The Dumber Android Is, the Better, Say Experts

ZDOne writes "ZDNet UK is reporting that it will not be known until the Android software development kit comes out on Monday whether the Gphone will be strictly Java-based, but security experts claim that the less smart a phone is, the less vulnerable it is. Android developers should stick to a semi-smartphone platform because the Java sandbox can protect against the normal kinds of attacks, experts claim. The article also discusses some of the pros and cons of open vs. closed source security. 'The debate about the relative security merits of open-source as opposed to proprietary software development has been a very long-running one. Open-source software development has the advantage of many pairs of eyes scrutinizing the code, meaning irregularities can be spotted and ironed out, while updates to plug vulnerabilities can be written and pushed out very quickly. However, one of the disadvantages of open-source development is that anyone can scrutinize the source code to find vulnerabilities and write exploits. The source code in proprietary software, on the other hand, can't be directly viewed, meaning vulnerabilities need to be found through reverse engineering.'"

The most secure phone ever!

[reverseengineer]

Experts suggest security-conscious consumers consider the Western Electric 500 for their next smartphone. Lacking Java, JavaScript, ActiveX, and any other type of software, its spartan phone interface makes it virtually immune to any security vulnerabilities, and its innovative "rotary dial" system circumvents attacks possible on touch-tone phones. The casing is constructed of nearly indestructible Bakelite plastic, making it far more durable than the average smartphone. It does however require a service agreement with AT&T.

Re:The most secure phone ever!

[sm62704]

The rotary dial was a pain in the ass, but we never knew that until they invented pushbutton phones. And you had to look up your police/fire/ambulance in the phone book as there was no 9-1-1 service. Although most people just dialed "O" and when the lady answered (a real live human being, we didn't have voice mail either) you said "MY HOUSE IS ON FIRE" and she'd plug some plug on her switchbopard in and the fire department would come out.

But the Western Electric 500s were hackable! Some of them had no dials; businesses used the dial-less phones for where they wanted a low level employee, like the teenaged me at the ticket booth at the drive in theater, to be able to answer them but not make outgoing calls.

You could, however, "dial" them by repeatedly hitting the hangup buttons. So I was hacking your "unhackable" phone when I was 16. Actually I was cracking not hacking; I was hacking when I made guitar fuzzboxes out of $10 transistor radios and selling them for $50 each to other teenaged guitar players.

-mcgrew

PS- I've almost forgotten this, but in the Metro East St Louis area you could dial Bridge 1300 and a spooky noise cane out of the phone. The other kids said it was a ghost, I never had the heart to educate them about the reality.

Huh?

[Matt867]

The dumber the smart phone is the better? Sounds like someone doesn't want to take their programming job seriously.

No wrong...

[El_Muerte_TDS]

The smarter the user is the more secure the phone is.

Did I miss something?

[zappepcs]

However, one of the disadvantages of open-source development is that anyone can scrutinize the source code to find vulnerabilities and write exploits. The source code in proprietary software, on the other hand, can't be directly viewed, meaning vulnerabilities need to be found through reverse engineering.'" If I remember right, that closed source thing... hmmm it seems to be working out really well for Microsoft.