Samsung adds security layer to Android to gain enterprise credibility

2

Comments

  • Reply 21 of 51
    Dan_DilgerDan_Dilger Posts: 1,583member
    derekmorr wrote: »
    Even for DED, this article has low standards. It's so full of distortions and cherry picked half-truths that it's disturbing to think anyone will take it seriously.

    Yes, and all of your half-truths explain exactly why virtually no serious enterprise or government users are actually using Android at all.

    Look how many firms and agencies have studied both and went with iOS.

    No amount of quibbling and defensive "fact" relating makes this any different.

    Also, tell us how many Android phones use anything newer than 3.0? Less than half of the phones actively using Google Play!

    This doesn't include the forks and white box stuff that makes up the majority of all those "sales" in the "platform."

    You can grouse all you want about how great Android is, but if it were minimally functional if would be in wide use in the enterprise, just as it is among poor users in developing nations and poor people in the US on prepaid plans.
  • Reply 22 of 51
    Unreal
  • Reply 23 of 51
    gatorguygatorguy Posts: 24,285member

    Quote:

    Originally Posted by Corrections View Post





    Yes, and all of your half-truths explain exactly why virtually no serious enterprise or government users are actually using Android at all.



    Look how many firms and agencies have studied both and went with iOS.



    No amount of quibbling and defensive "fact" relating makes this any different.



    Also, tell us how many Android phones use anything newer than 3.0? Less than half of the phones actively using Google Play!



    This doesn't include the forks and white box stuff that makes up the majority of all those "sales" in the "platform."



    You can grouse all you want about how great Android is, but if it were minimally functional if would be in wide use in the enterprise, just as it is among poor users in developing nations and poor people in the US on prepaid plans.


    I expected you might address each of his points or at least refute a couple of them. That you didn't implies he has some valid comments. I completely agree tho that enterprise seems a lot more friendly towards iOS than towards Android, and likely for good reasons.

  • Reply 24 of 51
    derekmorrderekmorr Posts: 237member
    Yes, and all of your half-truths explain exactly why virtually no serious enterprise or government users are actually using Android at all.

    Hi, Daniel (btw, why don't you use your real name when you post comments here? Keeping track of your aliases is almost a full-time job.)

    I see you didn't bother responding to any of my claims, but just spread more FUD and name-calling. That's unfortunate.

    Is the Pentagon a serious enough government user of Android for you?
    Also, tell us how many Android phones use anything newer than 3.0? Less than half of the phones actively using Google Play!

    It's about 45% using February's numbers. We should have updated numbers later this week. If you track the version stats and run the projections forward, I suspect that this year 1.6, 2.1, and 2.2 will be gone, and 2.3 will drop to under 30%. Of course, I doubt this will be good enough for you; you'll just invent another excuse to write clickbait hit pieces.
    You can grouse all you want about how great Android is, but if it were minimally functional if would be in wide use in the enterprise, just as it is among poor users in developing nations and poor people in the US on prepaid plans.

    This is just more ad hominem attacks - the tired "Android is only for poor people" cliche. It's sad that you have to resort to it.

    Enjoy your evening. I have better things to do than argue with zealots.
  • Reply 25 of 51
    kdarlingkdarling Posts: 1,640member



    Quote:

    Originally Posted by Corrections View Post



    Yes, and all of your half-truths explain exactly why virtually no serious enterprise or government users are actually using Android at all.


     


    I don't think he was addressing any of those topics.  He was only pointing out all the technical mistakes.


     


    As for serious government users, the NSA and the Army chose Android.


     


    Quote:


    You can grouse all you want about how great Android is, but if it were minimally functional if would be in wide use in the enterprise, just as it is among poor users in developing nations and poor people in the US on prepaid plans.



     


    Again, he didn't seem to be promoting Android at all, but only correcting article mistakes.

  • Reply 26 of 51
    dick applebaumdick applebaum Posts: 12,527member

    Quote:

    Originally Posted by GadgetCanada View Post




    Quote:

    Originally Posted by drblank View Post


    Sounds like you listen to the delusional media.  Sounds about right. So, what version OS is Samsung shipping?  4.1.1 and older.  God, they can't even ship their Android crap with the latest OS.  



     


    FYI, an upside down exclamation mark ¡ = /s = sarcasm



     


    Not in Spanish!

  • Reply 27 of 51
    So Derek and KD are again making statements and leaving out details.

    Tell me, KD, what version of Android are the Army and NSA using and what modifications have they done to their devices? More importantly, why did you neglect to mention these items?

    derek, even if 2.3 hits 30% (unlikely considering how many new handsets are being shipped with it), that still leaves JB as the minority and ICS as the number one version. And ICS is not secure as it uses a half-baked version of ALSR, something only finally fixed in JB. So most Android users will still be on a less secure version, even at years end.
  • Reply 28 of 51
    kdarlingkdarling Posts: 1,640member

    Quote:

    Originally Posted by EricTheHalfBee View Post



    Tell me, KD, what version of Android are the Army and NSA using and what modifications have they done to their devices? More importantly, why did you neglect to mention these items?


     


    That's a fair point.  The Army is using modified Motorola phones, and the NSA is using Motorola phones with their SE version of Android.


     


    Interesting.  Wonder if Samsung's use of Android SE in KNOX will mean that their commercial devices can become the phone of choice for sensitive government work?


     


    Of course, it's a pity to leave out modified devices, since then we would also have to leave out all the thousands of iPads that third parties have modified for government use.

  • Reply 29 of 51
    derekmorrderekmorr Posts: 237member
    So Derek and KD are again making statements and leaving out details.

    derek, even if 2.3 hits 30% (unlikely considering how many new handsets are being shipped with it), that still leaves JB as the minority and ICS as the number one version. And ICS is not secure as it uses a half-baked version of ALSR, something only finally fixed in JB. So most Android users will still be on a less secure version, even at years end.

    What details did I neglect to include?

    What new devices are still shipping with Gingerbread? I'm sure there must be some, but how popular will they be? Gingerbread's marketshare peaked at 66% back in June 2012. It's fallen 20% since then. I highly doubt it will go back up (no version of Android ever has. Once it peaks, it steadily drops).

    I'd hardly call the ASLR implementation in ICS "half-baked." There were problems in 4.0 - 4.0.2, but they were mostly fixed in 4.0.3. And that early version of ICS (API level 14) disappeared from Google's stats in October 2012, so users have upgraded to the newer ICS and JB builds. The only ASLR improvements in 4.1 were the relocatable linker and PIE executables.

    But, frankly, I'm not convinced this matters so much. Much of the so-called "malware" on Android are apps that exfiltrate PII (using the existing permission model) or send premium rate SMS (again, using the existing permission model). That's not the sort of thing that ASLR, NX, RELRO, FDE, SE Android, etc will mitigate. Don't get me wrong -- these are important security technologies, but they won't address the core "problem" -- if a user turns off app validation, visits a shady app store, installs malware, and confirms the permission check, there's nothing these technologies can do to prevent that.

    Also, I'm not ready to make a prediction about ICS vs Jellybean marketshares by year's end. So far, Jellybean adoption is growing faster than ICS did, likely because it's a lot easier to upgrade ICS devices to JB than Gingerbread devices to ICS. Also, ICS marketshare actually dropped a tenth of a percent last month. I'm curious to see the March Android numbers, which should be out this week.
  • Reply 30 of 51
    azlotyazloty Posts: 1member
    This is just sad. Android is 5 years behind in security, taking home a fraction of the smartphone profit... lkrupp... Really winning, Android market share means nothing when the satisfaction rate is as low as it is for Android devices while apples is so high... what that means is that Apple will continue to grow even as the over all market declines. Android can't get a foothold in enterprise, not just because of their lack of security but because the OS is flawed from the start. The UI will always be laggy because nearly everything needs to be recompiled at runtime because it's running a virtual OS... Unlike Apple who wasn't playing catch-up, they designed it right from the start. Before people get a smartphone they may be fooled because they don't understand this... but as they use it and realize that there is a difference between the iPhone and half-baked Android they become dissatisfied and it show in the loyalty tracking that is crazy high for iOS and crazy low for Android. Apple gets switchers, Samsung does not... The only people that blindly defend Android are people that dislike Apple because og the Mac vs. PC commercials that made them look like fools... your still a fool.
  • Reply 31 of 51
    runbuhrunbuh Posts: 315member

    Quote:

    Originally Posted by EricTheHalfBee View Post



    So Derek and KD are again making statements and leaving out details.



    Tell me, KD, what version of Android are the Army and NSA using and what modifications have they done to their devices? More importantly, why did you neglect to mention these items?



     


     


    Let's carry this a little further, since we're talking about the Army and NSA.  What versions of iOS and Android devices are the Army and NSA using UNMODIFIED for direct access or storage of classified data?  


     


    Are any of the COTS devices even allowed on SIPRNET, yet?  I tend to doubt it.

  • Reply 32 of 51
    "Mostly fixed". ASLR is an all or nothing affair. You can't have "most" things fixed and call it implemented.

    You're not ready to make a prediction on ICS, yet you're willing to make up a number (30%) for GB?

    And why did Samsung create Knox, since you seem to want to imply "Samsung has already had....".
  • Reply 33 of 51
    kdarlingkdarling Posts: 1,640member

    Quote:

    Originally Posted by runbuh View Post


    Let's carry this a little further, since we're talking about the Army and NSA.  What versions of iOS and Android devices are the Army and NSA using UNMODIFIED for direct access or storage of classified data?  



     


    I don't think the Army or NSA is using any unmodified phones for classified data.


     


    The Army phones are reportedly stock Motorola Atrix, with a custom (NSA?) Android ROM loaded.  By using COTS hardware, they save money.


     


    They wanted to make an iOS version, but Apple won't let them have access to the OS code to modify it.


     


    Quote:

    Originally Posted by EricTheHalfBee View Post



    And why did Samsung create Knox, since you seem to want to imply "Samsung has already had....".


     


    Android has VPN, encryption and Exchange support.


     


    Knox is far deeper than that, and is not available on other mass consumer devices.  


     


    As pointed out above, Knox uses the NSA's SELinux work on implementing a secure OS architecture, to give a secure separation between personal and business uses.  


     


    Quite valuable for enterprise or government purchase or BYOD situations.

  • Reply 34 of 51
    derekmorrderekmorr Posts: 237member



    Quote:



    Originally Posted by EricTheHalfBee View Post



    "Mostly fixed". ASLR is an all or nothing affair. You can't have "most" things fixed and call it implemented.


     


    ASLR is usually added gradually. OS X got limited ASLR in 10.5, with support improving in future versions. Same in iOS -- Apple added limited ASLR in 4.3 and expanded it later.


     


     


    Quote:

    Originally Posted by EricTheHalfBee View Post



    You're not ready to make a prediction on ICS, yet you're willing to make up a number (30%) for GB?


     


    I made the prediction for Gingerbread because it peaked almost 10 months ago and has been steadily declining (2% - 3% each month). Jellybean is still growing, and until last month ICS was as well. It's not yet clear if ICS 0.1% decline was a one-time fluke or a sign of a greater trend.

  • Reply 35 of 51
    alfiejralfiejr Posts: 1,524member


    actually the real significance of Knox - which neither the article nor the comments address - is whether Samsung has crossed the line and effectively "forked" Android. does Knox require specific Knox-enabled apps? would a Knox supporting server's security setup work fully with other Android products too, or just Knox flavored ones?


     


    because of Samsung's Android market share dominance, the big question for the future of Android is whether Samsung will split off its own proprietary version by continuing to add custom layers/services like this that effectively create a partly "walled garden" other OEM's (including GoogleRola) cannot share. like Amazon already did.

  • Reply 36 of 51
    ankleskaterankleskater Posts: 1,287member

    Quote:

    Originally Posted by SolipsismX View Post



    Kudos to Samsung for providing what Google can't.




    Indeed. Kudos, in general, for developing a strategy for the enterprise market. Wonder if this will eventually make the likes of Good Technology redundant, or make their job easier.

  • Reply 37 of 51
    ankleskaterankleskater Posts: 1,287member

    Quote:

    Originally Posted by 9secondko View Post



    It's been a fun experiment for tinkerers, but the iOS devices are actual, polished, proper products.



    And it has been that way from the start.




    For enterprise? Not true. What is the iOS equivalent of Knox?

  • Reply 38 of 51
    hill60hill60 Posts: 6,992member


    Originally Posted by KDarling View Post

    I don't think the Army or NSA is using any unmodified phones for classified data.


     


    The Army phones are reportedly stock Motorola Atrix, with a custom (NSA?) Android ROM loaded.  By using COTS hardware, they save money.


     


    They wanted to make an iOS version, but Apple won't let them have access to the OS code to modify it.


     


    Android has VPN, encryption and Exchange support.


     


    Knox is far deeper than that, and is not available on other mass consumer devices.  


     


    As pointed out above, Knox uses the NSA's SELinux work on implementing a secure OS architecture, to give a secure separation between personal and business uses.  


     


    Quite valuable for enterprise or government purchase or BYOD situations.



     


    Says the guy who can't even secure an iPad from his daughter making 262.52 USD worth of unauthorised purchases.


     


    Yet here you are discussing high level Linux security like an expert.


     


    Your credibility is shot. Why should we believe this crap?

  • Reply 39 of 51
    gatorguygatorguy Posts: 24,285member


    Originally Posted by hill60 View Post

    Says the guy who can't even secure an iPad from his daughter making 262.52 USD worth of unauthorised purchases.


     


    Yet here you are discussing high level Linux security like an expert.


     


    Your credibility is shot. Why should we believe this crap?



    His integrity is intact as far as I can see. You questioned his honesty about iTunes purchases and he gave you proof for what he wrote. Having a tantrum in response seems a bit over the top.


     


    Why not instead jump in with your own OS security comments to disprove his?

  • Reply 40 of 51
    hill60hill60 Posts: 6,992member

    Quote:

    Originally Posted by Gatorguy View Post


    His integrity is intact as far as I can see. You questioned his honesty about iTunes purchases and he gave you proof for what he wrote. Having a tantrum in response seems a bit over the top.


     


    Why not instead jump in with your own OS security comments to disprove his?



     


    So what does this have to do with you?


     


    Your team falling apart as their cover is blown?


     


    Mr Leap to Defend.

Sign In or Register to comment.