SoylentNews

Android Security in 2016 is a Mess

posted by mrpg on Tuesday December 06 2016, @09:35PM   
from the and-wait-for-2017 dept.

"exec" writes:

Your phone probably contains banking, payment and personal information that can be remotely stolen via numerous known and unknown bugs in the Android software. This is attractive to criminals.

Vendors (LG, Samsung, Xiaomi, etc.), after selling you their phone, have no incentive to keep your phone's software up to date with Google's fixes. Your Android phone is probably out of date and therefore a gaping security hole through which attackers can steal your stuff from the safety of their own laptops.

In short, your phone could be hacked wide open from afar through a single innocent-looking email, MMS or web-page.

In the end the recommendations are: buy an Iphone, stick to Google phones or install a custom ROM.

Original URL: Android security in 2016 is a mess

-- submitted from IRC

---

Original Submission

• Re:My phone is six years old (Score: 2) by TheRaven on Wednesday December 07 2016, @10:59AM

  by TheRaven (270) on Wednesday December 07 2016, @10:59AM (#438281) Journal

  Even custom ROMs that work aren't always a solution. You're not paying Cyanogen (for example), so the phone only gets backports as long as someone cares enough to do it. It's really hard to back port a brand new Android release to an older handset, so after a couple of major releases you stop getting backports. Google doesn't back port security fixes to older Android versions because their aggressive refactoring policy means that they often can't tell when a security hole was introduced or even where the original code was in the codebase.

  --
  sudo mod me up

  Parent

  Starting Score:	1		point
  Karma-Bonus Modifier		+1
  Total Score:		2