The Android vulnerability affecting 1 billion devices (Includes interview)

Ice1 · March 8, 2020, 4:30am

Chiquinho · March 8, 2020, 1:59pm

Never forget!
Updates include new bugs and new vulnerabilities.

One hole is closed, three new ones are opened!

What does this say :
We have to buy (NOT ME) new devices, throw the old ones to the steadily growíng heaps of garbage.
What a real bullsh*t!
And dont forget I am not a Green!

professor · March 8, 2020, 2:26pm

Hang on that is not quite true.

New code has new vulnerabilities which are not yet known, which then get discovered. Code in mid-life has those vulnerabilities discovered, closed, and so becomes more and more secure over time. Then it goes out of support just when it is at its most secure. Then some vulnerabilities are revealed which are then not closed.

So the most secure code is the oldest code which is still being maintained if/when vulnerabilities discovered. The code is at peak security the day support stops and at it’s lowest security, say, a year from new (time to find vulnerabilites in recently written code but not yet closed).

In other words, Linux is the most secure as there is nil forced non-support. Windows is the least secure, by definition, because Microsoft force perfectly secure code to be out of support to force people to new less secure code. Apple to a similar degree, but Apple support devices so you know your system is out of support, while Microsoft doesn’t particularly support devices but chipsets/components.

All those Android devices about to become vulnerable, right now, are at their most secure, probably more secure than a brand new iPhone.

So really the article should be titled “Android versions more secure than new iPhones are about to become potentially less secure”.

So if you’re bothered about security, avoid buying anything new.

Chiquinho · March 8, 2020, 2:35pm

That’s no question.klar!
And I dont buy anything new.
Why should I?
I got my old laptops working with LINUX.
All fine

You should remember one thing.
Why the code for MS-Office and all other software is growing steadily?

There are parts where NOBODY dares to change.
Nobody knows what that code means, what it does.
Bad documentation, as usual
So this code is carried along, even if its dead code.

Same is with all OS.
The complexity is too big.
So the they keep corpses.
Never touch a running system

professor · March 8, 2020, 5:07pm

Well you have two opposing forces, the bigger the amount of code, true, the more insecure as more places for vulnerabilities and in more scenarios than anyone can imagine. But then also finding them becomes harder.

I would agree that complexity is the same thing as insecurity.

I put this way, the taller the wall you build the stronger the animal which jumps over it.

Chiquinho · March 8, 2020, 5:14pm

Thats it!
Perfectly said.
“Genau so ist es!”

I am in that “game” for more than 45 years.
I am not up to date today, but what does it really mean?
The same problems as usual.
Those never change and get more and more “blackboxed”
Users need to be kept as customers.
Business must go on…

No more talk about LINUX…shhhht!