As mentioned by Gaygirlie, a big factor is the AES-NI instruction in the ARMv8 instruction set supported by your Nexus 6. It dramatically reduces the performance and power hit of AES operations.

(I'm a member Android Security team who worked on bits of Lollipop FDE)

This isn't completely true on Lollipop devices that have hardware-backed credential storage. (Well, it's not really "hardware-backed", but it's in a Trusted Execution Environment, typically ARM TrustZone.)

For Lollipop, a big change to FDE was the inclusion of a hardware-backed key in the key derivation function (KDF) for the FDE master key encryption key. This provides two benefits:

1) It means that a dump of the contents of your encrypted flash is useless without the device.

2) It means that brute force search of your PIN/pattern/password space is serialized and rate-limited by the performance of the device. In a way this means that faster devices are less secure, though we also apply a device-tuned scrypt function as part of the KDF, which compensates in the case of an attacker who tries to perform the entire attack on-device.

The best attack against Lollipop FDE, on a device with HW-backed credentials, is to dump the data from the device flash, then flash a custom OS which makes calls into the HW crypto to create an oracle, processing a stream of requests and returning the responses. Then you do a brute force attack with a mixture of on-device and off-device resources, computing the first scrypt function offline, then performing the on-device crypto operation, then taking the results of that and performing the second scrypt function offline, which you then use to try to decrypt the FDE master key, offline.

The fastest devices on the market today will perform the HW-backed crypto operation in about 50 ms. Assuming everything is pipelined properly, this is the brute force attempt rate: 20 attempts per second. With a four-digit PIN, this is negligible: the entire space can be searched in 8 minutes. However, a six-character alphanumeric password (random, all lowercase) would take 630 days, on average, to break. That's pretty reasonable security.

In theory. In practice it would take much longer than that. I tried running this test on a Nexus 9 and found the device kept throttling itself because it got too hot, plus even with a 2A charger it consumed more power than was being provided to it, so I had to stop when the battery died and wait for it to recharge.

Pre-Lollipop, and even on Lollipop devices that lack HW-backed crypto, you can conduct the entire attack off-line, parallelized, on however much hardware you care to throw at it. I can't make any promises about the future, but I will say that I, personally, really want to significantly improve Android FDE in the future. I have changes in mind that will make brute force essentially impossible, unless you can break into the Trusted Execution Environment.

Float for autos- someone used the wrong version of a library function that returned float to initialize the auto. Kid was new, he didn't know the effects it would have. Auto wasn't the bug, but without auto the bug wouldn't have existed- the problem would have been minimized to a single call and caused a compiler warning that we would have caught and fixed. Auto made the bug worse.

No, I've used C++ in a very normal environment. STL container classes- used all over the place. The algorithms library? More complicated, harder to understand, and much harder to maintain. Very few places use that. And they shouldn't- while min and max aren't too bad, I would always prefer to see an explicit loop with the code embedded in the loop than a function call where I have to hunt down a functor (another thing that should never have come to be) to find out what the fuck is actually being done.

If you want to write Ruby- use Ruby. Keep that shit out of C++.

Bah. Outright falsehood-pushing "journalism" is as old as journalism, and the online version of it as old as online journalism. Wikipedia has been abused as long as it has existed, and the Woozle Effect is also nothing new -- indeed the name and awareness of the phenomenon predates the existence of ARPANET, much less the Internet.

I'm cool with nullptr for 0. But auto absolutely causes bugs. I've seen it, where programmers assume the auto datatype is one thing and it turns out to be another. It was a major performance issue in a program I debugged. Turns out the compiler assumed they were using floating point where they wanted to use int, and the processor didn't have a floating point unit, so it was all emulated in software. Unfortunately it wasn't found until after release.

In addition, it decouples the data type from the code in maintenance. Want to know what that auto loop is actually doing? You need to find and check wherever the container was defined. This takes time, and leads to bugs when maintainers forget or make the wrong assumption. For saving 10 characters at writing time you cost orders of magnitude that when maintaining the code.

Furthermore- the reason for auto was they fucked up the STL by adding too many features (allocators) and insisting on their algorithms library (which in 15 years of writing C++, I have never seen used) being compatible with pointers as well without using a wrapping class. Stupid, stupid ideas. You don't perpetuate mistakes with new features which add new problems- you correct them.

I completely understand the new features of C++- I just think the vast majority are a bad idea.

Then you're extremely lucky, I've had iOS hard lock when dogfooding apps fairly frequently (although that was a few years ago, maybe they're better). But I don't trust ANY device without a real pull the plug option, not after years of doing firmware and mobile development. If a device needs batteries, I will not buy it unless those batteries are removable.

If the phone is locked up, yes. Same thing for your computer and everything else. Hardware off switches are a rarity these days.

I wish people would stop adding to C++. C++ as it stood in 1998 was a good, if somewhat complex, language. The new additions (except for a few of the libraries) make the language way too complex and lead to unreadable code.

You need to learn that concise != good. If it did, everyone would be programming in perl 1 liners. Auto is the most braindead addition in history, it causes bugs, loses all the advantages of a typed language, and only needs to exist because they fucked up the STL by not using proper inheritance. Any code review that uses them is an auto bounce and fix. Templates are the most abused language concept in history- if you're using it for anything other than a container class, odds are 98% that you're writing hard to follow, hard to maintain code that should be rewritten

C== was better when it was treates as C++98.

I saw a 'gator right at the edge of the VAB parking lot last month. In a drainage ditch, up to the fence, cars parked right on the other side.

With luck, they'll start incorporating our radio transceivers. I hear that SpaceX flies with several USRPs now, so that's not completely unrealistic. That might be as close as I can get. Anyone who can get me a base invitation, though, would be greatly appreciated and I'd be happy to do some entertaining speeches while there. I need a base invite for Vandenberg, too. I got in to the official viewing site for the first try of the last launch (and that scrubbed too), but this next one is on Pad 6.

It's a BBC story. England is the absolute worst "Not Invented Here" country on the planet. For the English, nothing exists until they've let a monsterous bureaucracy and army of know-nothing consultants design-by-committee it into atrocity.

I was in Florida to speak at Orlando Hamcation and went to see the DISCOVR launch at Kennedy Space Center. I paid $50 to be at LC-39 for the launch, an observation tower made from a disused gantry on the Nasa Causeway between the pads and the Vehicle Assembly Building. A crawler was parked next door! A hot sandwich buffet, chips, and sodas were served. It was cold and windy! I watched for a few hours and unfortunately the launch scrubbed due to high stratospheric winds.

The next day, Delaware North Corporation, which operates tourism at KSC, decided not to open LC-39 or the Saturn 5 center for the launch. This was the third launch attempt and I guess they decided most people had left. I was annoyed.

The closest beach was going to be closed in the evening, it's a sensitive ecological area. I ended up seeing the launch from Jetty Park. This turned out not to be such a great location, the tower wasn't visible at all and the first 10 seconds of the rocket in flight were obscured before we saw it over a hill.

What's a better viewing location?

What has changed that's relevant? The existence of mobile devices? Bah.

Political correctness is new since 2005? Ummm, let me guess, you're under 30, aren't you?

Which was also true before 2005.

Also true before 2005.

I'll stop here, but nothing you mention was any different previously.

No, we want a quick way to do a 100% reboot if the phone is in a bad state.Without that your only option is to wait 1 day until the battery is dead. Or longer if the radio is off in that state.

Or buy a competing product that does do what you want. Like one of the gadzillion other android devices out there.