Amazon disabled encryption on its devices for no real reason

Locally stored data on Amazon Fire devices is no longer encrypted. Anyone who upgrades their Kindle Fire, Fire Phone, Amazon Fire HD, or Amazon Fire TV Stick to Fire OS 5 will have local information left vulnerable to cyber attacks and stored in plain text. Amazon forum members first flagged the encryption removal and were later followed by Twitter user David Scovetta last night. Making devices remove encryption goes against basic cybersecurity principles. An attacker or thief gets nothing but scrambled data if they gain access to an encrypted device, but when they get their hands on an unencrypted one, most anything is up for grabs. They can see all local data, including app data, like logins and credit card credentials, as well as photos, videos, texts, and emails. It’s unclear why the company would choose to deprecate its encryption standards. An Amazon spokesperson did try to clarify. “When we released Fire OS 5, we removed some enterprise features that we found customers weren’t using,” the spokesperson told The Verge. The spokesperson also noted that this decision was made in the fall of 2015, prior to the over-the-air update that was released this past month.