or Connect
AppleInsider › Forums › General › General Discussion › Google's Schmidt says Android more secure than the iPhone
New Posts  All Forums:Forum Nav:

Google's Schmidt says Android more secure than the iPhone - Page 4

post #121 of 213
Quote:
Originally Posted by EricTheHalfBee View Post

And which virus scanner software on your PC (for example) has a 100% success rate at detecting everything? Think about that long and hard.

You don't think Apple is 100% successful at detecting everything either do you? None are failsafe and it appears Google may have solved the bulk of their potential malware problem over the past several months.

FWIW there's apparently claims from Homeland Security that Windows phone is more secure than either iOS or Android.1bugeye.gif
http://www.windowsphonedaily.com/2013/08/windows-phone-has-less-risk-of-malware.html
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #122 of 213
Quote:
Originally Posted by Gatorguy View Post


You don't think Apple is 100% successful at detecting everything either do you? None are failsafe and it appears Google may have solved the bulk of their potential malware problem over the past several months.

FWIW there's apparently claims from Homeland Security that Windows phone is more secure than either iOS or Android.1bugeye.gif
http://www.windowsphonedaily.com/2013/08/windows-phone-has-less-risk-of-malware.html

 

I never stated Apple was 100% successful. Nice try. However I will state that Apple's methods of checking Apps are superior to Google's even if Apple isn't 100% perfect either.

 

And again, this is just checking of Apps. We haven't even gotten to the architectural differences between Android and iOS.

post #123 of 213
Quote:
Originally Posted by EricTheHalfBee View Post
 

And as I pointed out above (and people seem to want to ignore) is that there are significant differences between the vulnerabilities of GB, ICS and JB. What does Google say about this? How come they only want to talk about "discovered Apps" and not the OS itself?

 

I'm not sure those are relevant to Google's numbers. Yes, it would be good if bugs in the OS could be fixed faster, but given the way vendors customize the OS and the certification processes that carriers insist on, I don't think that'll happen (Nexus/GE and CM devices aside). But if Google's security scanner blocks a malicious app from being installed in the first place, it doesn't matter as much, does it?

 

That's what we see with the master key bug. There are a great many devices out there with vulnerable ZipFile implementations, but Google can detect apps that try to exploit this and remove them from the Play Store or block them from third-party installs (at least on devices with Google Play Services installed). No, that's not 100% perfect (nothing is), but it's vastly better than the mainstream tech press (and many AI commenters) would have you believe.

post #124 of 213
if you don't install any app to Android, don't download anything from email or hyperlink, and don't visit any webpage which may link to malicious webpage, it is safer than an iPhone which does all of above! Lol
post #125 of 213
Quote:
Originally Posted by EricTheHalfBee View Post

I never stated Apple was 100% successful. Nice try. However I will state that Apple's methods of checking Apps are superior to Google's even if Apple isn't 100% perfect either.

And again, this is just checking of Apps. We haven't even gotten to the architectural differences between Android and iOS.

Since you're stating Apple's method for checking apps is superior how does Apple check apps before they're approved? F-Secure (yes THAT F-Secure) says "Apple’s App Store is a monopoly. And that makes it more secure – not because of technology – but because of economics". In other words no one is going to waste a lot of time building a malicious iOS app they aren't going to make much money from, the possible exception being some political motivation rather than monetary. Should we believe F-Secure's comments on security?

Some of the same exact sources that AI has used to question Android security from a malware perspective also claim Apple's iOS has many more security holes than Google's Android. Is that referring to the architectural differences you mention and should we believe Symantec's comments on security?
http://www.symantec.com/security_response/publications/threatreport.jsp

While iOS is almost certainly "more secure" than Android in most areas, Android is also not as malware infested and insecure as the antivirus companies like F-Secure and Symantec are trying to convince us to believe, and us includes AI readers.
Edited by Gatorguy - 10/8/13 at 11:09am
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #126 of 213
Quote:
Originally Posted by Gatorguy View Post

Some of the same exact sources that AI has used to question Android security from a malware perspective also claim Apple's iOS has many more security holes than Google's Android. Is that referring to the architectural differences you mention?
http://www.symantec.com/security_response/publications/threatreport.jsp

While iOS is almost certainly "more secure" than Android in most areas, Android is also not as malware infested and insecure as the antivirus companies would like users (and AI readers) to believe.

 

Here is a salient quote from that symantec report (http://www.symantec.com/content/en/us/enterprise/other_resources/b-istr_main_report_v18_2012_21291018.en-us.pdf):

 

Quote:

 With Mobile, It’s Not the Vulnerability that Will Get You
[...]
Today, mobile vulnerabilities have little or no correlation to mobile malware. In fact, while Apple’s iOS had the most documented vulnerabilities in 2012, there was only one threat created for the platform. Compare this to the Android OS; although only thirteen vulnerabilities were reported, it led all mobile operating systems in the amount of malware written for the platform.

 

The anti-exploit mitigations in android are no weaker than those of iOS. In fact, one could argue that they are somewhat stronger, since you get to see exactly what privileges a program wants before you even install it. However, if you choose to install apps from shady sources and turn off Google Play's verification tool, you are going to get burned. These are the users that malware writers prey on, particularly in other countries where people make extensive use of software sources in addition to, and possibly instead of, Google Play.


Edited by d4NjvRzf - 10/8/13 at 11:14am
post #127 of 213
Quote:
Originally Posted by EricTheHalfBee View Post

I never stated Apple was 100% successful. Nice try. However I will state that Apple's methods of checking Apps are superior to Google's even if Apple isn't 100% perfect either.

And again, this is just checking of Apps. We haven't even gotten to the architectural differences between Android and iOS.

Quote:
Originally Posted by EricTheHalfBee View Post

And which virus scanner software on your PC (for example) has a 100% success rate at detecting everything? Think about that long and hard.

You never stated that Apple was 100% secure, but neither did derekmorr state that any virus scanner was 100% reliable. Your straw man begot the second straw man.

That aside, the 0.001% success rate of malware installation on Android is only one part of the security landscape. This tells you that Google's Play Services scanner is doing a decent job blocking malicious apps. And Play Services are independent of Android version, so it protects even the sad folks stuck on Gingerbread.

You're right though that there are differences in security between Android versions and that someone on Gingerbread is more vulnerable than someone on Jelly Bean.

Based on that we can make some guesses about who is getting infected by malware: mostly Gingerbread users (now 28.5% of active users) who choose to ignore the warnings from Play Services. Jelly Bean users (now 48.6% of active users) are inherently less vulnerable but may still choose to ignore the warnings and install a malicious app.
post #128 of 213
Quote:
Originally Posted by d4NjvRzf View Post

The anti-exploit mitigations in android are no weaker than those of iOS. In fact, one could argue that they are somewhat stronger, since you get to see exactly what privileges a program wants before you even install it. 

If you have a Nexus device running 4.3x you can already control and fine-tune some of the permissions for specific apps even after they're installed. I've been doing so on a Nexus7. It's also likely to be an official and more easily accessed Android feature for everyone with the next Android version.
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #129 of 213
This is all based on a matter of perspective. For instance...the PERSPECTIVE is that Android has more security exploits based on the amount of malware, BUT...if you're getting your apps from the the Google Play Store, you're going to be fine. Download apps outside of it, and you run risks.

Similarly, the PERSPECTIVE is that the iPhone is more secure because Apple controls the App Store, yet...Charlie Miller warned Apple several times about malware-infected apps on the App Store, and Apple ignored him. He finally wrote and successfully uploaded proof-of-concept malware to the App Store just to prove a point. The result? Apple banned his account and tried to quietly sweep it under the carpet, just like every other bit of controversy that rears its head at Cupertino.

Wake up, people.
post #130 of 213
Quote:
Based on that we can make some guesses about who is getting infected by malware: mostly Gingerbread users (now 28.5% of active users) who choose to ignore the warnings from Play Services. Jelly Bean users (now 48.6% of active users) are inherently less vulnerable but may still choose to ignore the warnings and install a malicious app.

 

I don't know if you can go that far with the data that we have. I'd love to see good, reliable data about which versions have what infections, etc. I'd also love to see how OEMs and carriers compare for patch responsiveness. There's far, far too much hype and fear-mongering when it comes to mobile security and precious little hard data.

post #131 of 213
Originally Posted by MaestroDRAVEN View Post
The result? Apple banned his account and tried to quietly sweep it under the carpet, just like every other bit of controversy that rears its head at Cupertino.

Wake up, people.

 

Yes, please wake up and stop posting worthless lies.

post #132 of 213
A new Ballmer!

Whew! Continuity of entertainment has been guaranteed.
post #133 of 213

This poor guy (shmidt) he needs to get back on his meds, the dementia is kicking in.

post #134 of 213
Quote:
Originally Posted by d4NjvRzf View Post
 

Why would the mac have fewer problems compared to an Android machine? The android security model is quite similar to that of OS X. Both systems let you install applications from anywhere you want, both use unix-style process isolation, and in fact Android sandboxes applications more extensively. 

 

Lol you really have no clue what your talking about .

post #135 of 213
Quote:
Originally Posted by Mechanic View Post
 

 

Lol you really have no clue what your talking about .

 

Care to enlighten me with some details? I was referring the security measures built into the OS's themselves, not the policies governing the various app stores.

post #136 of 213
Quote:
Originally Posted by stylorouge View Post


I actually had more problems with my iPhone than android. Maybe I'm lucky.
 

You've had more security problems with your iPhone, than you've had with your Android phone? Is that what you're saying? Or are you changing the argument away from security to general problems, of which you've suppled no supporting facts for your statement, once you've realized you were defeated? Please respond with facts. Thank you.

NOTICE: While every effort has been made to ensure the accuracy of the information supplied herein, fahlman cannot be held responsible for any errors or omissions. Unless otherwise indicated,...
Reply
NOTICE: While every effort has been made to ensure the accuracy of the information supplied herein, fahlman cannot be held responsible for any errors or omissions. Unless otherwise indicated,...
Reply
post #137 of 213
Quote:
Originally Posted by Tallest Skil View Post
 

 

Yes, please wake up and stop posting worthless lies.

 

Who's posting lies???

 

http://blogs.cio.com/iphone/16612/iphone-dev-sneaks-malware-apple-app-store-feels-swift-wrath-cupertino

 

I hear that eating crow is better if you warm it up.  You might want to try that.

post #138 of 213
Originally Posted by MaestroDRAVEN View Post

Who's posting lies???


You. By claiming Apple “swept it under the carpet”. If you had proof of that, as well as your assertion that “every controversy” is treated the same, you would have posted it. You did not. You obviously have no proof. Stop posting lies.

post #139 of 213
Quote:
Originally Posted by MaestroDRAVEN View Post
 

 

Who's posting lies???

 

http://blogs.cio.com/iphone/16612/iphone-dev-sneaks-malware-apple-app-store-feels-swift-wrath-cupertino

 

I hear that eating crow is better if you warm it up.  You might want to try that.

 

I guess you normally eat your crow raw at room temperature.  That's a year old article and did you READ the article?  Oh, BTW, Charlie Miller prefers to use Apple products, in case you didn't know Charlie's history.    

 

Would you bring up something more recent?  That article is dated Nov. 2011.   What year is it?  2013.  Is it possible for you to show us something more recent? I can show you to F-secure's Q1 2013 Mobile Threat report if you like that's more recent and FYI, the number of types of threats on Android is growing at a fast rate.  Did you notice how many threats have been seen in iOS?  Or Windows phones, or other mobile device OS's?  Symbian seems to have a  problem as well, but not many people use it, so you can't use that market share BS excuse either.    


Here's the link.    http://www.f-secure.com/static/doc/labs_global/Research/Mobile_Threat_Report_Q1_2013.pdf

 

In order to remove parasites, you might want to set your crow to 350 F or do you like it raw to induce more parasites in your system?

post #140 of 213
Quote:
Originally Posted by Tallest Skil View Post
 


You. By claiming Apple “swept it under the carpet”. If you had proof of that, as well as your assertion that “every controversy” is treated the same, you would have posted it. You did not. You obviously have no proof. Stop posting lies.

 

Maestro doesn't read anything current.  SInce he's probably using an older version of Android, he's kind of stuck in 2 year old mentality, hence the stupid article he listed, but obviously he can't show a single security report by any of the security research companies that proves his point.  

 

I think it's hilarious that EVERY security research company is slamming Android platform to the ground as they are seeing more threats increasing like a log scale, when just about every one else has pretty much on threats to talk about, and Eric Schmidt can basically say that Android is more secure when there is not one single shred of evidence from ANY of the security research companies that he can use to back his statement up.   If I was Apple, I would gather all of the market research information on security threats and stack in on a BIG HUGE SLANDER AND DEFAMATION OF CHARACTER lawsuit against Eric Schmidt/Google to shut them up FOREVER.


Edited by drblank - 10/9/13 at 1:04pm
post #141 of 213

Android out of the box, untouched is just as secure as iOS, especially on Samsung phones with Knox enabled. Android though, unlike iOS allows the user to circumvent any security feature to suit the users whim. Apparently this is way to much responsibility for people as malware seems to be on the rise from apps downloaded outside of Google's Play Store. Antivirus, malware protection programs are a waste of system resources. I have never, ever had a malware infect any of my phones because I know security and pay for my apps. Google needs to follow Apple's path and just assume their users are idiots and not allow any way to circumvent security options and yes, unfortunately this means the removal of the file-manager, a feature by the way that is an absolute must for any phone that I own. Those seeking complete control on their Android phone can always install a custom ROM, which I recommend anyway, you always get the latest version and is supported a lot longer, like for at least 5 years. Not to mention security holes are patched a lot more quickly.

When I looked up "Ninjas" in Thesaurus.com, it said "Ninja's can't be found" Well played Ninjas, well played.
Reply
When I looked up "Ninjas" in Thesaurus.com, it said "Ninja's can't be found" Well played Ninjas, well played.
Reply
post #142 of 213
Quote:
Originally Posted by Relic View Post
 

Android out of the box, untouched is just as secure as iOS, especially on Samsung phones with Knox enabled.

 

So, once taken out of the box, Android becomes insecure?

 

That would explain those low usage stats.

 

Keep safe, ladies and gentleman. Keep your Android device in it's box.

Android: pitting every phone company in the world against one, getting a higher number, and considering it a major achievement.
Reply
Android: pitting every phone company in the world against one, getting a higher number, and considering it a major achievement.
Reply
post #143 of 213
Quote:
Originally Posted by Relic View Post
 

Google needs to follow Apple's path and just assume their users are idiots 

 

Ah, arrogance towards the majority of users.

 

An excellent, and convincing, argument to use Android.

Android: pitting every phone company in the world against one, getting a higher number, and considering it a major achievement.
Reply
Android: pitting every phone company in the world against one, getting a higher number, and considering it a major achievement.
Reply
post #144 of 213
Quote:
Originally Posted by GTR View Post
 

 

So, once taken out of the box, Android becomes insecure?

 

That would explain those low usage stats.

 

Keep safe, ladies and gentleman. Keep your Android device in it's box.

It's once you start using it that's when it becomes more insecure.  Most people are not going to install Knox, that's just for Enterprise customers and that's a different type of security.  I don't know if Knox will prevent malware from being installed.  The OEM versions of Android aren't even up to date on all of the latest bugs/security patches.  The whole thing is a joke.

post #145 of 213
Quote:
Originally Posted by GTR View Post
 

 

Ah, arrogance towards the majority of users.

 

An excellent, and convincing, argument to use Android.

Google already knows their users are idiots.  Most of them don't know what the latest version of Android is unless they actually check their phone and if their phone tells them they have the latest version, they don't question it.  Buying a phone where it doesn't come with the latest OS brand new?  That's an ignorant person that buys those types of phones.  What mfg of a computer device ships with an outdated OS on a brand new product?  ONLY Android products that I'm aware of.  Microsoft does do it for a period of time right after a new OS release, but they usually give you at LEAST the option of the latest or the previous version, but several revs ago? NO.  You can STILL buy 2.X phones and that OS is almost 4 years old.

post #146 of 213
Quote:
Originally Posted by drblank View Post
 

It's once you start using it that's when it becomes more insecure.  Most people are not going to install Knox, that's just for Enterprise customers and that's a different type of security.  I don't know if Knox will prevent malware from being installed.  The OEM versions of Android aren't even up to date on all of the latest bugs/security patches.  The whole thing is a joke.

Knox is based on SE Android, which is being rolled out now. Google, Samsung, and Cyanogenmod are taking their time to make sure they get the policies right, so they're running it in Permissive mode now. Once it's put into Enforcing mode, it should block most privilege escalation attacks.

 

In the meantime, Bouncer + Verify Apps seems to be doing a pretty good job blocking malware.

post #147 of 213
Quote:
Originally Posted by GTR View Post
 

 

Ah, arrogance towards the majority of users.

 

An excellent, and convincing, argument to use Android.

Yea, I went a little to far with that remark. I meant to say that Apple justifiably controls every aspect of the users experience, something that most users need. 

When I looked up "Ninjas" in Thesaurus.com, it said "Ninja's can't be found" Well played Ninjas, well played.
Reply
When I looked up "Ninjas" in Thesaurus.com, it said "Ninja's can't be found" Well played Ninjas, well played.
Reply
post #148 of 213
Quote:
Originally Posted by drblank View Post
 

You can STILL buy 2.X phones and that OS is almost 4 years old.

Yes, but those are most likely prepaid phones or impulse buys at a check out counter, complete garbage. Android phones that compete with Apple tend to be much better when it comes to updates. Most users just need two years of updates anyway since most are on a contract and for those who keep their phones longer can go to the ROM communities if they need the newest Android version, there phones are supported for at least 5 years. They have 4.2.2 roms for the first Android phone ever produced so you can be certain that a Samsung S2 will be supported at least until 2015. I totally agree with you though, the iPhone is defiantly the way to go if you have the money and can live without a file-manager or full control over the OS.

When I looked up "Ninjas" in Thesaurus.com, it said "Ninja's can't be found" Well played Ninjas, well played.
Reply
When I looked up "Ninjas" in Thesaurus.com, it said "Ninja's can't be found" Well played Ninjas, well played.
Reply
post #149 of 213

Heyyyy! I loved him in the Andy Griffith's show and Three's Company!!!!

post #150 of 213
Quote:
Originally Posted by Archangel58 View Post
 

Heyyyy! I loved him in the Andy Griffith's show and Three's Company!!!!

What was that Disney movie where he turned into a fish?

When I looked up "Ninjas" in Thesaurus.com, it said "Ninja's can't be found" Well played Ninjas, well played.
Reply
When I looked up "Ninjas" in Thesaurus.com, it said "Ninja's can't be found" Well played Ninjas, well played.
Reply
post #151 of 213
Quote:
Originally Posted by GTR View Post

Ah, arrogance towards the majority of users.

An excellent, and convincing, argument to use Android.

Why not? It works for the leet Linux desktop snobs.

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply
post #152 of 213
Quote:
Originally Posted by Relic View Post

What was that Disney movie where he turned into a fish?

The Incredible Mister Limpet.
post #153 of 213
Quote:
Originally Posted by Dave MacLachlan View Post


The Incredible Mister Limpet.

Aaah, thank you. I think I'll watch that tonight, .....and make a tuna sandwich.

When I looked up "Ninjas" in Thesaurus.com, it said "Ninja's can't be found" Well played Ninjas, well played.
Reply
When I looked up "Ninjas" in Thesaurus.com, it said "Ninja's can't be found" Well played Ninjas, well played.
Reply
post #154 of 213
Quote:
Originally Posted by drblank View Post
 

 

Maestro doesn't read anything current.  SInce he's probably using an older version of Android, he's kind of stuck in 2 year old mentality, hence the stupid article he listed, but obviously he can't show a single security report by any of the security research companies that proves his point.  

 

I think it's hilarious that EVERY security research company is slamming Android platform to the ground as they are seeing more threats increasing like a log scale, when just about every one else has pretty much on threats to talk about, and Eric Schmidt can basically say that Android is more secure when there is not one single shred of evidence from ANY of the security research companies that he can use to back his statement up.   If I was Apple, I would gather all of the market research information on security threats and stack in on a BIG HUGE SLANDER AND DEFAMATION OF CHARACTER lawsuit against Eric Schmidt/Google to shut them up FOREVER.

 

Quote:
Originally Posted by drblank View Post
 

 

I guess you normally eat your crow raw at room temperature.  That's a year old article and did you READ the article?  Oh, BTW, Charlie Miller prefers to use Apple products, in case you didn't know Charlie's history.    

 

Would you bring up something more recent?  That article is dated Nov. 2011.   What year is it?  2013.  Is it possible for you to show us something more recent? I can show you to F-secure's Q1 2013 Mobile Threat report if you like that's more recent and FYI, the number of types of threats on Android is growing at a fast rate.  Did you notice how many threats have been seen in iOS?  Or Windows phones, or other mobile device OS's?  Symbian seems to have a  problem as well, but not many people use it, so you can't use that market share BS excuse either.    


Here's the link.    http://www.f-secure.com/static/doc/labs_global/Research/Mobile_Threat_Report_Q1_2013.pdf

 

In order to remove parasites, you might want to set your crow to 350 F or do you like it raw to induce more parasites in your system?

 

Oh, that's the funny part!  Miller loves Apple products, yet he's the FIRST to go after them for the atrocious history of massive security exploits on every single Mac product.  Pwn2Own has proved (quite efficiently) that Apple has the WORST security history of any tech company.  For 5 years straight, Apple devices fell FIRST, on the FIRST day of every challenge, as if it was a breeze.  Hell, it took Apple 10 years to adopt basic, rudimentary ASLR and DEP, after Windows XP adopted it on Service Pack 3.

 

Again, this is a matter of perspective.  Android might have more threats.....IF you go outside official channels.  Apple, by contrast, claims NO threats on the App Store, when in fact they have them in spades.  Remember...only Apple takes FIVE MONTHS to beat one little piece of malware (Flashback Trojan Horse).  Anyone else would've stamped that thing out in under a week.....and that's being generous.  


The fact (yes, fact) of the matter is that Apple is far from secure, and it's always been this way.  Even after Lion adopted ASLR and DEP, Black Hat STILL uncovered a legion of unforgivable security exploits, and verbally bashed them for it.  Is it any surprise that at 2012's Black Hat conference, that Apple's head of device security made his lil' speech, and then was promptly RUSHED OFF STAGE without fielding any questions?  


Hardy, har har :) Again....wake up.

post #155 of 213
Quote:
Originally Posted by MaestroDRAVEN View Post


Oh, that's the funny part!  Miller loves Apple products, yet he's the FIRST to go after them for the atrocious history of massive security exploits on every single Mac product.  Pwn2Own has proved (quite efficiently) that Apple has the WORST security history of any tech company.  For 5 years straight, Apple devices fell FIRST, on the FIRST day of every challenge, as if it was a breeze.  Hell, it took Apple 10 years to adopt basic, rudimentary ASLR and DEP, after Windows XP adopted it on Service Pack 3.

Again, this is a matter of perspective.  Android might have more threats.....IF you go outside official channels.  Apple, by contrast, claims NO threats on the App Store, when in fact they have them in spades.  Remember...only Apple takes FIVE MONTHS to beat one little piece of malware (Flashback Trojan Horse).  Anyone else would've stamped that thing out in under a week.....and that's being generous.  


The fact (yes, fact) of the matter is that Apple is far from secure, and it's always been this way.  Even after Lion adopted ASLR and DEP, Black Hat STILL uncovered a legion of unforgivable security exploits, and verbally bashed them for it.  Is it any surprise that at 2012's Black Hat conference, that Apple's head of device security made his lil' speech, and then was promptly RUSHED OFF STAGE without fielding any questions?  


Hardy, har har 1smile.gif Again....wake up.

Do you know how the PWN2OWN contest works? Researchers spend months looking for exploits and test them extensively. Then when the contest starts they run their previously tested scenarios. Also researchers volunteer to hack the OS. Just because no one volunteered to test an OS doesn't mean it's more secure.
post #156 of 213
Quote:
Originally Posted by MaestroDRAVEN View Post
 

 

 

Oh, that's the funny part!  Miller loves Apple products, yet he's the FIRST to go after them for the atrocious history of massive security exploits on every single Mac product.  Pwn2Own has proved (quite efficiently) that Apple has the WORST security history of any tech company.  For 5 years straight, Apple devices fell FIRST, on the FIRST day of every challenge, as if it was a breeze.  Hell, it took Apple 10 years to adopt basic, rudimentary ASLR and DEP, after Windows XP adopted it on Service Pack 3.

 

Again, this is a matter of perspective.  Android might have more threats.....IF you go outside official channels.  Apple, by contrast, claims NO threats on the App Store, when in fact they have them in spades.  Remember...only Apple takes FIVE MONTHS to beat one little piece of malware (Flashback Trojan Horse).  Anyone else would've stamped that thing out in under a week.....and that's being generous.  


The fact (yes, fact) of the matter is that Apple is far from secure, and it's always been this way.  Even after Lion adopted ASLR and DEP, Black Hat STILL uncovered a legion of unforgivable security exploits, and verbally bashed them for it.  Is it any surprise that at 2012's Black Hat conference, that Apple's head of device security made his lil' speech, and then was promptly RUSHED OFF STAGE without fielding any questions?  


Hardy, har har :) Again....wake up.

 This article was about iOS and Android. Why are you bringing up old information about OS X?

 

You are talking about Lion?  Lion is a two year old and Mavericks is about to get released. OS, Seriously, show me a list of all the malware attacks actually found for even OS X and compare it to the list of malware on Android or Windows.

 

Seriously, grow up, you idiot.

post #157 of 213
Quote:
Originally Posted by jungmark View Post


Do you know how the PWN2OWN contest works? Researchers spend months looking for exploits and test them extensively. Then when the contest starts they run their previously tested scenarios. Also researchers volunteer to hack the OS. Just because no one volunteered to test an OS doesn't mean it's more secure.

Well, the bottom line is what actual malware gets released to the public.  That's what I'm looking for. What these guys do at contests are many times so remote that we'll see them, that it's more for contest purposes and the OS developers find figure out what they did and come up with a fix.

post #158 of 213
Quote:
Originally Posted by MaestroDRAVEN View Post
 

 

 

Oh, that's the funny part!  Miller loves Apple products, yet he's the FIRST to go after them for the atrocious history of massive security exploits on every single Mac product.  Pwn2Own has proved (quite efficiently) that Apple has the WORST security history of any tech company.  For 5 years straight, Apple devices fell FIRST, on the FIRST day of every challenge, as if it was a breeze.  Hell, it took Apple 10 years to adopt basic, rudimentary ASLR and DEP, after Windows XP adopted it on Service Pack 3.

 

Again, this is a matter of perspective.  Android might have more threats.....IF you go outside official channels.  Apple, by contrast, claims NO threats on the App Store, when in fact they have them in spades.  Remember...only Apple takes FIVE MONTHS to beat one little piece of malware (Flashback Trojan Horse).  Anyone else would've stamped that thing out in under a week.....and that's being generous.  


The fact (yes, fact) of the matter is that Apple is far from secure, and it's always been this way.  Even after Lion adopted ASLR and DEP, Black Hat STILL uncovered a legion of unforgivable security exploits, and verbally bashed them for it.  Is it any surprise that at 2012's Black Hat conference, that Apple's head of device security made his lil' speech, and then was promptly RUSHED OFF STAGE without fielding any questions?  


Hardy, har har :) Again....wake up.

You seem to have a difficult time staying on topic.  Obviously, YOU haven't shown PROOF to back up Eric Schmidt's claim.  You can't even show proof that OS X is less secure than Windows.

 

So Apple's head of security was promptly rush off stage.  You obviously don't know the rules with large companies.  They can't address something like this since it was a recent discovery so instead of conjuring up BS, they have to go back and understand the exploit and fix it, and they usually have to sit down with their attorneys to find out what they can and cannot say about it.  Has the exploit been fixed.

 

Unforgivable security exploit??  Really?  Who judges the level of forgivability?  YOU?  you are a nobody.   

 

I've made no claims that Apple is 100% secure.  It's impossible to do that, but it's far more secure than Android and WIndows.  How? Look at the number of malware released to the public.  Windows has had 100,000's since 2000, Android's exploits are growing like a log scale.   Apple has had only a small handful and a lot of them were more related to Java, which isn't written by Apple, and Flash, which also isn't written by Apple.

 

Hardy har har.. Grow up and maybe you might learn something.  At least Apple does fix their problems and the users that are effected get their OS updates in a timely manner.  I seem to remember Google admitting not too long ago that they had a 2 1/2 year old exploit that still wasn't addressed.  And how long does it take for Google and their OEMs to release updates where the customers can actually get the update?   A LONG FREAKING TIME.  Some never get the update.  And how many Android phones have older than 4.2.2?  About 92% of the Android market (1+ Billion devices)  OUCH.  And how many Android devices are running 4.3?  LIke .1% of the Android install base.  Seems like by the time you get your OS updated there are at least one or two later versions released.  It's a piss poor platform when it comes to updating the OS.  Worst way to distribute an OS.

post #159 of 213

DRblank is completely correct, it is absolutely ridiculous that manufactures who use Android as their OS take so damn long to release an update. It's the individual manufactures fault though, not Google's, Android. Google releases the source code for Android in a very timely manner and even update their own devices fairly quickly, normally within the same month of a new Android release. The problem is, In a attempt to stand out from the rest, mobile makers add their own flare to Android as well as custom software. With this approach the manufacturer has to completely migrate their software and custom desktop to the new Android version every time it's updated. This takes time but not 6 months. Another problem is manufactures seem to ditch even their best handsets after two years with no further updates. Now the custom ROM communities like CyanogenMod has done a wonderful job in picking up the slack but manufactures cannot/should not rely on this community to pick up their slack.

 

As a programmer and an overall computer tinker, I use custom ROMS from the get go so I enjoy the latest updates and most secure phone possible, the normal user should also enjoy these benefits. Get off your butt's Android phone makers.


Edited by Relic - 10/11/13 at 11:43am
When I looked up "Ninjas" in Thesaurus.com, it said "Ninja's can't be found" Well played Ninjas, well played.
Reply
When I looked up "Ninjas" in Thesaurus.com, it said "Ninja's can't be found" Well played Ninjas, well played.
Reply
post #160 of 213
Quote:
Originally Posted by Relic View Post
 

DRblank is completely correct, it is absolutely ridiculous that manufactures who use Android as their OS take too damn long to release an update. It's the individual manufactures fault though, not Google's, Android. Google releases the source code for Android in a very timely manner and even update their own devices fairly quickly, normally within the same month of a new Android release. The problem is, In a attempt to stand out from the rest, mobile makers add their own flare to Android as well as custom software. With this approach the manufacturer has to completely migrate their software to the new Android version every time a new version is released. This takes time but not 6 months. Another problem is manufactures seem to ditch even their best handsets after two years with no further updates. Now the custom ROM communities like CyanogenMod has done a wonderful job in picking up the slack but manufactures cannot/should not rely on this community to pick up their slack.

Relic, I agree and disagree about Google being at fault for the OEMs not releasing OS updates.  Google is the one that sets the distribution strategy.  If Google made it so it wasn't Open Source Free For All approach, then there wouldn't be this problem. Then it would be more in line with how Microsoft releases Windows, but having control over updates.  This is a MAJOR reason why Open Source SUCKS.  It's got advantages, but it has far worse disadvantages IMO.  That's why I won't touch Android.

 

 

As far as rooting one's device and this CyanogeMod, 90%+ of the user base won't touch that.  That's usually only used by the ultra geeks that use Android and that's a VERY small group of people, not the norm. 

 

6 months or more is what it takes for OEMs to release their updates.  Look at Samsung with the S3, they released it 6 to 7 months after Google released it, but what about earlier models that aren't getting 4.2.2.  Look at the S4, it's not using 4.3, time marches on until they start releasing an update for 4.3.  It does take about 6 months.  Each OEM has to get the Google update, modify it, test it, and then get each cell carrier to bless it, and THEN they start releasing it and they don't update each phone with each carrier on the same day, it gets rolled out and it typically takes about a month or two to get ALL of the carriers to bless it, but it does take at least 6 months or more IF the OEM actually updates a specific model.


They are still selling Gingerbread 2.x, IceCreamSandwhich 4.0.x and even older versions of Jelly Bean.  It's a mess, that's what i won't touch Android.

New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: General Discussion
AppleInsider › Forums › General › General Discussion › Google's Schmidt says Android more secure than the iPhone