Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Dumber Android Is, the Better, Say Experts

Posted by ryuzaki0 on from the are-we-talking-lore-dumb-or-kryton-dumb dept.

ZDOne writes "ZDNet UK is reporting that it will not be known until the Android software development kit comes out on Monday whether the Gphone will be strictly Java-based, but security experts claim that the less smart a phone is, the less vulnerable it is. Android developers should stick to a semi-smartphone platform because the Java sandbox can protect against the normal kinds of attacks, experts claim. The article also discusses some of the pros and cons of open vs. closed source security. 'The debate about the relative security merits of open-source as opposed to proprietary software development has been a very long-running one. Open-source software development has the advantage of many pairs of eyes scrutinizing the code, meaning irregularities can be spotted and ironed out, while updates to plug vulnerabilities can be written and pushed out very quickly. However, one of the disadvantages of open-source development is that anyone can scrutinize the source code to find vulnerabilities and write exploits. The source code in proprietary software, on the other hand, can't be directly viewed, meaning vulnerabilities need to be found through reverse engineering.'"

4 of 165 comments (clear)

  1. No wrong... by El_Muerte_TDS · · Score: 5, Insightful

    The smarter the user is the more secure the phone is.

  2. proprietary security is like creationism by Ba3r · · Score: 4, Insightful

    There is an overwhelming consensus amongst real security professionals that security is achieved through openness, not obscurity and closed source. Just look at the systems that hyper secure organizations like the NSA advocate. Those who continue to rail against open source systems as being insecure because "hackers can look at the source" (yeah but they can't look at my key) seem as out of touch as creationists.

  3. Android by hansamurai · · Score: 3, Insightful

    This is the second article about Google Android today already and we never even discussed the original announcement, just what Ballmer and now ZDNet have to say. But I suppose there will be a long line of articles in the future so maybe it won't matter, just seems odd.

    --
    Reviewing just the first hour of video games.
  4. Re:Did I miss something? by DanielJosphXhan · · Score: 3, Insightful

    I think researchers and experts, when they talk about how exploits are found, fundamentally mistake the issues. No-one reads source to find exploits: that's the hard way to go about it. Closed source has only disadvantages in this regard, especially with fewer hands to fix things.

    The "many eyes" argument fails as well, though, simply because many eyes do not make for better security. Many hands, on the other... um... hand, make for better response time. Open source code tends to be more agile because it's open.

    --
    [ think ]