Evidence? Where is it?
Posted Jan 23, 2011 14:09 UTC (Sun) by khim
In reply to: EFF: Don't Sacrifice Security on Mobile Devices
Parent article: EFF: Don't Sacrifice Security on Mobile Devices
This seems backwards given the history of modular Linux distro management. If the kernel is updated, send a kernel update. If the browser needs an update, send a browser update
Well, in my experience such modular updates need a lot of hand-holding. Kernel is updated and X server no longer starts (rememeber that all phones include proprietary 3D acceleration module), browser is update and help no longer works (because new security settings don't work with old JS library in help system), etc. For the non-geeks partial updates are huge disaster. What they need are delta-updates (to save bandwidth if it's OTA update) and it looks like recent phones (like Nexus S) support them.
I think there's much evidence that the 'service pack' model of security and bug fix management doesn't work well.
Do you have any statistic? Anecdote evidence looks mixed: iPhone uses 'service pack' model of security and it's broken again and again, but XBox360 is totally different story (take a look on the price of JTAGed consoles: they are 2x-3x vs original price which suggests scarcity).
to post comments)