If you’re the proud owner of an Amazon Fire device, this news is of great interest to you. According to Amazon forum members, Amazon has dumped encryption on locally stored data, which means your information is stored in plain text and vulnerable to cyberattacks.
Anyone who upgrades their Fire Phone, Amazon Fire HD, Kindle Fire, or Amazon Fire TV Stick to Fire OS 5 should say goodbye to local encryption.
Amazon’s quiet decision is that much more controversial as it comes in the middle of a heated legal fight between Apple and the FBI on the matter of online security.
At the same time, it doesn’t make sense to remove encryption; this is a move that goes against the fundamental principles of cybersecurity. Should an attacker gain access to an encrypted device, all they get is scrambled data.
Now, if they get their hands on an unencrypted Kindle Fire, for example, almost anything is up for grabs: local data, app data, logins, credit card credentials – everything is now visible.
Amazon’s reasoning behind the decision to deprecate its encryption standards is still unclear. An Amazon spokesperson did try to clarify, saying that some features were removed from the new OS because “customers weren’t using them.”
The spokesperson also mentioned this decision was made in the fall of 2015, which means it wants nothing to do with the current encryption debate.
There’s little users can do in terms of preserving the encryption. One option is refusing to update their OS, but that in itself comes with security patching issues – and Amazon could eventually make it mandatory.
At the same time, they could upgrade and cross their fingers everything goes well, or they could stop using their Fire devices altogether. None of the available options are even close to ideal.
Android devices have a history with implementing encryption, and the best example is Google’s promises regarding Android Lollipop.
When it was released last year, it was supposed to come with the encryption enabled by default, but Google went back on its word saying that cheaper devices had “performance issues.” Users can, however, turn on the encryption manually, which is not an option with Fire OS.
Those who connected Amazon’s encryption decision with Apple’s fight with the FBI also noted that Amazon has yet to shows it supports the company. Local encryption, as Apple said, is vital to keep the users’ data safe from all sorts of cyberthreats.
Image Source: Insights Dice