Stories
Slash Boxes
Comments

SoylentNews is people

Android Security in 2016 is a Mess

posted by mrpg on Tuesday December 06 2016, @09:35PM   Printer-friendly
from the and-wait-for-2017 dept.

"exec" writes:

Your phone probably contains banking, payment and personal information that can be remotely stolen via numerous known and unknown bugs in the Android software. This is attractive to criminals.

Vendors (LG, Samsung, Xiaomi, etc.), after selling you their phone, have no incentive to keep your phone's software up to date with Google's fixes. Your Android phone is probably out of date and therefore a gaping security hole through which attackers can steal your stuff from the safety of their own laptops.

In short, your phone could be hacked wide open from afar through a single innocent-looking email, MMS or web-page.

In the end the recommendations are: buy an Iphone, stick to Google phones or install a custom ROM.

Original URL: Android security in 2016 is a mess

-- submitted from IRC

Original Submission

 
This discussion has been archived. No new comments can be posted.
Android Security in 2016 is a Mess | Log In/Create an Account | Top | 46 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by q.kontinuum on Wednesday December 07 2016, @12:38PM

    by q.kontinuum (532) on Wednesday December 07 2016, @12:38PM (#438301) Journal

    The candy-bars usually don't have GPS (for a certain value of "usually"...). And even if it does, it is much less likely to be hacked by someone, especially since thy usually don't have an app-store.

    Your dialling-history and cell-tower-history will be captured by your network-provider, but at least in Germany for them some stricter laws applied on how the data could be used. If your main-concern is those three-letter-agencies, this data is probably not hidden to them.

    But for me it is a difference if a shady data broker gets the information, which areas of town I frequent, or if it is a government-organization that at least needs to act as if it doesn't use that kind of data too casually. For a commercial company it could be highly profitable (and therefore costly for you) to know where you spend your time, and whom you spend your time with.

    E.g. a health-insurance-company might want to know if you spend your lunch-time in Burger-King or rather in the Gym. Or if you frequent areas known to be frequented by hookers. Or gay-clubs. Your insurance-rates might factor in some imagined health-risk for that. Or lawyers might analyse your address-book, reconstruct your social graph and contact your wife with some interesting deals for a lucrative divorce.

    I'm not doing online-banking with my phone, either, and avoid WhatsApp, Facebook app and similar crap. However, I do use HERE navigation software, Signal (as a replacement for SMS) and the browser (although I wouldn't browse any delicate content from that browser).

    --
    Registered IRC nick on chat.soylentnews.org: qkontinuum
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 2) by HiThere on Wednesday December 07 2016, @07:17PM

    by HiThere (866) Subscriber Badge on Wednesday December 07 2016, @07:17PM (#438472) Journal

    IIUC, the phones are legally required to have a GPS, but not to make it available to the end-user. So making it available can be an extra cost option. (OTOH, my phone is old enough to pre-date that law...but it's JUST a phone.)

    --
    Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.