IOS despite being a lot more secure, firmware and software are still constantly updated. On the other hand, my android device has never got even an update since day one I bought it 3 years ago. Such an irony.
I swear that will be my last android.
IOS despite being a lot more secure, firmware and software are still constantly updated. On the other hand, my android device has never got even an update since day one I bought it 3 years ago. Such an irony.
I swear that will be my last android.
So has Apple fixed the Keychain vulnerability in OSX yet? Last I heard they basically said it was too hard.
It is turned on by default on Samsung flagship phones.
This constant 'holier than thou' shit from DED is both tiresome and stupid.
Actually, your links just prove the point of the article. Macs don't have a secure enclave since they use Intel CPUs. Thus, they are in the same position as Android and all other OS are. Software implementation that is prone to being exploited.
Yet, macOS, Linux, even Windows get regular software updates to close vulnerabilities. Not so with for most Android devices.
There are plenty of older Macs that can't be updated to Yosemite, so they will retain the existing security flaws. The article is crowing about there being Android devices that won't have vulnerabilities patched. I have an iPod Touch that can't be updated beyond iOS 6 - and so on.
No Mac with an Intel CPU is 'secure' as they all contain the Intel Management Engine - potentially the mother of all backdoors. Have you heard of DROPOUTJEEP?
This would be the third or fourth time DED has pushed this boat out. I would not be surprised if there were people in the NSA, at GCHQ, Mossad, etc, who just laugh.
The main problem with Android is allowing Network providers a say in it's content and distribution. They should curtail that practice ASAP. Android users who buy non-Chinese manufacturer made flagships are probably pretty secure. Those devices do get fairly regular security updates. The Android customers who are using anything else probably don't need much security anyway or don't care.
I notice DED left in that someone can unlock the bootloader to roll the software back so they can gain access to the vulnerability. He may not know that when you unlock the bootloader it wipes the device deleting anything that was on it.
I.E. you would have to give to the user before they start using the device and hope they ignore all the alerts to update their phone.
Since you are new here you will soon find out that DED does not write to be factual, he writes to put down companies and people that are not Apple. Leaving out facts and using halftruths is his usual method. Read the arstechnica article he sourced his first sentence from if you want a factual look at the issue at hand. Read the rest of the article if you want to see him quoting his previous articles and a nasty take on Google.
Where are all the idiots who claimed "encryption is encryption" when talking about Androids software based approach against Apples hardware based approach?
Seems they're not really equal at all. Surprise surprise.
Did someone(s) really say that? Even before we get to the benefits of HW encryption over SW encryption, there are fundamental differences that can make a world of different. I think an apt analogy that semi-technical users can grasp is the differences in HW v SW de/encoding of media, and then the various pros and cons in different codecs.
Actually it's one of the rallying cries of the idiots who think Android is open source. It goes something like this: "With thousands of developers from numerous companies all around the world constantly examining the source code for Android (because it's open, and anyone can view it), it becomes more secure because there are so many people looking for bugs and exploits. This is why Open Source software will always be more secure and have fewer bugs than other forms of software."
The other one Fandroids hate is hardware acceleration. They say it doesn't matter because "Once your data is encrypted, it's safe. It doesn't matter if it was encrypted in software or hardware." If you bring up the slower performance of software encryption they also say it doesn't matter because "Most users don't need the performance and won't notice it."
Fandroids just HATE the fact that Apple has had hardware encryption since way back in 2009 with the iPhone 3GS or the fact iPhones still have blazing fast storage performance WITH encryption enabled. So, as usual, they're always looking for ways to diminish the usefulness of hardware encryption (because they don't have it).
I don't know what's the point of this article… everybody knows there is not even a single android user with FDE turned on.
It is turned on by default on Samsung flagship phones.
This constant 'holier than thou' shit from DED is both tiresome and stupid.
Not nearly as tiresome or stupid as your pathetic attempts at trolling.
The vast majority of Android phones don't have FDE turned on. Only a small number of brand-new devices released in the last year would have it turned on, and they suffer a performance penalty because of it. In fact, even Google maintains that a device needs to have a minimum performance target of 50mb/s with encryption, before it can be turned on by default.
As usual, you're just upset that Apple is light years ahead of Android when it comes to security. Their encryption is better, it's hardware based, they have a Secure Enclave (which is superior to the TrustZone you see on Android devices) AND they provide regular updates (which Android is INCAPABLE of).
Bottom line: Android will NEVER be as secure as iOS.
So has Apple fixed the Keychain vulnerability in OSX yet? Last I heard they basically said it was too hard.
It is turned on by default on Samsung flagship phones.
This constant 'holier than thou' shit from DED is both tiresome and stupid.
The second post was fixed in 10.10.5
The first post was fixed the day after the post came out "Update: Late Friday afternoon, Apple officials released the following statement: "Earlier this week we implemented a server-side app security update that secures app data and blocks apps with sandbox configuration issues from the Mac App Store. We have additional fixes in progress and are working with the researchers to investigate the claims in their paper."
thanks for the info. good to see that troll put in his place on his constant efforts to stir up FUD.
I notice DED left in that someone can unlock the bootloader to roll the software back so they can gain access to the vulnerability. He may not know that when you unlock the bootloader it wipes the device deleting anything that was on it.
I.E. you would have to give to the user before they start using the device and hope they ignore all the alerts to update their phone.
Since you are new here you will soon find out that DED does not write to be factual, he writes to put down companies and people that are not Apple. Leaving out facts and using halftruths is his usual method. Read the arstechnica article he sourced his first sentence from if you want a factual look at the issue at hand. Read the rest of the article if you want to see him quoting his previous articles and a nasty take on Google.
since you are new here I'll respond that what you've said is nonsense.
Actually, your links just prove the point of the article. Macs don't have a secure enclave since they use Intel CPUs. Thus, they are in the same position as Android and all other OS are. Software implementation that is prone to being exploited.
Yet, macOS, Linux, even Windows get regular software updates to close vulnerabilities. Not so with for most Android devices.
There are plenty of older Macs that can't be updated to Yosemite, so they will retain the existing security flaws. The article is crowing about there being Android devices that won't have vulnerabilities patched. I have an iPod Touch that can't be updated beyond iOS 6 - and so on.
No Mac with an Intel CPU is 'secure' as they all contain the Intel Management Engine - potentially the mother of all backdoors. Have you heard of DROPOUTJEEP?
This would be the third or fourth time DED has pushed this boat out. I would not be surprised if there were people in the NSA, at GCHQ, Mossad, etc, who just laugh.
The main problem with Android is allowing Network providers a say in it's content and distribution. They should curtail that practice ASAP. Android users who buy non-Chinese manufacturer made flagships are probably pretty secure. Those devices do get fairly regular security updates. The Android customers who are using anything else probably don't need much security anyway or don't care.
Security is more of an ideal, than a reality.
Once again, you're scrambling far and wide to find something, anything to deflect attention away from some fundamental problems with Android that seem to be unfixable. Well, they are fixable; but instead of demanding that Google do something about this ridiculous situation that prevents fixes making it to the vast majority of customers, you just scream 'Well, what about Apple??'
Rayz2016 said: instead of demanding that Google do something about this ridiculous situation that prevents fixes making it to the vast majority of customers, you just scream 'Well, what about Apple??'
How is that helping?
Classic commie tactic. You see it everywhere when leftists have no refutation to something they’re presented.
So all I have to do is pay 4x what my device would be reasonably worth, get forced into Apples lousy ecosystem, and have to void my warranty to do anything worthwhile with my own device to get this benefit?
No thanks, if I value security that highly I'll go buy a Blackberry, be far more secure, while paying a reasonable price.
So you're a a dumb Apple hater. So if you cared about security you would go to BlackBerry, yet they have handed out their keys to a number of countries, so really not that secure. They also own their own app store and control everything just like Apple does. So your dumb hate makes you have piss poor security.
IOS despite being a lot more secure, firmware and software are still constantly updated. On the other hand, my android device has never got even an update since day one I bought it 3 years ago. Such an irony.
I swear that will be my last android.
Google releases security updates every month for Android, they just have a huge update a couple months ago. The problem is so few Android users see any of them!!!. Doing app updates which is one way Google is trying to push updates to all Android users only fixes app issues, it doesn't fix anything with the main Android OS. It really is pretty much a joke. It's one of the top 5 reasons why I won't buy a Android phone.
I notice DED left in that someone can unlock the bootloader to roll the software back so they can gain access to the vulnerability. He may not know that when you unlock the bootloader it wipes the device deleting anything that was on it.
I.E. you would have to give to the user before they start using the device and hope they ignore all the alerts to update their phone.
I realize you are trying to disparage me, but the comments that were "left in" as you say, actually originated with the researcher who discovered the core flaws in Google's implementation of FDE.
He concluded, "I hope that by shedding light on the subject, this research will motivate OEMs and Google to come together and think of a more robust solution for FDE."
If you have some beef with the research, you should expose your theories to the experts who are in agreement of the problem, not try to fling your poop at the messenger bringing you news of Google's incompetence. That just makes you look ridiculous.
Rayz2016 said: instead of demanding that Google do something about this ridiculous situation that prevents fixes making it to the vast majority of customers, you just scream 'Well, what about Apple??'
How is that helping?
Classic commie tactic. You see it everywhere when leftists have no refutation to something they’re presented.
Jesus STFU with your biopic worldview nonsense; as if only those voting differently than you do exhibit classic logic fallacies. since you're seemingly a conservative we can attest to this not being true.
1. What does this mean (did you mean myopic)? 2. What does it have to do with anything?
as if only those voting differently than you do exhibit classic logic fallacies.
1. Nowhere has this been said. 2. Of course fallacies are committed by both sides. To say otherwise would be nonsensical. Liberals, however, predicate their entire worldview on fallacy. The worldview cannot exist without it.
since you're seemingly a conservative we can attest to this not being true.
I had to rewrite this post due to a site problem, but I’m pretty sure I also didn’t know what you were talking about here, so I’m just laughing (and telling the truth).
I notice DED left in that someone can unlock the bootloader to roll the software back so they can gain access to the vulnerability. He may not know that when you unlock the bootloader it wipes the device deleting anything that was on it.
I.E. you would have to give to the user before they start using the device and hope they ignore all the alerts to update their phone.
I realize you are trying to disparage me, but the comments that were "left in" as you say, actually originated with the researcher who discovered the core flaws in Google's implementation of FDE.
He concluded, "I hope that by shedding light on the subject, this research will motivate OEMs and Google to come together and think of a more robust solution for FDE."
If you have some beef with the research, you should expose your theories to the experts who are in agreement of the problem, not try to fling your poop at the messenger bringing you news of Google's incompetence. That just makes you look ridiculous.
The critism of the bootloader is not a security hole the average user has to worry about. I have a much more important question for you. Why do you care so much?
You seem to have an extreme hatred of Google, Android and Samsung. The reason I ask is because you seek to wish failure on those said entities. For example I purchased a PlayStation 4 but I don't hate Microsoft with a passion. I see no reason both Sony fanboys and Microsoft fanboys can't both enjoy our ecosystems. I gain nothing of Microsoft stops making games. I actually think I lose more if they stop making the Xbox. Please if you can please provide an answer I am curious along with I am sure many of your readers.
Apple does a much better job of securing iOS probably because its the lifesblood of Apple and accounts for over 50% of profits, and demands a big premium for all new devices. Android is just another feeder for Google search and ads, and most of the control and profits from Android devices goes to Asian phone makers with low margins, who mostly care even less than Google about security. Its comparing apples and oranges. Google has shown little ability to get them to even update devices with patches, much less harden the hardware like Apple has done with secure enclave. You won't get a Mercedes experience by driving a Kia either. Life is full of hard realities.
Did someone(s) really say that? Even before we get to the benefits of HW encryption over SW encryption, there are fundamental differences that can make a world of different. I think an apt analogy that semi-technical users can grasp is the differences in HW v SW de/encoding of media, and then the various pros and cons in different codecs.
Actually it's one of the rallying cries of the idiots who think Android is open source. It goes something like this: "With thousands of developers from numerous companies all around the world constantly examining the source code for Android (because it's open, and anyone can view it), it becomes more secure because there are so many people looking for bugs and exploits. This is why Open Source software will always be more secure and have fewer bugs than other forms of software."
The other one Fandroids hate is hardware acceleration. They say it doesn't matter because "Once your data is encrypted, it's safe. It doesn't matter if it was encrypted in software or hardware." If you bring up the slower performance of software encryption they also say it doesn't matter because "Most users don't need the performance and won't notice it."
Fandroids just HATE the fact that Apple has had hardware encryption since way back in 2009 with the iPhone 3GS or the fact iPhones still have blazing fast storage performance WITH encryption enabled. So, as usual, they're always looking for ways to diminish the usefulness of hardware encryption (because they don't have it).
Not nearly as tiresome or stupid as your pathetic attempts at trolling.
The vast majority of Android phones don't have FDE turned on. Only a small number of brand-new devices released in the last year would have it turned on, and they suffer a performance penalty because of it. In fact, even Google maintains that a device needs to have a minimum performance target of 50mb/s with encryption, before it can be turned on by default.
As usual, you're just upset that Apple is light years ahead of Android when it comes to security. Their encryption is better, it's hardware based, they have a Secure Enclave (which is superior to the TrustZone you see on Android devices) AND they provide regular updates (which Android is INCAPABLE of).
Bottom line: Android will NEVER be as secure as iOS.
Apple is way ahead of Google for mobile device security and privacy, but its failed to keep Macs on the cutting edge and has apparently abandoned much of the Mac platform. There is no secure enclave equivalent in the Mac. Apple can recover your lost Mac password with no problem. The languishing Mac lineup, with the possible exception of the iMac, is Cook's greatest failure at Apple.
Comments
No Mac with an Intel CPU is 'secure' as they all contain the Intel Management Engine - potentially the mother of all backdoors. Have you heard of DROPOUTJEEP?
This would be the third or fourth time DED has pushed this boat out. I would not be surprised if there were people in the NSA, at GCHQ, Mossad, etc, who just laugh.
The main problem with Android is allowing Network providers a say in it's content and distribution. They should curtail that practice ASAP. Android users who buy non-Chinese manufacturer made flagships are probably pretty secure. Those devices do get fairly regular security updates. The Android customers who are using anything else probably don't need much security anyway or don't care.
Security is more of an ideal, than a reality.
Actually it's one of the rallying cries of the idiots who think Android is open source. It goes something like this: "With thousands of developers from numerous companies all around the world constantly examining the source code for Android (because it's open, and anyone can view it), it becomes more secure because there are so many people looking for bugs and exploits. This is why Open Source software will always be more secure and have fewer bugs than other forms of software."
The other one Fandroids hate is hardware acceleration. They say it doesn't matter because "Once your data is encrypted, it's safe. It doesn't matter if it was encrypted in software or hardware." If you bring up the slower performance of software encryption they also say it doesn't matter because "Most users don't need the performance and won't notice it."
Fandroids just HATE the fact that Apple has had hardware encryption since way back in 2009 with the iPhone 3GS or the fact iPhones still have blazing fast storage performance WITH encryption enabled. So, as usual, they're always looking for ways to diminish the usefulness of hardware encryption (because they don't have it).
Not nearly as tiresome or stupid as your pathetic attempts at trolling.
The vast majority of Android phones don't have FDE turned on. Only a small number of brand-new devices released in the last year would have it turned on, and they suffer a performance penalty because of it. In fact, even Google maintains that a device needs to have a minimum performance target of 50mb/s with encryption, before it can be turned on by default.
As usual, you're just upset that Apple is light years ahead of Android when it comes to security. Their encryption is better, it's hardware based, they have a Secure Enclave (which is superior to the TrustZone you see on Android devices) AND they provide regular updates (which Android is INCAPABLE of).
Bottom line: Android will NEVER be as secure as iOS.
How is that helping?
I realize you are trying to disparage me, but the comments that were "left in" as you say, actually originated with the researcher who discovered the core flaws in Google's implementation of FDE.
He concluded, "I hope that by shedding light on the subject, this research will motivate OEMs and Google to come together and think of a more robust solution for FDE."
If you have some beef with the research, you should expose your theories to the experts who are in agreement of the problem, not try to fling your poop at the messenger bringing you news of Google's incompetence. That just makes you look ridiculous.
2. What does it have to do with anything?
1. Nowhere has this been said.
2. Of course fallacies are committed by both sides. To say otherwise would be nonsensical. Liberals, however, predicate their entire worldview on fallacy. The worldview cannot exist without it.
I had to rewrite this post due to a site problem, but I’m pretty sure I also didn’t know what you were talking about here, so I’m just laughing (and telling the truth).
You seem to have an extreme hatred of Google, Android and Samsung. The reason I ask is because you seek to wish failure on those said entities. For example I purchased a PlayStation 4 but I don't hate Microsoft with a passion. I see no reason both Sony fanboys and Microsoft fanboys can't both enjoy our ecosystems. I gain nothing of Microsoft stops making games. I actually think I lose more if they stop making the Xbox. Please if you can please provide an answer I am curious along with I am sure many of your readers.