Posted November 26, 2018 Whoops! I am sure that this won't happen often and humans are clearly not clever creatures capable of cheating the Google algorithms to promote malicious content (Which is pretty much the basis upon which Youtube has been built today) ------- Current Rig ------- Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted November 26, 2018 Wish folks would stop equivocating by trying to claim the iOS App Store is just as insecure as Google Play. I'm sorry, but it's just not. The issue, and it persists to this day, is that Google both has looser restrictions on what's allowed and has a more automated, laissez-faire approach to screening than Apple. Yes, it's possible for malware to slip into the App Store, but it's much less likely because of both iOS' tighter limits (like them or not, they have a positive effect on security) and because humans approve the apps before they become available. This doesn't mean that Google should necessarily follow Apple, but it should be smarter about the approach it does take. It has to stop assuming that automation solves everything and that it can somehow eliminate all major malware outbreaks if it can just write a better algorithm. Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted November 26, 2018 I feel bad but when I read this headline I just started laughing. This feels like a move Microsoft would support I'm sure, anyone say October Update? Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted November 27, 2018 3 hours ago, James Evens said: Android has premssions and devices which have not seen a update in years. Not secure at all. What's your point? The claim was that Android wasn't sandboxed. It is. What you're saying does not refute that. Having permissions is how things should be so why would permissions make it less secure? Devices without updates is a device specific problem and not inherent to Android so how does that make Android less secure? Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted November 27, 2018 33 minutes ago, Trixanity said: Devices without updates is a device specific problem and not inherent to Android so how does that make Android less secure? I'd disagree that this is a device-specific problem. To some extent, it is inherent to Android. Security updates shouldn't be optional, but Google has treated them that way until very recently, when it started requiring a minimum number of updates for popular devices over the space of two years. Think about it: companies could go months between security updates, or even skip them entirely, and leave you vulnerable simply because they didn't feel like implementing a patch. That's a terrible policy, and you know it. The ideal would be Apple's approach, where every compatible device gets every security update almost immediately, but Google isn't there yet. There's also how long Google decides to support Android. The three-year window for security updates is an improvement over how it used to be, but that's as far as it goes. This still increases the chances that someone will have an active device with unpatched security flaws, especially since some vendors will sell brand new devices using outdated versions of Android. (Lenovo has been selling brand new tablets with Nougat on them, for example). Shouldn't the update period extend to four or five years, like Apple does, to make sure that very few in-use devices are vulnerable? Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted November 27, 2018 On 11/26/2018 at 11:19 PM, RejZoR said: So, "Play Protect" doesn't seem to do anything apparently... Use a proper antivirus. They are not CPU or battery intensive anyway. https://www.av-comparatives.org/tests/mobile-security-review-2018/ https://www.av-test.org/en/antivirus/mobile-devices/android/september-2018/google-play-protect-11.4-183611/ There is more that meets the eye I see the soul that is inside Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted November 27, 2018 i want windows phone back......... Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted November 27, 2018 2 hours ago, James Evens said: A sandbox where you could just straight up ask to leave it and everybody say yes (permissions) or straight up don't need to ask and just use one of the thousand of security vulnerabilities make the sandbox a joke. It is android specific. Other OS manage to get the update out to the devices. With android you might get one or two major updates and security patches are still not standard. The problem is that manufactures have to roll out the updates and they might need for the suppliers to update there software. I have not heard of any permission or API to leave the sandbox nor have I heard of any user prompt to do so as you suggest. Unless you mean standard user permissions which require user interaction to access specific functions or data on the phone in which case: really? Giving permission to retrieve one thing is not the same as breaking the sandbox eg location permission does not give access to make phone calls or to interact with data in another app (which is why autofill required some funky workarounds to work prior to Oreo). As for any vulnerabilities: that goes for any piece of software, doesn't it? If there are any they can be exploited. Either way: some sources needed on that. It's Android specific in the sense device manufacturers using the OS but not specific to the OS itself. So if you want to use that terminology you should qualify your statement. In other words it's a cultural or a policy issue, not an OS issue as you implied. Major OS updates and security updates are not the same. Many devices receive regular security updates. Solution: buy a device that receives updates. 2 hours ago, Commodus said: I'd disagree that this is a device-specific problem. To some extent, it is inherent to Android. Security updates shouldn't be optional, but Google has treated them that way until very recently, when it started requiring a minimum number of updates for popular devices over the space of two years. Think about it: companies could go months between security updates, or even skip them entirely, and leave you vulnerable simply because they didn't feel like implementing a patch. That's a terrible policy, and you know it. The ideal would be Apple's approach, where every compatible device gets every security update almost immediately, but Google isn't there yet. There's also how long Google decides to support Android. The three-year window for security updates is an improvement over how it used to be, but that's as far as it goes. This still increases the chances that someone will have an active device with unpatched security flaws, especially since some vendors will sell brand new devices using outdated versions of Android. (Lenovo has been selling brand new tablets with Nougat on them, for example). Shouldn't the update period extend to four or five years, like Apple does, to make sure that very few in-use devices are vulnerable? There are problems with the update model on Android and it's clear that the OS design had some major flaws in its foundation that are hard to fix but that doesn't mean that's it's not entirely the fault of the device manufacturer. It's only inherent in the sense that manufacturers avoid their responsibility to their customers and that Google's policies and enforcement of them aren't strict enough. Essentially the complaint is that Google aren't locking it down enough which would be against the wishes of its partners. Locking it down would mean reduced ability to modify Android which many manufacturers take advantage of. Ideally Google shouldn't have to police the ecosystem when it's no longer their product (to a certain extent). Ideally the support window would be 10 years. Ideally there would be timely monthly updates and timely feature updates. One of the problems with security updates are hardware vendors not patching vulnerabilities and making them available (likewise not releasing new BSPs for feature updates). Similarly another issue on both fronts was Linux kernel support being only two years before it was discontinued. Google took it upon themselves to extend that window to six years. It takes time to test and validate a new kernel version so sticking to one and patching it helps that. Don't know why Google haven't increased their update window accordingly unless it's hardware vendors making it impossible. I'm quite sure you only have a window of like six months to release a device when a new Android version is launched before certification fails. Certainly not more than a year. While vendors know Google's schedule, it takes time to bring a product to market and delaying to validate a new feature update could be costly. It's difficult to compare Android to iOS or even Windows. Very different ecosystems. Apple has to support devices made entirely in-house and quite deep vertical integration and otherwise very controlling of their partners. They have like 30 devices and many with a shared platform to update. You have thousands of Android devices from many different vendors with many different platforms with many different modifications to core systems. I don't think I need to say much more on the topic. It's a lot more complex than people think. It was a business decision to make it so open. Both consumers and developers are paying for that today. However it's a double edged sword. The very same are arguing that they like for device manufacturers to modify the OS. Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted November 28, 2018 25 minutes ago, Trixanity said: There are problems with the update model on Android and it's clear that the OS design had some major flaws in its foundation that are hard to fix but that doesn't mean that's it's not entirely the fault of the device manufacturer. It's only inherent in the sense that manufacturers avoid their responsibility to their customers and that Google's policies and enforcement of them aren't strict enough. Essentially the complaint is that Google aren't locking it down enough which would be against the wishes of its partners. Locking it down would mean reduced ability to modify Android which many manufacturers take advantage of. Ideally Google shouldn't have to police the ecosystem when it's no longer their product (to a certain extent). Ideally the support window would be 10 years. Ideally there would be timely monthly updates and timely feature updates. One of the problems with security updates are hardware vendors not patching vulnerabilities and making them available (likewise not releasing new BSPs for feature updates). Similarly another issue on both fronts was Linux kernel support being only two years before it was discontinued. Google took it upon themselves to extend that window to six years. It takes time to test and validate a new kernel version so sticking to one and patching it helps that. Don't know why Google haven't increased their update window accordingly unless it's hardware vendors making it impossible. I'm quite sure you only have a window of like six months to release a device when a new Android version is launched before certification fails. Certainly not more than a year. While vendors know Google's schedule, it takes time to bring a product to market and delaying to validate a new feature update could be costly. It's difficult to compare Android to iOS or even Windows. Very different ecosystems. Apple has to support devices made entirely in-house and quite deep vertical integration and otherwise very controlling of their partners. They have like 30 devices and many with a shared platform to update. You have thousands of Android devices from many different vendors with many different platforms with many different modifications to core systems. I don't think I need to say much more on the topic. It's a lot more complex than people think. It was a business decision to make it so open. Both consumers and developers are paying for that today. However it's a double edged sword. The very same are arguing that they like for device manufacturers to modify the OS. Your opening paragraph really illustrates my point -- you say it's solely the Android vendors' fault, but promptly cite "major flaws" in Android's roots and point out that Google decided against locking things down. Those are both choices Google made. So yes, Google does play a role in this; it's just a question of how easy it is for Google to correct things. Besides, think about it: Google may let companies customize Android, but in the end it's still Google's operating system, and vendors are still held to certain requirements if they want to use the platform. If it cares about security, it should put its foot down even if it inconveniences partners. If there were a Blaster-style malware epidemic that affected Android phones, the blame wouldn't just go to Samsung, or LG, or Sony, it'd go to Google as well. Android doesn't compare directly to iOS, but that doesn't mean there aren't better ideas on one side or the other. And let's face it, iOS has the unquestionably better security model. It's a matter of whether or not Google can emulate enough of that model to make a difference, and without causing too much pain for OEMs... though frankly, I think they've been slacking. Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted November 28, 2018 Is this Malware that Google knowingly put on by themselves, or other business. I wouldnt be suprised one bit, knowing the Google business model of selling every little piece of info they can get their hands on, whether it be from your searches, whatever is in your email, in your cloud. Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted November 28, 2018 I still dont understand why they make android ecosystem garbage and dont vet the apps, you pay freaking 30%of income to them. Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted November 28, 2018 Stop playing mobile games along time ago. I have been using same set of apps for along time. Magical Pineapples