Device encryption

I’m not much of an expert on Android, let alone LineageOS and /e/.

Is the Android data encrypted at all by default?

If not, and I turn on encryption, what actually is encrypted? Are some partitions encrypted? Or is it file-level?

How does turning on encryption affect backups taken with ADB? What about backups taken with TWRP?

4 Likes

I think encryption may vary by device. As far as I know, Lineage doesn’t encrypt by default and neither does /e/, though I may be wrong.

To enable encryption on a Oneplus One running /e/, for example, go to Settings, then Security, and select Encrypt phone.

1 Like

Android documentation explains this. Full Disk encryption is deprecated and should no used anymore. The new method - file based encryption - means that data is encrypted per application. So the system itself (kernel, system files, recovery partition) will not be encrypted. Assuming I understood the documentation right. :slight_smile:

Side note: TWRP will not be used much longer according to LOS.

A/B devices have the recovery image built in into the boot image […]. This means that there’s no recovery partition and recovery will have to be included at build time into the OS.

That being said, it would of course be a great argument for /e/ if it would be “secure by default” which (for me) includes encrypted storage.

1 Like