Yesterday it came to light that Amazon has silently dropped support for device encryption from Fire OS 5. This move leaves millions of Fire HD and Fire HDX tablets owners, not to mention those who took a gamble on the Fire Phone (yeah, remember that?) with no way to secure the data on their devices.
According to Amazon, this "enterprise feature" was removed because the company "found customers weren't using" it.
Sorry Amazon, but that's a really lame reason, and the timing couldn't be any worse, what with Apple fighting it out in the courts for the right to keep the data stored on iPhones and iPads safe.
Let's dissect a few things.
First off, since when is device encryption an "enterprise feature"?
What utter nonsense. It isn't anything of the sort. Encryption is a necessity that has arisen from the fact that we are storing more and more data on personal devices. Without proper encryption, the data contained on mobile devices is put at risk when a device is lost or stolen, or even when we sell that device or send it back to the manufacturer when something goes wrong.
By defining encryption as an "enterprise feature" Amazon PR is trying to dig itself out of the crater that the company created by removing the encryption in the first place.
But why is Amazon choosing to go to the effort to remove the security feature at all? After all, Amazon's Fire OS is simply a fork of Android, based on the Android Open Source Project (AOSP) code. The encryption comes as part of the package, and Amazon has chosen to remove it.
Last year Google reported that it would allow hardware makers to decide whether or not to enable encryption-by-default because of performance issues on older devices, so there might be a technical reason behind Amazon's choice. But in which case why not just say that device encryption has a negative effect on the performance of its hardware and simply warn users enabling it might have consequences?
In other words, put the user in charge of things.
But as it stands Amazon has chosen to remove encryption from its devices, and we have to move forward from there. For me this means:
- I won't be purchasing any more Amazon hardware. Period. No Fire tablets, no Fire TV, no Kindle e-readers and no Echo devices. If Amazon is willing to drop something as vital as device encryption from its tablets for no better reason than "customers weren't usingit" then Amazon is going in a direction I'm no longer happy with.
- I will no longer be recommending or endorsing Amazon hardware. And that's a shame because the company makes some decent products. But Amazon has made the wrong choice here, and it has to deal with the fallout. You can't expect to be able to ax murder security in such a way without there being consequences.
If you're using a Fire tablet then you are now left with a dilemma. Do you update the device and live without encryption, or do you continue running the device with outdated software? Personally, I'll be wiping my Fire devices and will turn them into e-book readers (which, in reality, means that they become paperweights).
Now where's my iPhone...?
Updated Mar 4: Now it appears that Amazon is reversing course and will add back encryption in a Spring update, according to TechCrunch.