That gets returned because, so far as a device policy app is generally concerned "encrypted without a password", although technically encrypted, is not particularly secure- so the policy service reports that as unencrypted to avoid giving admins a false sense of security. I presume the device did not have "unlock to start" turned on in the first instance but did in the second?
The API is rather blunt as it stands. A possible future fix is to expose "encrypted-but-not-password-protected" as a fifth state for getStorageEncryptionStatus to return, or failing that to update the docs to explain this a little better. On Thursday, 12 February 2015 03:05:19 UTC, Patrick Brennan wrote: > > I am trying to determine the storage encryption status of my Android > device from within my application. Following the recommendations of the > relevant Android Developer page > <http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#getStorageEncryptionStatus()>, > > here is my code: > > DevicePolicyManager mDPM = (DevicePolicyManager) > getSystemService(Context.DEVICE_POLICY_SERVICE);int encryptionStatus = > mDPM.getStorageEncryptionStatus();if (DEBUG) Log.v(TAG, > "checkSecuritySettingsSufficient: encryptionStatus=" + encryptionStatus); > > Here's the trouble: when I run this code on a device (I've tried it on a > Motorola Droid Maxx running Android 4.4.4 and a Nexus 7 running Android > 5.0.2) *which I have previously encrypted*, > DevicePolicyManager.getStorageEncryptionStatus() will *always* return a > value of 1, i.e. ENCRYPTION_STATUS_INACTIVE. > > Android is therefore reporting that the device is not encrypted, despite > the fact that the file system is definitely encrypted (I checked its status > from the Settings > Security page). > > Is this function broken? There doesn't seem to be any mention of that on > SO or on other web sources. This leads me to believe that I am not doing > something correctly with respect to DevicePolicyManager. > > *UPDATE* After running through the encryption steps again with the > Motorola device, DevicePolicyManager.getStorageEncryptionStatus() is > returning the correct value, but it's still failing on the Nexus 7. > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/android-security-discuss. For more options, visit https://groups.google.com/d/optout.
