Amazon has quietly dropped encryption support from its Android-powered Fire tablets, leaving private documents and other data stored by users in these devices vulnerable to attacks from hackers.
The news comes amid a row between Apple and the U.S. Federal Bureau of Investigation (FBI) over the latter's demand that the Cupertino giant unlock an encrypted phone used by San Bernardino shooter Rizwan Farook. The smartphone-maker refused to give the intelligence agency unfettered access to the iPhone 5c used by the accused, arguing that the move would undermine data security of its devices.
Surprisingly, Amazon has now decided to ditch the encryption feature for its Fire tablets, saying it is not popular with users of its devices. The new Fire OS 5 update will remove the encryption support.
"In the fall, when we released Fire OS 5, we removed some enterprise features we found customers weren't using," Amazon told Engadget in a statement. "All Fire tablets' communication with Amazon's cloud meet our high standards for privacy and security, including appropriate use of encryption."
The move has upset digital privacy advocates. "Removing device encryption due to lack of customer use is an incredibly poor excuse for weakening the security of those customers that did use the feature," Jeremy Gillula, staff technologist with the Electronic Frontier Foundation, told Reuters.
Gillula went on to say Amazon should have pushed to "make device encryption the default," as data stored in a tablet can be as sensitive as that on a phone or on a computer.
Cryptologist Bruce Schneier called Amazon's move stupid, adding: "Hopefully the market will tell them to do otherwise."
How will Amazon's move affect users of its tablets? Encryption is used to protect data stored in a device. So, removing it could compromising the security of the device. Owners of Fire tablets and Kindle e-readers could be vulnerable to hackers without a feature in the Fire OS that used to support encryption by default prior to Amazon's decision to ditch it.
The latest Fire OS 5 update will remove encryption. Thus, a user may have to stick to the current operating system if they want to keep the device encrypted, but that means they will not get Android security updates. If they opt for the OS update, data they store in the device could become vulnerable to attacks.