, Lightning cables are a hot commodity for iPhone users. As such, we must make do in this strange time in which long, glorified […]
All the filters in the world won’t save your smartphone pics from a shaky hand. To really step up your mobile photography game, you’ll need some kind of mount to hold it steady. You could buy a smartphone attachment for a conventional camera tripod, but who wants to carry that kind of gear everywhere they […]