In amongst all the new features included in Android 5.0 Lollipop, you might have noticed this one: New devices come with encryption enabled by default. Android has offered the feature for several years but now any phones or tablets that come shipped with Lollipop have it switched on out of the box.
That makes it much harder for anyone — law enforcement agencies, thieves, and so on — to get data off your phone, and iOS includes a similar level of protection. This extra security comes at a cost though, and thanks to some in-depth reporting by AnandTech we know that built-in encryption is having a significantly negative impact on the Nexus 6’s read and write speeds.
How bad is it? AnandTech found a “62.9 percent drop in random read performance, a 50.5 percent drop in random write performance, and a staggering 80.7 percent drop in sequential read performance.” Encryption doesn’t directly affect the speed of the very capable Snapdragon 805 CPU inside the Nexus 6, but it does mean that the CPU might be idly kicking its heels while it waits for data to be transferred to and from the rest of the system.
None of this is particularly surprising — the extra processing required to encrypt and decrypt data as it’s written is always going to lead to a performance hit — but now we have some real-world figures that show just how much the speed of the Nexus 6 is affected by Lollipop’s newest layer of security. If your brand new Lollipop phone or tablet feels a little sluggish, now you know why. Older devices getting Lollipop via an OTA update, like the Nexus 5, will not have encryption enabled by default.
What’s more, the extra security feature doesn’t have much benefit unless you lock your device with a passcode, something that many users fail to do. “The move to enable [full disk encryption] by default in Lollipop seems like a reactionary move to combat the perception that Android is insecure or more prone to attack than iOS, even if that perception may not actually be accurate,” write Brandon Chester and Joshua Ho in the AnandTech report. “While it’s always good to improve the security of your platform, the current solution results in an unacceptable hit to performance. [We] hope Google will either reconsider their decision to enable FDE by default, or implement it in a way that doesn’t have as significant of an impact on performance.”