I often read internet articles which says that encrypt android device is a good thing to do. Sometimes they say it is a must.
But they mostly never say in which cases this helps and which it can not. But, actually, this must the question number 1.
It is completely clear that if somebody somehow found the password - encryption does not help.
On the other hand if he/she do not know you password how encryption can differ?
And the good answer sounds like this:
The attacker may be able to access the built-in flash memory without
booting the device. Perhaps through a software attack (can the device be
tricked into booting from the SD card? Is a debug port left open?);
perhaps through a hardware attack (you postulate a thief with a lead
pipe, I postulate a thief with a soldering iron).
Another use case for full-disk encryption is when the attacker does
not have the password yet. The password serves to unlock a unique key
which can't be brute-forced. If the thief unwittingly lets the device
connect to the network before unlocking it, and you have noticed the
theft, you may be able to trigger a fast remote wipe — just wipe the
key, no need to wipe the whole device. (I know this feature exists on
recent iPhones and Blackberries; presumably it also exists or will soon
exist on Android devices with full-disk encryption.)
Do you think somebody will apply described attack against you?