Slashdot Mirror
Fragmentation Leads To Android Insecurities
Rick Zeman writes "The Washington Post writes about how vendor fragmentation leads to security vulnerabilities and other exploits. This situation is '...making the world's most popular mobile operating system more vulnerable than its rivals to hackers, scam artists and a growing universe of malicious software' unlike Apple's iOS which they note has widely available updates several times a year. In light of many companies' Bring Your Own Device initiatives 'You have potentially millions of Androids making their way into the work space, accessing confidential documents,' said Christopher Soghoian, a former Federal Trade Commission technology expert who now works for the American Civil Liberties Union. 'It's like a really dry forest, and it's just waiting for a match.'"
Android phones rarely get updated. About half of all Android users are still running 2.3 or earlier and the uptake for new versions is glacially slow. This makes android extremely vulnerable. If someone discovers an attack for 2.x, it's game over for millions of phones. Android also has a leaky walled garden that allows users to easily bypass the Google Play store and go to any market place they may choose. Hell, it's not even unusual to find infected apps in the official Google Play store.
Are agnostics skeptical of unicorns too?
The biggest install base for iOS is always "the latest version". The biggest install base for Android is what, Honeycomb? Shit.
Even worse, it's still Gingerbread.
http://bgr.com/2012/12/04/android-version-distribution-december-2012/
from the Google Play store. It's free and quite powerful. Works on older versions of Android too. It's like the Swiss Army Knife of mobile security - Scans apps and SD card for malware; has an excellent privacy dashboard; and has real-time shielding of apps, web links, and messages to protect from malware. It has a firewall that can be set up on rooted devices; can block calls and SMS messages based on filtering rules; has a network meter; and has several anti-theft functions. Really a brilliant app, from a trusted security company. They also have an iPhone app, although that one seems to have some slightly different functions. I think anyone with a modern smartphone should have some malware protection on board, and this is an outstanding suite with the right price - free.
You should be aware of a new feature of Android that hasn't really gotten a lot of press, but is the solution to this problem: the latest upgrade of the "Play store" (market) includes something called "Google Play Services". This new app takes care of upgrading and patching all Google-produced apps (system apps, YouTube, browser, camera, etc.). It is back-ported both to Gingerbread and Froyo. It applies security patches and upgrades without needing user intervention, as I understand it.
TL;DR: You may not be able to upgrade your Gingerbread phone to ICS, but Google still patches known vulns on your system.
for i in `facebook friends "=bday" 2>/dev/null | cut -d " " -f 3-`; do facebook wallpost $i "Happy birthday!"; done
jailbreaking your iphone in usa is against the law
Nope, unlocking your phone is - which is different to jailbreaking.
If someone is using an iPhone, at some point it was connected to iTunes to activate it (or it wouldn't be working).
That used to be the case but you can activate and iPhone or iPad without iTunes these days and never ever hook it up to a host computer.