Search

Android's Full Disk Encryption Compromised, Affects Millions of Devices

Advertisement
Highlights
  • Researcher Gal Beniamini, found a way to compromise Android's FDE
  • The hack leaves millions of Android devices at risk of being vulnerable
  • Google and Qualcomm are aware of the issue and have released patches
Android's Full Disk Encryption Compromised, Affects Millions of Devices

It's far from surprising anymore to hear about security glitches in Android but this latest find could potentially compromise the security of hundreds of millions of devices. The flaw has been spotted by Gal Beniamini, a security researcher, who's found a way to use ARM's TrustZone kernel code-execution to essentially break Android's Full Disk Encryption (FDE).

All Android smartphones running on 5.0 Lollipop or later use something called FDE, which makes all the data on your phone unreadable unless you have the unique key needed to decrypt it. This is the similar to the security feature that caused a tussle between the FBI and Apple recently. According to Beniamini's report, an attacker can potentially exploit certain loopholes in Qualcomm's security in order to recover that unique encryption key. He also states that the issue cannot be completely resolved with merely a security patch as it might require hardware changes.

FDE is designed to be uncrackable but clearly it's not as secure as Google hoped. Breaking FDE still requires a brute-force attack but once the attacker has the key, all that's left is figuring out your password. Beniamini's research also found that the key is not hardware bound which means it can be extracted by software. He goes on to state that Android's current FDE is only as strong as the TrustZone kernel. Any vulnerability exploited here could easily compromise the devices encryption and thereby, exposing your private data.

Google says it rolled out patches for this issue earlier this year. Qualcomm says the issue was "identified internally" and fixed, with patches issued to "customers and partners", but if and when these fixes find their way down to consumer devices out there is anyone's guess.

Qualcomm's full statement: "Providing technologies that support robust security and privacy is a priority for Qualcomm Technologies, Inc. (QTI). QTI continues to work proactively both internally as well as with security researchers such as Gal Beniamini to identify and address potential security vulnerabilities. The two security vulnerabilities (CVE-2015-6639 and CVE-2016-2431) discussed in Beniamini's June 30 blog post were also discovered internally and patches were made available to our customers and partners. We have and will continue to work with Google and the Android ecosystem to help address security vulnerabilities and to recommend improvements to the Android ecosystem to enhance security overall."

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

 
Show Full Article
Please wait...
Advertisement

Related Stories

Popular Mobile Brands
  1. Android 16 Update Is Coming Soon - Here's What to Expect
  2. Realme Announces Limited-Time Discounts on Realme GT 7 Series in India
  3. Motorola Edge 60 With 5,500mAh Battery Launched in India: Price, Offers
  4. Know All About Apple's New Liquid Glass Design Language
  5. Nothing Announces 'Now or Nothing' Sale in India: Check All Offers
  6. Vodafone Idea (Vi) Launches 5G Services in Bengaluru
  7. Apple Announces iOS 26 With Liquid Glass Design, These New Features
  8. Activision Says It's Working With Nintendo to Bring Call of Duty to Switch
  9. Samsung Galaxy Z Fold 7 Claimed to Be Thinnest, Lightest Foldable to Date
  10. WWDC 2025 Highlights: Apple Unveils iOS 26, macOS 26 and Liquid Glass UI
  1. Nothing Announces 'Now or Nothing’ Sale in India for Nothing and CMF-Branded Products
  2. What is Liquid Glass Interface, Apple’s New Universal Design Language for iPhone, iPad, Mac, and Other Devices
  3. Activision Says It's Working With Nintendo to Bring Call of Duty to Switch After Black Ops 7 Reveal
  4. Asus TUF Gaming F16, TUF Gaming A16, ROG Strix G16 and ROG Zephyrus G14 2025 Variants Launched in India
  5. UK Bolsters Web3 Investigations, Appoints First Crypto Intelligence Specialist to Insolvency Service
  6. Latest Windows 11 Insider Preview Lets You Try a New Start Menu With Scrollable Interface, More Features
  7. Vodafone Idea (Vi) Announces Rollout of 5G Services in Bengaluru
  8. Android 16 Update Release Date, Eligible Devices and What to Expect
  9. Realme GT 7, Realme GT 7T Get Up to Rs. 6,000 Discount for a Limited Time in India
  10. Nothing Phone 3 Leaked Render Suggests Transparent Back Panel, Triple Rear Cameras, No Glyph Interface
Gadgets 360 is available in
Download Our Apps
App Store App Store
Available in Hindi
App Store
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.
Trending Products »
Latest Tech News »