Beniamini's research highlights several other previously overlooked disk-encryption weaknesses in Qualcomm-based Android devices. Since the key resides in software, it likely can be extracted using other vulnerabilities that have yet to be made public. Beyond hacks, Beniamini said the design makes it possible for phone manufacturers to assist law enforcement agencies in unlocking an encrypted device. Since the key is available to TrustZone, the hardware makers can simply create and sign a TrustZone image that extracts what are known as the keymaster keys. Those keys can then be flashed to the target device. (Beniamini's post originally speculated QualComm also had the ability to create and sign such an image, but the Qualcomm spokeswoman disputed this claim and said only manufacturers have this capability.)

"That's significantly different than how iOS works," Dan Guido, an expert in mobile device encryption and the founder and CEO of security consultancy Trail of Bits, told Ars. "What it means is that now you trust a second party, you trust somebody who built the software that holds the key. Maybe people didn't realize that before, that it's not just Google that can mess around with the software on your phone, but it's also [Google partners], and it's in a very significant way."

So, essentially if you are wondering why some users have turned to Apple as of recently, it's because of the broken promises that Google once offered and has failed on thus far. Of course, if you have nothing to hide anyways, use Android or Apple doesn't matter, but don't go saying that you use Android and stay away from Apple because it's more secure.