87% of Android devices insecure, University of Cambridge study

Page 2 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.
Toggle sidebar Toggle sidebar
poofyhairguy

poofyhairguy

Lifer
Nov 20, 2005
14,612
318
126
VirtualLarry said:
We don't need a botnet of 5 billion 4G LTE user's phones developing overnight due to some remote exploit, and then being used to DDoS critical internet infrastructure or commerce.
Click to expand...

That isn't even on the table.

There isn't a single exploit yet that isn't a targeted exploit- aka someone trying to take advantage of YOU specifically. The blaster worm situation can't happen with most Android phones because Google Play is the sole software vendor, and Google scrubs the apps to find the bad stuff before they go on the store.

The only real non-targeted security risk is when you get apps outside the store, which is rare and comes with a fair warning. It is in developing countries that we see phones without Google Play, and honestly those devices won't be updated no matter what US law says.

Android's update model is a problem, but let's not throw out hyperbole and jump to conclusions. The last thing I personally want is any sort of regulation because it will entrench the current players and take out the dynamic element that has allowed Android to grow so quickly. Vote with your wallet instead and make good choices.
 
sm625

sm625

Diamond Member
May 6, 2011
8,172
137
106
But it is what people want. Blackberry has a much more secure OS, one that happens to be able to run many android apps. But in this culture of stupid, people clearly do not want that. They want to buy products from loving big brother companies like apple and google, who have absolutely no interest in security whatsoever. And why should they? You have nothing to hide, do you?
 
Red Storm

Red Storm

Lifer
Oct 2, 2005
14,233
234
106
sm625 said:
But it is what people want. Blackberry has a much more secure OS, one that happens to be able to run many android apps. But in this culture of stupid, people clearly do not want that. They want to buy products from loving big brother companies like apple and google, who have absolutely no interest in security whatsoever. And why should they? You have nothing to hide, do you?
Click to expand...

Big Brother doesn't care what device you have, they get the info they need from network equipment that all devices have to use.
 
Commodus

Commodus

Diamond Member
Oct 9, 2004
9,215
6,820
136
openwheel said:
Only idiots install rogue apps and open viruses anyway. It doesn't matter what they use, they'll get it one way or another. Lazy people don't manage their digital data, therefore they are vulnerable for attacks. Having a walled garden to keep lazy people from security exploits is only enabling the laziness. Truth.
Click to expand...

Not true -- just because someone isn't tech-savvy doesn't mean they're stupid. There are brilliant scientists who don't know much about setting up their email; there are neurosurgeons that are clueless about phishing scams. It's not right to expect everyone to "just know" whether or not a file or link is safe to open, because most people don't have the time or energy to spend mastering technology.

Education is important, but you shouldn't use it as a crutch for weak security policies. It's fine to have an "I know what I'm doing" checkbox, but screened portals like the App Store and Google Play give everyday users a safe place to get their software.
 
openwheel

openwheel

Platinum Member
Apr 30, 2012
2,044
17
81
Commodus said:
Not true -- just because someone isn't tech-savvy doesn't mean they're stupid. There are brilliant scientists who don't know much about setting up their email; there are neurosurgeons that are clueless about phishing scams. It's not right to expect everyone to "just know" whether or not a file or link is safe to open, because most people don't have the time or energy to spend mastering technology.

Education is important, but you shouldn't use it as a crutch for weak security policies. It's fine to have an "I know what I'm doing" checkbox, but screened portals like the App Store and Google Play give everyday users a safe place to get their software.
Click to expand...

Apples and Oranges. You are arguing just to have an argument.

If your clueless neurosurgeon installs a rogue app or open an email from a south Afrian price, then don't come crying to me about lack of security. Better yet, I'd like to personally revoke his license to practice medicine.
 
S

slackerinabox

Lifer
Mar 15, 2003
12,668
103
106
openwheel said:
Apples and Oranges. You are arguing just to have an argument.

If your clueless neurosurgeon installs a rogue app or open an email from a south Afrian price, then don't come crying to me about lack of security. Better yet, I'd like to personally revoke his license to practice medicine.
Click to expand...

My god, the arrogance. It doesn't make someone an idiot because they don't know how to tinker with a phone, because they come from a time when phones didn't need maintenance (or have more important things on their mind). My fil, a brilliant doctor, and doesn't even know how to update his iPhone. He's a bit of a charming luddite when it comes to certain things, and he knows it. This does not make him clueless nor should his intelligence be debatable. I do it for him because I respect the hell out of him, and know his intelligence eclipses mind, even though I know how to hit "update" and type in a pin.

I'm humbled that he's coming to me for help on something, because the guy helped many people beat CANCER. What have I done with my life? Upgrade the harddrives in my tivo and getting an alternative os on my cheap-o tablet? Phone maintenance is not "rocket science," but he has MUCH more important things to think about, like not killing the kid he's doing surgery on. His hobbies are also MUCH more interesting than playing with phones, little man, from singing with a nationally touring choir to kicking ass at golf - he sucks at the phones, but he wins at the life.. You arrogant prick..

To say that YOU have the authority and intelligence to revoke a hypothetical neuroscientist's license to practice because you're some hobbyist punk who uses the time he's not masturbating to japanese cartoons to tinker with phones - if you think that makes you better than someone else, MY GOD.. You're in for a rough ride of a life.. Humble the fuck up, kid. If you were to call my dad, an engineer with multiples masters who designed dams and hydroelectric plants an "idiot" because he doesn't get android, well..If you did that in front of me I'd like to break your face, frankly... Because you're a prick. You're agist and faux-elitist, because knowing the inner workings of a phone os makes you a hobbyist not "elite." I'm no where near "elite" and have a lot of growing to do, but even I don't have the time to tinker with android (with 2 kids, i wonder how I once had the time to get pure android on a kindle.. why?!??) and am transitioning to iOS. But using iOS doesn't make me better, smarter, or more handsome than you or any android fan.. That would be genetics and marrying better, not knowing shit about a phone.
 
Last edited:
openwheel

openwheel

Platinum Member
Apr 30, 2012
2,044
17
81
slackerinabox said:
My god, the arrogance. It doesn't make you an idiot because you don't know how to tinker with a phone, because you come from a time when phones didn't need maintenance. If you were to call my dad, an engineer with multiples masters who designed dams and hydroelectric plants an "idiot" because he doesn't get android, well.. I'd like to break your face, frankly... Because you're a prick. You're agist and faux-elitist, because knowing how to use a phone makes you a hobbyist not "elite."
Click to expand...

Geez take a chill pill. You don't want o think about breaking my face because I would break your neck first.

1st of all, you are putting words in my mouth by reading into Commodus' wacky comparison. I never stated an idiot is someone who doesn't know how to "tinker a phone". I specifically stated an idiot is someone who did some very specific things. Read carefully. Don't assume something insane because I wrote it. I know you, Commodus, and Artdeco are pissed at me over our Apple vs Android debates, but come on now....
 
openwheel

openwheel

Platinum Member
Apr 30, 2012
2,044
17
81
slackerinabox said:
.............

To say that YOU have the authority and intelligence to revoke a hypothetical neuroscientist's license to practice because you're some hobbyist punk who uses the time he's not masturbating to japanese cartoons to tinker with phones - if you think that makes you better than someone else, MY GOD.. You're in for a rough ride of a life.. Humble the fuck up, kid. If you were to call my dad, an engineer with multiples masters who designed dams and hydroelectric plants an "idiot" because he doesn't get android, well.. I'd like to break your face, frankly... Because you're a prick. You're agist and faux-elitist, because knowing the inner workings of a phone os makes you a hobbyist not "elite." I'm no where near "elite" and have a lot of growing to do, but even I don't have the time to tinker with android (with 2 kids, i wonder how I once had the time to get pure android on a kindle.. why?!??) and am transitioning to iOS. But using iOS doesn't make me better, smarter, or more handsome than you or any android fan.. That would be genetics and marrying better, not knowing shit about a phone.
Click to expand...

LOL, do you understand sarcasm and metaphor?
Well I can surely respect your father as we have similar profession, but I bet he would be embarrassed to read his kid's writing above.
 
S

slackerinabox

Lifer
Mar 15, 2003
12,668
103
106
openwheel said:
LOL, do you understand sarcasm and metaphor?
Well I can surely respect your father as we have similar profession, but I bet he would be embarrassed to read his kid's writing above.
Click to expand...

Dude doesn't know what "metaphor" means and is lecturing me on writing... Good day, sir. I'm wasting braincells on you.
 
openwheel

openwheel

Platinum Member
Apr 30, 2012
2,044
17
81
Well thank you for upgrading me from "prick" and "kid" to "sir". Ciao Slacker-In-A-Box
 
Commodus

Commodus

Diamond Member
Oct 9, 2004
9,215
6,820
136
openwheel said:
Geez take a chill pill. You don't want o think about breaking my face because I would break your neck first.

1st of all, you are putting words in my mouth by reading into Commodus' wacky comparison. I never stated an idiot is someone who doesn't know how to "tinker a phone". I specifically stated an idiot is someone who did some very specific things. Read carefully. Don't assume something insane because I wrote it. I know you, Commodus, and Artdeco are pissed at me over our Apple vs Android debates, but come on now....
Click to expand...

It's not a wacky comparison. The point is that it's not fair to ask everyone to brush up on their malware spotting skills, especially when there are easy, reasonable security options. To abuse analogies, it's like asking someone to learn about car repair to make up for a crappy engine. No, make a better engine first -- it doesn't have to be the user's problem.
 
StrangerGuy

StrangerGuy

Diamond Member
May 9, 2004
8,443
124
106
Commodus said:
It's not a wacky comparison. The point is that it's not fair to ask everyone to brush up on their malware spotting skills, especially when there are easy, reasonable security options. To abuse analogies, it's like asking someone to learn about car repair to make up for a crappy engine. No, make a better engine first -- it doesn't have to be the user's problem.
Click to expand...

Didn't you hear? Falling for obvious Nigerian scams because of pure self greed are on the same level as giving Android apps a blank cheque on permissions to whatever they want. :rolleyes:
 
openwheel

openwheel

Platinum Member
Apr 30, 2012
2,044
17
81
Commodus said:
It's not a wacky comparison. The point is that it's not fair to ask everyone to brush up on their malware spotting skills, especially when there are easy, reasonable security options. To abuse analogies, it's like asking someone to learn about car repair to make up for a crappy engine. No, make a better engine first -- it doesn't have to be the user's problem.
Click to expand...
You are terrible at making analogy. Let me help you there:

Phone security ------ rogue app installation and Nigerian Prince email.

Car safety ------- driving & texting, driving & staring at hot MILF on side walk.

You see, if your neurosurgeon lacks certain common sense (note it does not require technological skill to avoid install some rogue porn app), then I strongly suggest you take your head somewhere else to be operated on.
 
blankslate

blankslate

Diamond Member
Jun 16, 2008
8,789
566
126
I would suggest that no OS is secure. There may be zero days for all of the mobile OSes that we're unaware of.

That being said unless you have a recent Nexus model or are able to flash ROMs to an android phone with an unlocked bootloader then Android does have the disadvantage of being the OS that will most likely take the longest to get security updates if at all.


...
 
VirtualLarry

VirtualLarry

No Lifer
Aug 25, 2001
56,579
10,215
126
lopri said:
But isn't openness correlated to risks? You want to avoid unwanted pregnancy, STDs, or whatever else, the most secure way to go about is abstinence. I do not know how many would be willing to take that as an option.

iOS does and will do better at security as long as Apple maintains the policy of controlling what contents can be shown and what users can do. Android will remain a platform where users have more freedom with their devices at the cost of higher vulnerability. Freedom is never free.
Click to expand...

That's why I would support legislation to make patches available, or have a clear disclaimer (from OEM, carrier, etc.) that said device is now "unsupported", and will no longer receive patches. However, I am against forced manditory patches, that would go too far. To use the seat belt analogy again, the mfgs are required to provide them by law, but it's up to the end-user to choose to wear them. Of course, in many states, there is also legal incentive to wear them, as not doing so could result in a fine.
 
sweenish

sweenish

Diamond Member
May 21, 2013
3,656
60
91
"I want to force companies to push patches, using legislation, but users don't have to do anything with them." If users don't have to install them, you have fixed NOTHING.

It's just shy of, if not actually hypocritical.

I also can't think of a single state where seatbelts are not required to be worn by law.

These laws won't happen, there has never been a widescale attack, just idiots installing malware on their phone. You want security? Don't install from outside sources, encrypt your phone, use a PIN/password lock, and at the least use Android Device Manager to track your device. Ta-da! You now have a secure phone, because you don't have top level clearance, and identity thieves have much simpler ways of stealing your identity than trying to attack a phone via some targeted payload.

And are we seriously still thinking that iOS is more secure simply based on the premise of it being closed? The mere fact that it can be jailbroken is testament to the opposite.
 
lopri

lopri

Elite Member
Jul 27, 2002
13,310
687
126
No hypocrisy found. Corporations are already "forced" to do lots of things to do business here. They are all "forced" to follow the local laws wherever they go. If they do not like the laws they have an easy choice of not doing the business in such jurisdictions. They make such choices every single day.

The laws will not happen overnight, of course. It is a matter of persuasion to which I am open to.
 
mmntech

mmntech

Lifer
Sep 20, 2007
17,501
12
0
sm625 said:
But it is what people want. Blackberry has a much more secure OS, one that happens to be able to run many android apps. But in this culture of stupid, people clearly do not want that. They want to buy products from loving big brother companies like apple and google, who have absolutely no interest in security whatsoever. And why should they? You have nothing to hide, do you?
Click to expand...

Apple actually does take user security and privacy pretty seriously.
https://www.eff.org/who-has-your-back-government-data-requests-2015

Which is probably the reason why a lot of big companies do use iPhones over Android.
 
sweenish

sweenish

Diamond Member
May 21, 2013
3,656
60
91
lopri said:
No hypocrisy found. Corporations are already "forced" to do lots of things to do business here. They are all "forced" to follow the local laws wherever they go. If they do not like the laws they have an easy choice of not doing the business in such jurisdictions. They make such choices every single day.

The laws will not happen overnight, of course. It is a matter of persuasion to which I am open to.
Click to expand...

Obviously not my talking point, but please continue to distort my intentions.
 
Oyeve

Oyeve

Lifer
Oct 18, 1999
22,058
880
126
mmntech said:
Apple actually does take user security and privacy pretty seriously.
https://www.eff.org/who-has-your-back-government-data-requests-2015

Which is probably the reason why a lot of big companies do use iPhones over Android.
Click to expand...

Um, no, they get them for the same reasons the same hipster gets every new iphone every year. Big companies that actually care about hackable data will get you a blackberry without a camera model and force you to use a VPN solution. And lock down certain things it can do.
 
M

mikegg

Golden Member
Jan 30, 2010
1,942
540
136
Oyeve said:
Um, no, they get them for the same reasons the same hipster gets every new iphone every year. Big companies that actually care about hackable data will get you a blackberry without a camera model and force you to use a VPN solution. And lock down certain things it can do.
Click to expand...

Um no. Big companies get their employees iPhones because they are better than Blackberry phones.

Want to develop a company app for your employees? Good luck trying to find developers who actually want to develop for a dying company or even know how.

And the cost to train your employees to use Blackberry phones? Not worth it.
 
lopri

lopri

Elite Member
Jul 27, 2002
13,310
687
126
sweenish said:
Obviously not my talking point, but please continue to distort my intentions.
Click to expand...

I just thought there was no hypocrisy in the post you quoted. I do get the intention of the rest of your post, to which I agree: Security issues for the most part reside with the users, and those who keep parroting how iOS is more secure than Android or vice versa are engaged in propaganda for whatever reason. I apologize if my post sounded gratuitously aggressive. That was not my intention.

As long as one is aware of security risks and adjusts her/his computing habits accordingly, chances of getting attacked on Android/iOS are exceedingly low. And when the hackers set out to cause trouble, they will not so much care to discriminate iOS and Android.

Most (all?) of these security news I have read over the years are from some "independent security research groups." I do not remember reading how iPhone users were not affected when Sony was hacked earlier this year, for example.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom