Google's Android phones are updated. Google make the code available so 3rd parties with modded/skinned/forked versions of Android can also update - but they choose not.
If 3rd party companies made phones using a modified/skinned/forked version of iOS would Apple be responsible for updating them? No of course not.
If people are worried about updates they should buy Apple or Nexus or another brand with a good track record for providing updates.
Not sure there's any evidence that exploits are directly responsible for users switching from Android to iOS, but hey, when did that ever stand in the way of a fan-pleasing headline?
I think most people in the general public have no idea that their phones could get a virus. People probably switch for other reasons.
I've enjoyed many DED articles in the past because they can be very informative but lately they seem like diatribes. Wish he would pull back a little.
I not looking at this from Apple's perspective or that they should do this.
I'm just wondering how much people would be willing to pay for iOS software.
I think an option for Apple is to start a secondary brand. They should call it Peach. But they won't be responsible for building/selling the hardware. They would simply license iOS to this hardware company. They could sell these Peach phones for $250-$300 in Africa, Eastern Europe, South America, ect. It would run a light version of iOS (sort of like what the older iPhones run now). Eventually many of these Peach buyers will upgrade to the real deal Apple. Its sort of like a Toyota/Lexus thing. But the good part is all the risk would be on the hardware company building these phones, and not Apple.
You are truly living in La la land. There's more chance of Tim marrying Kim Kardashian than that happening. Your constant ramblings about the share price and loathing of Tim as a CEO has finally unhinged your mind. Suggesting a strategy of destroying your own margins by deliberately making an inferior product and then letting others make the hardware and have all that negativity..
Why do you guys pile on Sog? Give it up already. He has some excellent points and all you haters sound like Trolls.
The issue isn't a specific exploit. It's the fact that it will never be fixed for most Android users, making it much more likely that over the next ?? years it will serve as another open vulnerability to exploit by local apps the user installs.
The fact that an exploit is so broadly installed and won't be fixed is a huge difference between PC Linux and the supposedly open Android, and the reaction by the public to this is that it's a problem Google hasn't address since first taking a stab at it back years ago. Switching is accelerating. This is a pretty clear trend.
Where did Google say it wouldn't be fixed? I hadn't read that.
Can you read? I'm going with.. No... Going by that response. If it can't be updated, it can be fixed; simple isn't it BUD.
No one can be as dense as you are willingly; so, it must all be a little game you're playing... Have fun by yourself; I'm no longer playing your dumb game.
All the ad-homs are completely unnecessary.If you'd like to have a discussion I'm game. If instead your intent is to talk down from your throne with rude, disrespectful and insulting comments perhaps someone else would like to play with you.
In any event Google fixed it. The more proper headline would have been "Another new kernel flaw that many Android OEM's won't fix". I would have agreed with that one. Simple enough.
You are truly living in La la land. There's more chance of Tim marrying Kim Kardashian than that happening. Your constant ramblings about the share price and loathing of Tim as a CEO has finally unhinged your mind. Suggesting a strategy of destroying your own margins by deliberately making an inferior product and then letting others make the hardware and have all that negativity..
Why do you guys pile on Sog? Give it up already. He has some excellent points and all you haters sound like Trolls.
You are truly living in La la land. There's more chance of Tim marrying Kim Kardashian than that happening. Your constant ramblings about the share price and loathing of Tim as a CEO has finally unhinged your mind. Suggesting a strategy of destroying your own margins by deliberately making an inferior product and then letting others make the hardware and have all that negativity..
Why do you guys pile on Sog? Give it up already. He has some excellent points and all you haters sound like Trolls.
Because if you read his posts. It's just the tired repetition of the same thing and he has shown absolutely no sense of dignity and honour.
Why in the world would Apple want to have to develop for and test iOS on hundreds of devices which are being built as cheaply and quickly as possible (with little regard for quality)? They'd end up turning into Microsoft -- stuck in the quagmire of supporting cheap hardware and unable to move forward because of it.
I not looking at this from Apple's perspective or that they should do this.
I'm just wondering how much people would be willing to pay for iOS software.
I think an option for Apple is to start a secondary brand. They should call it Peach. But they won't be responsible for building/selling the hardware. They would simply license iOS to this hardware company. They could sell these Peach phones for $250-$300 in Africa, Eastern Europe, South America, ect. It would run a light version of iOS (sort of like what the older iPhones run now). Eventually many of these Peach buyers will upgrade to the real deal Apple. Its sort of like a Toyota/Lexus thing. But the good part is all the risk would be on the hardware company building these phones, and not Apple.
Every time I read one of your comments, I feel even happier that you're not in charge of Apple. Apple's business model is based on being that caliber of company that people are willing to pay a premium for its products. That business model has helped Apple earn as much or more profit in a quarter than what Google manages to earn in a whole year.
The types of people who would be interested in a $250-$300 smartphone are the price-conscious buyers. Why would the they ever upgrade to the "real deal Apple?" If people find value at $250-$300, what killer features would the "real deal Apple" have to make them pay a premium for it?
You are truly living in La la land. There's more chance of Tim marrying Kim Kardashian than that happening. Your constant ramblings about the share price and loathing of Tim as a CEO has finally unhinged your mind. Suggesting a strategy of destroying your own margins by deliberately making an inferior product and then letting others make the hardware and have all that negativity..
Why do you guys pile on Sog? Give it up already. He has some excellent points and all you haters sound like Trolls.
Because sog is a broken record. Nearly every post he makes is anti-Tim, with some bizarre idea that a CEO should make public pronouncements for every little rumor. He's a Tim Cook hater and nothing Tim Cook will ever be good enough for the all-knowing sog. Based on many conversations I've seen, several of us thinks that sog should go sog off.
"The biggest contribution by iOS 9.2.1 is called WebSheet. It is the fix for a security bug that was found three years ago and affected how iOS handled cookies — bits of data that remember a user — at captive portals, like the page to log into a hotel’s Wi-Fi"
“This is the longest it has taken Apple to fix a security issue reported by us,” Yair Amit wrote in a blog post for Skycure, an online security company. Amit and Adi Sharabani found the bug, which could have led to crimes like identity theft, in 2013.
As for security- Dream on apple fanboys- dream on...
I wonder if Apple sold an iOS version for Android phones people would buy it?
I wonder if people would buy iOS software for $99?
Buy a $300 Android phone and then $99 to install iOS?
Apple has a hard enough time keeping up with the OS on a phone they designed. There is no way possible they could support a hardware that's designed to be built as cheaply as possible. They would have to charge somewhere in the neighborhood of hundreds of dollars to employ a team large enough for the task. And what would that accomplish besides destroying their own profitable hardware business?
Oh noes! Android Nexus devices don't even use this feature in the kernel! Damn, don't even need a patch! In fact Google's guidelines said to not even compile the feature into the kernel as they don't need it! No, even if you get a reply from /proc/keys, it still isn't used. So the vast majority of devices, don't even use it and are not vulnerable by default.
Oh wait, even older devices don't even use the affected kernel! And for those that do run 5.0 or up and SELinux stops it!
And it gets better! It takes a core i7 up to 30 minutes just to even exploit the bug! It's not even instant!
What will Daniel do when all the information in his flame bait article turn out false again? Nothing, because he doesn't give a shit. Just like he will never fix his article about how an Android exec admitted android didn't focus on security, and was an error in translation that his source fixed, but he didn't. Thanks to him melgross keeps posting about it on ars.
You know Dan, if you put the same effort into researching for others that you do when something negative comes around for apple, you wouldn't have posted this. But that's being "fair and balanced", which you obviously aren't.
Google's Android phones are updated. Google make the code available so 3rd parties with modded/skinned/forked versions of Android can also update - but they choose not.
If 3rd party companies made phones using a modified/skinned/forked version of iOS would Apple be responsible for updating them? No of course not.
If people are worried about updates they should buy Apple or Nexus or another brand with a good track record for providing updates.
'If you didn't want to be stuck with a start-of-the-art phone running an OBSOLETE version of Android, you should have bought a Nexus.'
Thanks. Heard this before. Should have bought a Nexus. Got it, thanks captain hindsight.
You have merely blamed me and dodged the issue. Millions of people are being sold expensive phones which the manufacturers and carriers (aka Google's licensees) have NO intention of ever updating. It's called planned obsolescence and Google should beASHAMED for allowing this evil practice to happen under their license!
No, I'm sorry, this was an epic failure of Google's management to allow third parties free reign over "their" versions of Android. The disastrous repercussions of this moronic decision are unfolding now as millions of device owners remain permanently stuck in "Android XP". You can't just dismiss this debacle as third-party antics removed from Google's responsibility. Google licenses Android and had the authority to forge stricter policies.
Google's "open", laissez faire approach to Android has FAILED. The company's management needs to forge stricter contracts with their licensees going forward. This is an absolute disaster. I am not the only person who is stuck in a THREE YEAR OLD Android OS who once hailed Android but is now seriously considering switching back to Apple.
Google's Android phones are updated. Google make the code available so 3rd parties with modded/skinned/forked versions of Android can also update - but they choose not.
If 3rd party companies made phones using a modified/skinned/forked version of iOS would Apple be responsible for updating them? No of course not.
If people are worried about updates they should buy Apple or Nexus or another brand with a good track record for providing updates.
'If you didn't want to be stuck with a start-of-the-art phone running an OBSOLETE version of Android, you should have bought a Nexus.'
Thanks. Heard this before. Should have bought a Nexus. Got it, thanks captain hindsight.
You have merely blamed me and dodged the issue. Millions of people are being sold expensive phones which the manufacturers and carriers (aka Google's licensees) have NO intention of ever updating. It's called planned obsolescence and Google should beASHAMED for allowing this evil practice to happen under their license!
No, I'm sorry, this was an epic failure of Google's management to allow third parties free reign over "their" versions of Android. The disastrous repercussions of this moronic decision are unfolding now as millions of device owners remain permanently stuck in "Android XP". You can't just dismiss this debacle as third-party antics removed from Google's responsibility. Google licenses Android and had the authority to forge stricter policies.
Google's "open", laissez faire approach to Android has FAILED. The company's management needs to forge stricter contracts with their licensees going forward. This is an absolute disaster. I am not the only person who is stuck in a THREE YEAR OLD Android OS who once hailed Android but is now seriously considering switching back to Apple.
Google doesn't license Android, nor did it force any manufacturer to use it, nor were you forced to buy a phone that wouldn't get updates.
'If you didn't want to be stuck with a start-of-the-art phone running an OBSOLETE version of Android, you should have bought a Nexus.'
Thanks. Heard this before. Should have bought a Nexus. Got it, thanks captain hindsight.
You have merely blamed me and dodged the issue. Millions of people are being sold expensive phones which the manufacturers and carriers (aka Google's licensees) have NO intention of ever updating. It's called planned obsolescence and Google should beASHAMED for allowing this evil practice to happen under their license!
No, I'm sorry, this was an epic failure of Google's management to allow third parties free reign over "their" versions of Android. The disastrous repercussions of this moronic decision are unfolding now as millions of device owners remain permanently stuck in "Android XP". You can't just dismiss this debacle as third-party antics removed from Google's responsibility. Google licenses Android and had the authority to forge stricter policies.
Google's "open", laissez faire approach to Android has FAILED. The company's management needs to forge stricter contracts with their licensees going forward. This is an absolute disaster. I am not the only person who is stuck in a THREE YEAR OLD Android OS who once hailed Android but is now seriously considering switching back to Apple.
Google doesn't license Android, nor did it force any manufacturer to use it, nor were you forced to buy a phone that wouldn't get updates.
It just so happens they picked one off the shelf, which is open source. This decision, for the reasons I mentioned, was a terrible idea. In short, the decision to go with this license was a disaster because it now affects MILLIONS of people, in exactly the same ruinous way. I.e., we aren't talking about a hodgepodge of linux users here, who ought to have known the forked distro they installed would someday be abandoned. These are MILLIONS of people who paid for high-end Android phones, with the expectation they would be included in whatever roadmap Google had in store for all of these Android users.
Besides the decision of how to license Android to the manufacturers, Google also has other, behind-the-scenes contracts and partnerships with these licensees (such as the Play Store). A higher degree of authority could have been and ought to be exercised there as well.
Oh noes! Android Nexus devices don't even use this feature in the kernel! Damn, don't even need a patch! In fact Google's guidelines said to not even compile the feature into the kernel as they don't need it! No, even if you get a reply from /proc/keys, it still isn't used. So the vast majority of devices, don't even use it and are not vulnerable by default.
Oh wait, even older devices don't even use the affected kernel! And for those that do run 5.0 or up and SELinux stops it!
And it gets better! It takes a core i7 up to 30 minutes just to even exploit the bug! It's not even instant!
What will Daniel do when all the information in his flame bait article turn out false again? Nothing, because he doesn't give a shit. Just like he will never fix his article about how an Android exec admitted android didn't focus on security, and was an error in translation that his source fixed, but he didn't. Thanks to him melgross keeps posting about it on ars.
You know Dan, if you put the same effort into researching for others that you do when something negative comes around for apple, you wouldn't have posted this. But that's being "fair and balanced", which you obviously aren't.
Thanks Dan, the Rush Limbaugh of the tech world!
Hey, buddy, you're WRONG. The god damn site who actually discovered this thing says so. Go on Ars technica and get a clue about actual implementation of SELinux in various Android versions. It's not as clear cut as you say BUD. Also, SELinux doesn't stop it, merely make it harder for script kiddies to do it. Since this thing remains open forever in hundreds of millions phones, some with many other unpatched vulnerability, you can chain exploits (don't even need this bug in some older phones)
BTW, next time, stop shouting, ignorance isn't better when you do it!
Google's Android phones are updated. Google make the code available so 3rd parties with modded/skinned/forked versions of Android can also update - but they choose not.
If 3rd party companies made phones using a modified/skinned/forked version of iOS would Apple be responsible for updating them? No of course not.
If people are worried about updates they should buy Apple or Nexus or another brand with a good track record for providing updates.
It really comes down to this ...
Are you a user that wants a tightly controlled experience [user interface, security, battery life] between both hardware and software at the expense of customization/perhaps not having the latest hardware/simplified user interface?
OR
Are you a user that wants to customize your experience at the risk of things not working well, not getting updates, cluttered and busy interface, etc.?
You should research the potential issues of either of the above [i.e. will I get security updates. etc.] before you chose [i.e. getting a phone that will not be updated to the latest OS quickly] and base your purchase on your comfort level.
If you did not research then you should not be surprised if there are issues ...
And if you did research then you should be able to supply clear and rational responses to correct any misrepresentations/lies
"The biggest contribution by iOS 9.2.1 is called WebSheet. It is the fix for a security bug that was found three years ago and affected how iOS handled cookies — bits of data that remember a user — at captive portals, like the page to log into a hotel’s Wi-Fi"
“This is the longest it has taken Apple to fix a security issue reported by us,” Yair Amit wrote in a blog post for Skycure, an online security company. Amit and Adi Sharabani found the bug, which could have led to crimes like identity theft, in 2013.
As for security- Dream on apple fanboys- dream on...
Anyone using a browsing to do anything that requires strong security. But, I agree Apple should have fixed this earlier. Cookies are already a identity sieve and the only good cookie is a dead cookie ;-).
Comments
I've enjoyed many DED articles in the past because they can be very informative but lately they seem like diatribes.
Wish he would pull back a little.
In any event Google fixed it. The more proper headline would have been "Another new kernel flaw that many Android OEM's won't fix". I would have agreed with that one. Simple enough.
The types of people who would be interested in a $250-$300 smartphone are the price-conscious buyers. Why would the they ever upgrade to the "real deal Apple?" If people find value at $250-$300, what killer features would the "real deal Apple" have to make them pay a premium for it?
Oh wait, even older devices don't even use the affected kernel! And for those that do run 5.0 or up and SELinux stops it!
And it gets better! It takes a core i7 up to 30 minutes just to even exploit the bug! It's not even instant!
What will Daniel do when all the information in his flame bait article turn out false again? Nothing, because he doesn't give a shit. Just like he will never fix his article about how an Android exec admitted android didn't focus on security, and was an error in translation that his source fixed, but he didn't. Thanks to him melgross keeps posting about it on ars.
You know Dan, if you put the same effort into researching for others that you do when something negative comes around for apple, you wouldn't have posted this. But that's being "fair and balanced", which you obviously aren't.
Thanks Dan, the Rush Limbaugh of the tech world!
Thanks. Heard this before. Should have bought a Nexus. Got it, thanks captain hindsight.
You have merely blamed me and dodged the issue. Millions of people are being sold expensive phones which the manufacturers and carriers (aka Google's licensees) have NO intention of ever updating. It's called planned obsolescence and Google should be ASHAMED for allowing this evil practice to happen under their license!
No, I'm sorry, this was an epic failure of Google's management to allow third parties free reign over "their" versions of Android. The disastrous repercussions of this moronic decision are unfolding now as millions of device owners remain permanently stuck in "Android XP". You can't just dismiss this debacle as third-party antics removed from Google's responsibility. Google licenses Android and had the authority to forge stricter policies.
Google's "open", laissez faire approach to Android has FAILED. The company's management needs to forge stricter contracts with their licensees going forward. This is an absolute disaster. I am not the only person who is stuck in a THREE YEAR OLD Android OS who once hailed Android but is now seriously considering switching back to Apple.
It just so happens they picked one off the shelf, which is open source. This decision, for the reasons I mentioned, was a terrible idea. In short, the decision to go with this license was a disaster because it now affects MILLIONS of people, in exactly the same ruinous way. I.e., we aren't talking about a hodgepodge of linux users here, who ought to have known the forked distro they installed would someday be abandoned. These are MILLIONS of people who paid for high-end Android phones, with the expectation they would be included in whatever roadmap Google had in store for all of these Android users.
Besides the decision of how to license Android to the manufacturers, Google also has other, behind-the-scenes contracts and partnerships with these licensees (such as the Play Store). A higher degree of authority could have been and ought to be exercised there as well.
Go on Ars technica and get a clue about actual implementation of SELinux in various Android versions. It's not as clear cut as you say BUD.
Also, SELinux doesn't stop it, merely make it harder for script kiddies to do it.
Since this thing remains open forever in hundreds of millions phones,
some with many other unpatched vulnerability, you can chain exploits (don't even need this bug in some older phones)
BTW, next time, stop shouting, ignorance isn't better when you do it!
Are you a user that wants a tightly controlled experience [user interface, security, battery life] between both hardware and software at the expense of customization/perhaps not having the latest hardware/simplified user interface?
OR
Are you a user that wants to customize your experience at the risk of things not working well, not getting updates, cluttered and busy interface, etc.?
You should research the potential issues of either of the above [i.e. will I get security updates. etc.] before you chose [i.e. getting a phone that will not be updated to the latest OS quickly] and base your purchase on your comfort level.
If you did not research then you should not be surprised if there are issues ...
And if you did research then you should be able to supply clear and rational responses to correct any misrepresentations/lies
Cookies are already a identity sieve and the only good cookie is a dead cookie ;-).