ANDROID though? Face it - Linux based or not, it's being exploited... & thus, it's NOT secure, & the other 86++ or so security issues I posted on ANDROID show that much... kernel level or not, the problems in security ARE there and yes, serious ones (money is the biggest)!
I completely disagree, I've not seen one link to a "serious" issue so far. Mildly annoying for complete morons yes, but nothing that would do any substantial damage to an android user. And mostly just behaviour outside of full application isolation.
Plus, IE BHO's are easy to take out (browser helper objects) from IE's options (IE9 even recommends you disable some for more speed when you start it up, which allows a user to IMMEDIATELY investigate what's up there).
Yup, a BHO is less secure, since they are in user space (outside the sandbox), and all these android apps are still sandboxed, and even easier to remove (listed with all other installed applications, 1 click wipe of any data they create, 1 click to uninstall them).
e.g. a BHO could silently install one of these apps on any phone that gets plugged into it, none of these apps have the power to install software on the computer.
What's special about the two vulnerabilities is that they can be exploited without an attack on Android's underlying Linux kernel and function in the userspace alone.
Users that install fake (not needed) Antivirus from a chinese vendor, give it permission to send premium rate sms messages, deserve everything they get.
they are serious (especially when they involve folks' money, personal info., & even privacy being stolen or compromised).
OK, So strip out all the "proof of concept" and other "fixed before exploited" audits by the likes of coverity, where users were never affected. Drop any that involve CarrierIQ, since CarrierIQ is a problem with mobile phone carriers rather than anything to do with Android.
And how many are you actually left with?
Do any of them give permissions more powerful than can be achieved with an Internet Explorer BHO?
You do realise, these "84 bugs" still represent a higher level of application level security than a windows 7, or even (to some degree) a linux desktop installation?
There are no "application guid" permissions (that I am aware of) on either windows or linux desktops. Its all group and user level.
These "84 bugs", at worst, bring your phone to the level of security provided by a standard desktop install, for an app running with user level permissions.
Except windows desktops still have remote code exploits that allow a malicious person to install persistent software simply by having you visit a webpage (or worse, simply sending a malicious packet to an IP address, there's a ton of active worms circulating on windows desktops), a new such hole that is being exploited is plugged every other month.
the only "bug" there was it didn't ask for internet permission.
It still ran isolated from all the phones file system (except SD card which is shared between apps, but still isolated from things like email, contacts, - anything personal - and any other apps installed on the phone)
Even the "most severe" problems you have posted still run in "userspace" they are all bugs in googles Dalvik VM, not the Linux basecode it runs in.
But that's the other big flaw in your comments. "Android" isn't "Linux" "Android" is closer to a (clean room) JVM built using GPL linux code for the HAL.
afaik all the malware you have posted have been attacking this JVM, not the nix code it runs on (which you need a "rooted" phone/tablet to access).
That malware authors target the largest audience should be no surprise to anyone, the question is how successful they are, and from looking through all those links you posted there hasn't been one incident relating to any serious breach (remote code exploit), and nothing that shouldn't be expected from any device that allows users to install 3rd party software.
Google obviously haven't got their additional features "perfect" yet, but pretty good imho for such an immature project.
For what you ask & is in my subject-line... however?
Why??
Like I said, I carry it round with me on a usb stick in my wallet, then if I need a "secure environment" on a machine I cannot vouch for just boot from that, truecrypt makes sure any persistent data is secure if I lose the stick. Linux live is not a "lightweight installation", its a full featured desktop environment (My fedora live stick has office 2007, eclipse and chrome with several client side certs installed on it, for example), only "disadvantage" over a normal full install is it takes a little longer to boot into (and is more "static", so not suitable for installing new stuff, but since "installing new stuff" is the only way to breach a nix machine that can't be avoided).
Most recently - I used KUbuntu 10.10 all thru 2010 & especially in Europe while I travelled there. Is it ok? Sure. Does it work? Yes, for MOST of what I do or want to!
However, here? Is it favored to me over Windows?? No way.
There are three main apps that hold linux back in the consumer market. Office (wine does work great, I use winetricked office 2007 on this fedora machine and my usb stick, but no VBA and its something of a bitch to install) Autocad (never managed to get it working) Adobe CS (have earlier versions working, but not really useable in a production environment, Mrs Sparks is an Architect)
By far the best document editor I've ever used, ran it in a vm for a while, then as more and more software got better linux alternatives (e.g. chromium, eclipse) I found I was using the vm more than the windows install, now have an old legacy windowsXP install (which is "hardened" as you put it) running in a vm on one of the 6x Dell R710s in my home office (which I can vnc into from anywhere using vpn), rarely gets used for anything other than plugging in hardware that doesn't have good nix drivers - almost nothing, the last main app was replaced yesterday, the climate control and monitoring system for the house).
Best decision I ever made, but now I'm so used to a full desktop that doesn't spend up to 90% of its time running everything through AV software I can't bring myself to install AV on the laptop, just not worth it, chrome is "bullet proof" enough (IE is hidden away, comes full of HP installed shite) to browse even the darkest areas of the net without incident (most of the time), I use the usb stick for anything banking/work related (most of the time just do it from the office), and it has a read only factory install of windows I revert back to whenever something suspicious happens (takes about three hours from pressing F2 at boot to getting everything "new" back on it - office - eclipse - dropbox - truecrypt - chrome and tigerVNC).
Totally agree "each to his own", I'm not the "linux nut" you make out, it's not so much that I "dislike" windows - if it wasn't for internet explorer there would be very little difference in terms of security between a win7 machine and a nix machine. (although I do miss the Altgr keyboard shortcuts and multiple desktops)
BUT, and this is a big BUT. When you move into the embedded space its a whole different story. If I write some nix code on my dev linux machine, I can for example, shift it straight over to any of the linux embedded devices (some good ones include the NSLU2, the WRT brand routers, and possibly (not tried it yet) the Archos tablets with Angstrom installed) with almost zero hassle.
Android is good because of Java, and if anything I am a bit of a Java nut (write once, run anywhere is f'ing sexy).
I don't think you rate the iPhone over Android? which leaves Windo
The point you were arguing against is Linux is as secure as you make it (up to "impenetrable, read only)
you can't make windows secure (since it has no read only full desktop option).
you are talking about "cleans reliably", No need to clean a linux "live" install, because once configured to your liking, its impossible to write malicious software to it in the first place.
Why waste time trying to secure a substandard (not least due to no multiple desktops) OS, when a simple reboot is all you need to guarantee the OS is secure.
I just can't see how you can begin to believe it's comparable, not only are you less likely to get hit by malicious software day to day (even if that is purely because there are less burglars asking for the keys, although it seems to me its also much more than that), but if you really need it (dealing with very high value trades, for example), you can use an identical, completely secure & impenetrable OS, on any machine that will let you boot from USB.
(this loses setup customizations & potentially data users have also)
nope, you make the customisations before committing it (e.g. adding truecrypt capabilities) to usb, and as per the earlier link:
Current features: 8.Data persistence
Does this mean you are comparing to linux without actually having used it in any serious manner?
* HOWEVER: I actually DO use a "read-only" environs to combat rootkits (Recovery Console from the Windows install media & its LIST, & DISABLE commands (along with FIXMBR))...
you do realize I was being serious about that "typewriter" comment don't you.
" YEARS of safe" less secure than read only @ the hardware level.
sorry. but that "can't secure" will stand as long as you can't install windowz on a read only file system, and no amount of disabling insecure services, tweeking round the edges, installing 3rd party addons or handing resources over to AV software will ever match it.
but I use multiple plugins, and all the stock trading platforms I use run on javascript and java. Like I said "disable it" isn't a security answer, its a cop out for an insecure operating system.
Now, give me a read only OS, full featured, up to date, no activation, usb bootable installation of windows, like the linux live usb stick I carry round in my wallet for when I use other peoples machines (or just want to do something secure on the laptop), and we can talk.
& the paragraph above tells me you don't know that much about how to "security-harden" Windows...
like I said before, Windows = Don't care
Its more that I can't be arsed "security-hardening" it i.e. I need my USB ports I need the CPU and HDD cycles antivirus would use I like flash animations I like porn I read lots of full featured PDFs
You should try running your windows machine with no antivirus on it for a bit, admittedly it won't last very long (unlike linux, but then secretly you know linux is more secure), but while it does you'll be amazed how snappy it really is. much easier to use something that works "out of the box", and spend my time being productive, than learn how to actually make the piece of shit work, then just zap the nearly useless typewriter back to factory settings every time it breaks.
proving that Linux is just as exploitable/vulnerable to the malware makers of today
Saying that, when you have as good as acknowledged the only way they can get these "exploits" onto an android phone or linux is if you install them; click the "yes, please install this software from this chinese vendor I've never heard of" button, rather than the apple/windows phones, where anyone can do it without your knowledge, by remotely telling your phone(or windows) to install (or uninstall) malicious programs, shows you have absolutely zero understanding of security.
Because of that, it's being targetted by malware makers, Linux on PC desktops NEVER WENT THRU THAT
I agree, using a Linux Desktop is like living in the Garden of Eden, and using a windows desktop is lot like living in Detroit.
and it's being torn up pretty good by a LOT of exploits (I posted 84 & there are far more than that)
No, not "torn up", that's what happens when a windows machine visits porn sites.
More like lots of burglars asking politely if they can look after your house keys, just tell them no (which you can only do with Android/Linux), simples.
And, btw, I know everything about windows I need to know.
My main day to day machine is a fedora installation, been on fedora since 2004, and has never been compromised.
My laptop is a win7 machine, and has had to be reset to factory settings 3 times since I got it a couple of years ago, after it got some nasty infection that I could find no trace of to remove (found via networking logs @ the gateway), despite generally doing nothing on it but reading a few word documents and browsing the net.
Tells me all I need to know about windows security.
I'd already have nix on it, but some poor bastards are still stuck on legacy VBA stuff (despite it being a steaming pile of shite, and charging them 5 times as much to work with it) which afaik has no OSS alternative atm.
Seems to me, if anything, being able to install software on your phone is a fairly useful thing, but mostly its just something you would expect in this day an age.
Already checked: No critical remote code exploits here Others are mostly repeats of the same, but this, Dec 20th, is probably the best summary of the current state of affairs, deafening in its silence.
My short summary; up to Dec 20th this year, the only security risk Android suffers is the users of Android phones. And the only way to "fix" this is to not allow users to install custom applications on their phones which haven't been sanctioned by big brother.
I rarely use this meme, but it's always fun when I do.
72 links of FUD, which is less than DoD certification and your inability to find a single one pertaining to a critical security flaw.
Simples.
_ I'd like to thank you, been an interesting discussion, before this I just considered Android to be the best of a bad bunch, "least worst option" so to speak, But you managed to convince me I was overly critical, and that actually Android has a pretty flawless security history.
Shame the same can't be said for the alternatives.
And, afaics, not one of them pertains to a critical security flaw in Android.
Which means Android is, to date, more secure than both windows phone and the iPhone (who both have, and have had, critical remote code vulnerabilities exploited in the wild before they were fixed).
YOU cannot produce a quote of myself saying "turn off EVERY SERVICE", now can you?
Not sure where you're coming from now, you're twisting yourself in knots. Presumably because you recently realised how lame disabling services is as a solution to all the security problems in those services.
Obviously my "turn them all off" was my reference to this, not that you said to literally disable every windows service (although this is the only way to make windows secure, hence my earlier comment about windows being little more than a typewriter in the space age).
They were ANDROID related, & showed security issues in it... no questions asked
No, so far you've posted (mostly) 70 odd links to one issue. The fact that you can install software on Android. (plus a few fixes during security audits)
Admittedly the iPhone doesn't have this security issue, because you can't install software on the iPhone, which is why Apple pays for so much FUD.
But that is one security issue I think most people are willing to live with, and really doesn't demonstrate "insecurity" issues with Android, since installing other peoples software is optional (unlike the iPhone).
Which brings us back to point, please find one remote code exploit seen in the wild on a stock, up to date Android phone.
Slashdot Mirror
Just stick with
http://f-droid.org/
or some such.
and there is zero risk?
"What" happens to me?
I install some software on my phone?
How is that serious?
I completely disagree, I've not seen one link to a "serious" issue so far. Mildly annoying for complete morons yes, but nothing that would do any substantial damage to an android user. And mostly just behaviour outside of full application isolation.
Yup, a BHO is less secure, since they are in user space (outside the sandbox), and all these android apps are still sandboxed, and even easier to remove (listed with all other installed applications, 1 click wipe of any data they create, 1 click to uninstall them).
e.g. a BHO could silently install one of these apps on any phone that gets plugged into it, none of these apps have the power to install software on the computer.
http://mobile.slashdot.org/story/10/11/14/0115255/Android-Holes-Allow-Secret-Installation-of-Apps
Yawn.
So still more secure than an IE BHO then.....
Users that install fake (not needed) Antivirus from a chinese vendor, give it permission to send premium rate sms messages, deserve everything they get.
PICNIC.
OK,
So strip out all the "proof of concept" and other "fixed before exploited" audits by the likes of coverity, where users were never affected.
Drop any that involve CarrierIQ, since CarrierIQ is a problem with mobile phone carriers rather than anything to do with Android.
And how many are you actually left with?
Do any of them give permissions more powerful than can be achieved with an Internet Explorer BHO?
You do realise, these "84 bugs" still represent a higher level of application level security than a windows 7, or even (to some degree) a linux desktop installation?
There are no "application guid" permissions (that I am aware of) on either windows or linux desktops. Its all group and user level.
These "84 bugs", at worst, bring your phone to the level of security provided by a standard desktop install, for an app running with user level permissions.
Except windows desktops still have remote code exploits that allow a malicious person to install persistent software simply by having you visit a webpage (or worse, simply sending a malicious packet to an IP address, there's a ton of active worms circulating on windows desktops), a new such hole that is being exploited is plugged every other month.
Absolutely not.
the only "bug" there was it didn't ask for internet permission.
It still ran isolated from all the phones file system (except SD card which is shared between apps, but still isolated from things like email, contacts, - anything personal - and any other apps installed on the phone)
Even the "most severe" problems you have posted still run in "userspace" they are all bugs in googles Dalvik VM, not the Linux basecode it runs in.
But that's the other big flaw in your comments.
"Android" isn't "Linux"
"Android" is closer to a (clean room) JVM built using GPL linux code for the HAL.
afaik all the malware you have posted have been attacking this JVM, not the nix code it runs on (which you need a "rooted" phone/tablet to access).
That malware authors target the largest audience should be no surprise to anyone, the question is how successful they are, and from looking through all those links you posted there hasn't been one incident relating to any serious breach (remote code exploit), and nothing that shouldn't be expected from any device that allows users to install 3rd party software.
Google obviously haven't got their additional features "perfect" yet, but pretty good imho for such an immature project.
Like I said, I carry it round with me on a usb stick in my wallet, then if I need a "secure environment" on a machine I cannot vouch for just boot from that, truecrypt makes sure any persistent data is secure if I lose the stick. Linux live is not a "lightweight installation", its a full featured desktop environment (My fedora live stick has office 2007, eclipse and chrome with several client side certs installed on it, for example), only "disadvantage" over a normal full install is it takes a little longer to boot into (and is more "static", so not suitable for installing new stuff, but since "installing new stuff" is the only way to breach a nix machine that can't be avoided).
There are three main apps that hold linux back in the consumer market.
Office (wine does work great, I use winetricked office 2007 on this fedora machine and my usb stick, but no VBA and its something of a bitch to install)
Autocad (never managed to get it working)
Adobe CS (have earlier versions working, but not really useable in a production environment, Mrs Sparks is an Architect)
What actually "switched" me to linux was kile:
http://kile.sourceforge.net/
By far the best document editor I've ever used, ran it in a vm for a while, then as more and more software got better linux alternatives (e.g. chromium, eclipse) I found I was using the vm more than the windows install, now have an old legacy windowsXP install (which is "hardened" as you put it) running in a vm on one of the 6x Dell R710s in my home office (which I can vnc into from anywhere using vpn), rarely gets used for anything other than plugging in hardware that doesn't have good nix drivers - almost nothing, the last main app was replaced yesterday, the climate control and monitoring system for the house).
Best decision I ever made, but now I'm so used to a full desktop that doesn't spend up to 90% of its time running everything through AV software I can't bring myself to install AV on the laptop, just not worth it, chrome is "bullet proof" enough (IE is hidden away, comes full of HP installed shite) to browse even the darkest areas of the net without incident (most of the time), I use the usb stick for anything banking/work related (most of the time just do it from the office), and it has a read only factory install of windows I revert back to whenever something suspicious happens (takes about three hours from pressing F2 at boot to getting everything "new" back on it - office - eclipse - dropbox - truecrypt - chrome and tigerVNC).
Totally agree "each to his own", I'm not the "linux nut" you make out, it's not so much that I "dislike" windows - if it wasn't for internet explorer there would be very little difference in terms of security between a win7 machine and a nix machine. (although I do miss the Altgr keyboard shortcuts and multiple desktops)
BUT, and this is a big BUT.
When you move into the embedded space its a whole different story.
If I write some nix code on my dev linux machine, I can for example, shift it straight over to any of the linux embedded devices (some good ones include the NSLU2, the WRT brand routers, and possibly (not tried it yet) the Archos tablets with Angstrom installed) with almost zero hassle.
Android is good because of Java, and if anything I am a bit of a Java nut (write once, run anywhere is f'ing sexy).
I don't think you rate the iPhone over Android? which leaves Windo
Assuming we've given up on Android for now.
The point you were arguing against is
Linux is as secure as you make it (up to "impenetrable, read only)
you can't make windows secure (since it has no read only full desktop option).
you are talking about "cleans reliably", No need to clean a linux "live" install, because once configured to your liking, its impossible to write malicious software to it in the first place.
Why waste time trying to secure a substandard (not least due to no multiple desktops) OS, when a simple reboot is all you need to guarantee the OS is secure.
I just can't see how you can begin to believe it's comparable, not only are you less likely to get hit by malicious software day to day (even if that is purely because there are less burglars asking for the keys, although it seems to me its also much more than that), but if you really need it (dealing with very high value trades, for example), you can use an identical, completely secure & impenetrable OS, on any machine that will let you boot from USB.
nope, you make the customisations before committing it (e.g. adding truecrypt capabilities) to usb,
and as per the earlier link:
Does this mean you are comparing to linux without actually having used it in any serious manner?
shame on you.
you do realize I was being serious about that "typewriter" comment don't you.
You have used:
http://fedoraproject.org/wiki/FedoraLiveCD
or something similar?
" YEARS of safe" less secure than read only @ the hardware level.
sorry. but that "can't secure" will stand as long as you can't install windowz on a read only file system, and no amount of disabling insecure services, tweeking round the edges, installing 3rd party addons or handing resources over to AV software will ever match it.
but I use multiple plugins, and all the stock trading platforms I use run on javascript and java. Like I said "disable it" isn't a security answer, its a cop out for an insecure operating system.
Now, give me a read only OS, full featured, up to date, no activation, usb bootable installation of windows, like the linux live usb stick I carry round in my wallet for when I use other peoples machines (or just want to do something secure on the laptop), and we can talk.
Until then its linux all the way baby.
like I said before,
Windows = Don't care
Its more that I can't be arsed "security-hardening" it
i.e.
I need my USB ports
I need the CPU and HDD cycles antivirus would use
I like flash animations
I like porn
I read lots of full featured PDFs
You should try running your windows machine with no antivirus on it for a bit, admittedly it won't last very long (unlike linux, but then secretly you know linux is more secure), but while it does you'll be amazed how snappy it really is.
much easier to use something that works "out of the box", and spend my time being productive, than learn how to actually make the piece of shit work, then just zap the nearly useless typewriter back to factory settings every time it breaks.
Saying that, when you have as good as acknowledged the only way they can get these "exploits" onto an android phone or linux is if you install them; click the "yes, please install this software from this chinese vendor I've never heard of" button, rather than the apple/windows phones, where anyone can do it without your knowledge, by remotely telling your phone(or windows) to install (or uninstall) malicious programs, shows you have absolutely zero understanding of security.
I agree, using a Linux Desktop is like living in the Garden of Eden, and using a windows desktop is lot like living in Detroit.
No, not "torn up", that's what happens when a windows machine visits porn sites.
More like lots of burglars asking politely if they can look after your house keys, just tell them no (which you can only do with Android/Linux), simples.
And, btw, I know everything about windows I need to know.
My main day to day machine is a fedora installation, been on fedora since 2004, and has never been compromised.
My laptop is a win7 machine, and has had to be reset to factory settings 3 times since I got it a couple of years ago, after it got some nasty infection that I could find no trace of to remove (found via networking logs @ the gateway), despite generally doing nothing on it but reading a few word documents and browsing the net.
Tells me all I need to know about windows security.
I'd already have nix on it, but some poor bastards are still stuck on legacy VBA stuff (despite it being a steaming pile of shite, and charging them 5 times as much to work with it) which afaik has no OSS alternative atm.
lol.
Clutch at straws much?
You're right.
Windows has never even pretended it offered these permissions, guess that makes it much more secure.
Bless.
If only windows had sandboxing (you know, like linux and Android), at least then it wouldn't matter for windowz.
If they chose to install software that does all that, whats the problem?
We've already established there are no known remote code vulnerabilities to let such things get on there by accident.
Unlike any of the alternatives.
In what way were they "BAD"?
Seems to me, if anything, being able to install software on your phone is a fairly useful thing, but mostly its just something you would expect in this day an age.
I completely agree.
They were just "things".
Windows = Don't care
Certainly don't min double checking Android is the most secure, good of you to collate them for anyone who happens accross this thread..
Already checked: No critical remote code exploits here .
Others are mostly repeats of the same, but this, Dec 20th, is probably the best summary of the current state of affairs, deafening in its silence
My short summary; up to Dec 20th this year, the only security risk Android suffers is the users of Android phones. And the only way to "fix" this is to not allow users to install custom applications on their phones which haven't been sanctioned by big brother.
I rarely use this meme, but it's always fun when I do.
APK in EPIC FAIL
ROFL
not 72 links of good or bad things.
72 links of FUD, which is less than DoD certification and your inability to find a single one pertaining to a critical security flaw.
Simples.
_
I'd like to thank you, been an interesting discussion, before this I just considered Android to be the best of a bad bunch, "least worst option" so to speak, But you managed to convince me I was overly critical, and that actually Android has a pretty flawless security history.
Shame the same can't be said for the alternatives.
And, afaics, not one of them pertains to a critical security flaw in Android.
Which means Android is, to date, more secure than both windows phone and the iPhone (who both have, and have had, critical remote code vulnerabilities exploited in the wild before they were fixed).
Case closed, no questions asked.
Not sure where you're coming from now, you're twisting yourself in knots. Presumably because you recently realised how lame disabling services is as a solution to all the security problems in those services.
Obviously my "turn them all off" was my reference to this, not that you said to literally disable every windows service (although this is the only way to make windows secure, hence my earlier comment about windows being little more than a typewriter in the space age).
No, so far you've posted (mostly) 70 odd links to one issue. The fact that you can install software on Android. (plus a few fixes during security audits)
Admittedly the iPhone doesn't have this security issue, because you can't install software on the iPhone, which is why Apple pays for so much FUD.
But that is one security issue I think most people are willing to live with, and really doesn't demonstrate "insecurity" issues with Android, since installing other peoples software is optional (unlike the iPhone).
Which brings us back to point, please find one remote code exploit seen in the wild on a stock, up to date Android phone.