You're right. Android's actually pretty new to the game when you think about when Windows released, Microsoft had it's years of crippling security holes and learned a lot from it. HP and Dell don't modify the Windows source or have any control over when updates reach the devices (thank God), but I'm sure if they did we would see a similar thing as we do on Android. Dell and HP neglecting their non-flagship, non-enterprise devices and not pushing out patches as frequently on them despite them having the same vulnerabilities.
I think Google has learnt a lot about security, and there's been a lot of improvements to the Android architecture that improve security. There are at least some patches, which is better than it was before. My work phone gets monthly security updates. But I think in the end what Google is going to have to do is force every manufacturer who chooses to install the Google apps on their device (like Play store, Gmail, Youtube, etc) is going to have to register for Android One and push out regular security updates.
In the end, Android is an open operating system and so Google can only control their offering of the product and downstreams, Sort of like RedHat and Linux.
I don't think anyone is paranoid about this, You'd have to go to some pretty gnarly sites to get smacked in the face with a zero-day undisclosed iOS exploit. Most of this stuff would be used for targeted purposes, and even then there would have to be some attack surface.
As long as you stay to clean websites, open reputable emails, and connect to secure wifi networks with your iPhone you'll be fine. Can't say how many iOS users will actually do that, but in the end it's Apple's problem to fix. Fingers crossed they act good about this and push out a huge security update and push it to all devices that run iOS 13 and not just the next supported devices.
Closed source does have security benefits (arguably), but even if they are closed source they should get multiple very in-depth security audits by independent security firms to make sure their software is patched as much as it can before it goes live.
Having bug bounties doesn't really take away your control from the ecosystem, if anything it puts you back in control, because instead of having hackers release exploits for your software, you are giving them a reason to disclose it to you so you can better secure your systems.
Apple just likes to keep everything as internal as possible, but with the way the world is headed, that's going to become borderline impossible while maintaining good security.
It's also very important they get their code reviewed by many independent security firms so they get a wide base of vulnerabilities.
That's true, Apple's always been very good with regulating Apps. And I would have to say I think malware on stock iOS is practically non-existent. Exploits are definitely there though, as they are on Android as well.
You bring up a good point though, what's more likely to impact a general end user? Some undisclosed remote code execution vulnerability or malicious apps in an app store you trust? I would say the latter.
At 2:26 GMT chang‘e 4 touched down. This is the first landing on the moon since 1972 (Apollo 17)
it will carry out a few geological and biological experiments and is a major milestone in space exploration for China.
I think this is great news and I can’t wait to see more space missions from china!
Not sure if anyone else have noticed or it’s just me but seems like YouTube adds are getting longer , ok maybe not much longer but instead off one add I’m getting two of them and more often can’t skip them. But one of them was waaaaaay over the limit (pic)
Bango reacted to Akolyte in "iOS Secuirty is fucked" -Zerodium Stops Accepting iOS Exploits Because of too Many Submissions
.png "Funny")
.png "Funny"){kind=small}