Android Nougat, the latest version of Googe's mobile operating system, comes with a host of major improvements, ranging from fun, virtual reality features to an even smarter digital assistant. And while it makes major improvements to how it handles security in a number of ways, cryptographer and security expert Matthew Green has a good blog post explaining that even the latest and greatest still leaves a lot of data vulnerable.
He also does a good job of explaining why, and it largely boils down to how Android is migrating from full-disk encryption to a file-based approach, while still giving users quick access to phone functionality on the go. Not surprisingly, it's a tricky problem: You don't have to have to enter a passcode every time you take a photo or get a status notification, but you do want to make sure that no one without a passcode can see your older photos or reader other on-device data.
To solve this challenge, Apple created four encryption options for files on the phone: No encryption, encrypted while phone is locked, encrypted until phone is rebooted, and the ability to create encrypted files even when the phone is locked (think adding photos).
According to Green, Android really has two settings for encryption, encrypted until boot (no user password required) and encrypted until user enters a password after boot. This means that if the phone is still on when it falls into the wrong hands, it's possible to to pull out the encryption key and ultimately access the data.
It's still not necessarily easy nor trivial, but as we've seen over the past few years in mobile security, what's theoretical but impractical today can become an active exploit tomorrow. Read Greeen's fulll post here.