When the American government tried to force Apple to weaken its encryption, the company boldly and publicly refused, and is now fighting a massive legal battle in order to defend its decision, but how would other companies have reacted in similar situations? Judging from how much support Google and Microsoft are giving Apple, their competitor, it’s safe to assume that the two of them would have made similar moves, but what about Amazon? Well, considering how it recently decided to completely disable encryption on many of its devices for pretty much no reason, I don’t think Amazon cares enough about encryption to fight the government for it.
Locally stored data on Amazon Fire devices is no longer encrypted. Anyone who upgrades their Kindle Fire, Fire Phone, Amazon Fire HD, or Amazon Fire TV Stick to Fire OS 5 will have local information left vulnerable to cyber attacks and stored in plain text. Amazon forum members first flagged the encryption removal and were later followed by Twitter user David Scovetta last night. Making devices remove encryption goes against basic cybersecurity principles. An attacker or thief gets nothing but scrambled data if they gain access to an encrypted device, but when they get their hands on an unencrypted one, most anything is up for grabs. They can see all local data, including app data, like logins and credit card credentials, as well as photos, videos, texts, and emails. It’s unclear why the company would choose to deprecate its encryption standards. An Amazon spokesperson did try to clarify. “When we released Fire OS 5, we removed some enterprise features that we found customers weren’t using,” the spokesperson told The Verge. The spokesperson also noted that this decision was made in the fall of 2015, prior to the over-the-air update that was released this past month.