Google Can Remotely Reset Passcodes on Older Android Devices

Android devices running older versions of the software can be remotely reset by Google if a court demands access to it, according to a document prepared by the NY District Attorney’s Office.

Technically, Google can be forced to comply with such orders, though it only can do so with devices that aren’t encrypted. Although this doesn’t apply to all Android devices, it still encompasses a large portion – affecting all devices running anything lower than Android 5.0 ( roughly 74%). Google doesn’t enable it by default on most devices though so it’s probable that the number of devices it can remotely access stands at a figure considerably higher than 74.1 percent of the total pool.

According to documents obtained by The Next Web, Google can remotely unlock phones if served with a search warrant and a request to assist law enforcement.

“Forensic examiners are able to bypass passcodes on a few of those devices using a variety of forensic techniques”, says the report. The document, which has something to do with encryption and its impact on forensic investigation, is entitled the Report of the Manhattan District Attorney’s Office on Smartphone encryption and public safety.

However, Apple and Google have both added full-disk encryptions to iOS 8 and Android 5.0 and beyond, which means that they can no longer be remotely accessed by the two tech giants. However, full disk encryption is not enabled by default on all Android devices which means that a device running a newer version isn’t necessarily invulnerable to the remote reset. This way investigators can gain access to data on the device. Full disk encryption does have a slight disadvantage, it slows down the hardware a little.