I hate it when someone assumes "full device encryption" = "security". How many "mortal person" security issues are exactly prevented with full device encryption? Virtually the only ones I can think of are the of the "government employee with nation-wide secrets" variety, where the attackers care enough to actually desolder eMMC chips. But for those you have to take into consideration how probable it is for a government-level agency to be able to break any crypto you throw at them... This is the reason most known "privacy-unfriendly" (*cough*) are quite happy to offer full device encryption. It thwarts almost no one. Signed: javispedro, the "anti-security" guy.