or Connect
AppleInsider › Forums › Mobile › iPhone › Security flaw opens all modern Android devices to "zombie botnet" takeover [u]
New Posts  All Forums:Forum Nav:

Security flaw opens all modern Android devices to "zombie botnet" takeover [u] - Page 7

post #241 of 245
Quote:
Originally Posted by CustomTB View Post

Even if its been "addressed", the chances of a fix making it to any given affected device is slim at best. Instead it will just be incorporated into new handsets as seems to be the carriers
Modus operandi. ( or will it? As many of the phones are sold with older os version?)

No way in hell this had been addressed. That is android shillboy spin at best. This security hole goes back to every android handset sold since android 1.6 which was released in 2009.

Google loves to state they have one trillion activations a day. Well one can extrapolate from that claim the sheer size of this issue affecting hundreds of millions of devices.

So someone is claiming google has "addressed" the issue and pushed out a huge update that touches the very core of the way android works, and did an over the air update that fixed every android device sold since 2009.

Two words: My Ass

This is a security issue of epic proportions, despite the android spin machine trying to sweep it under the rug and wish it away.
post #242 of 245
Quote:
Originally Posted by Technarchy View Post


No way in hell this had been addressed. That is android shillboy spin at best. This security hole goes back to every android handset sold since android 1.6 which was released in 2009.

Google loves to state they have one trillion activations a day. Well one can extrapolate from that claim the sheer size of this issue affecting hundreds of millions of devices.

So someone is claiming google has "addressed" the issue and pushed out a huge update that touches the very core of the way android works, and did an over the air update that fixed every android device sold since 2009.

Two words: My Ass

This is a security issue of epic proportions, despite the android spin machine trying to sweep it under the rug and wish it away.

They can wish it away all they want to but the major companies/orgs that buy tons of product, SECURITY is a MAJOR consideration if not one of the top 1 or 2 on the list of things they want from a smartphone or tablet platform.  I think the more astute and security conscious customers might just kiss off Android and go elsewhere.  They also look at support, updating policies, financial stability of the company behind the platform, apps available, administration tools, reliability.  Price is not always high up on the list since TCO is actually more important.  Most consumers haven't a clue as to what TCO is, how to do the calculations.  I used to work for a software company that sold expensive enterprise software and they had developed a TCO calculators and i showed it to a large high profile customers and they asked for a copy of the spreadsheet calculations, we we normally didn't hand out.  They said that it was the most comprehensive they ever seen from any vendor (Including all of the big companies and consulting firms). I was given permission to give them a copy to their project managers.  I wish I had a copy of it.  Big IT shops look or should consider running the TCO numbers if they have the resources to do so.  Apple usually has very low TCO numbers from what I remember back in the days when I was selling desktops.  I'm sure things haven't changed much.

 

The people that are more concerned with TCO aren't usually tech geeks as they usually don't have a business/financial background, the people that are more conscious about that are usually more business/financial minded managers. 

 

 

 I forgot to add, Samsung has that SAFE promotion which does sandboxing, etc., but since THEY don't update the original source code, they have to rely on Google to do it, and then they have to go through their little 6 month (average) process of modifying it, testing it, and then getting the cell carriers to bless it before it's released, so that's additional time just to address a bug/security issue.  Apple just releases beta developer versions until they feel comfortable with the update and then blamo, the customer doesn't have to wait another 6 months. It's where the original source code is.  I think with proper analysis, Samsung would fail in terms of security and updating process compared to others (Apple would probably be amongst the top of the list).

 

It would be interesting to see what the eval process is that's performed by various organizations prior to choosing a platform. I have seen my share when deal with customers on platform. Some are anal about things and some aren't.  Every organization has their own hot buttons and considerations.


Look at the ones that utilize things like 6 sigma (which i do have some training in) or something similar in their management practice.  They analyze things to death because they want ZERO defects or 1 in a million errors in business processes.

 

 

OH, and why did Cisco dump their own Android tablet in favor of buying and allowing employees to bring in their own iPads and Apple laptops?  Cisco isn't a fly by night company.  They like Open Standards.

 

Remember, I have had connections over the years and know what and why some companies are doing what they are doing.


Edited by drblank - 7/7/13 at 6:18pm
post #243 of 245
Quote:
Originally Posted by Technarchy View Post


No way in hell this had been addressed. That is android shillboy spin at best. This security hole goes back to every android handset sold since android 1.6 which was released in 2009.

Google loves to state they have one trillion activations a day. Well one can extrapolate from that claim the sheer size of this issue affecting hundreds of millions of devices.

So someone is claiming google has "addressed" the issue and pushed out a huge update that touches the very core of the way android works, and did an over the air update that fixed every android device sold since 2009.

Two words: My Ass

This is a security issue of epic proportions, despite the android spin machine trying to sweep it under the rug and wish it away.

 

As the article mentions, this exploit is actively searched for and not allowed into the Play Store.  If you don't want to believe the article then go to the search engine of your choice and search "Google Bouncer" and you'll find more information.

post #244 of 245
Quote:
Originally Posted by DroidFTW View Post

 

As the article mentions, this exploit is actively searched for and not allowed into the Play Store.  If you don't want to believe the article then go to the search engine of your choice and search "Google Bouncer" and you'll find more information.

 

It's intellectually dishonest on numerous levels to classify this as solution.

 

Doubly so when everyone knows Google Play is the Detroit of mobile app stores.

 

Google's app governance and integrity is non-existant. 

 

Example: I didn't know Infinity Blade 2 was on android: https://play.google.com/store/apps/details?id=com.nicegame.goodstart.jqxq.srbuy.rgdtxm&feature=search_result#?t=W251bGwsMSwxLDEsImNvbS5uaWNlZ2FtZS5nb29kc3RhcnQuanF4cS5zcmJ1eS5yZ2R0eG0iXQ.

 

This shouldn't even be allowed. Google Bouncer does a bang up job of protecting android users 1rolleyes.gif

 

Furthermore this is not a solution, because the exploit still exists. It's like saying adding more police is a solution for curing cancer.

post #245 of 245

Despite your personal opinions, it's a perfectly logical step for Google to take.  They likely can't force a software fix out to all Android phones to patch this as quickly as they can monitor their app store for the exploit.  It's the best and most logical first step.

New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: iPhone
  • Security flaw opens all modern Android devices to "zombie botnet" takeover [u]
AppleInsider › Forums › Mobile › iPhone › Security flaw opens all modern Android devices to "zombie botnet" takeover [u]