| |||||||||||||
EFF: Don't Sacrifice Security on Mobile DevicesEFF: Don't Sacrifice Security on Mobile DevicesPosted Jan 23, 2011 20:56 UTC (Sun) by Aissen (subscriber, #59976)In reply to: EFF: Don't Sacrifice Security on Mobile Devices by drag Parent article: EFF: Don't Sacrifice Security on Mobile Devices
You are right, the users decide what's important for them. Once viruses and worms start stealing data, money and bricking or resetting their phones, they will decide (as well as the OEMs) that having latests security updates is important.
Or maybe they will decide that having an open phone with replaceable firmware is important (but that is a dream for now ).
(Log in to post comments)
EFF: Don't Sacrifice Security on Mobile Devices Posted Jan 23, 2011 21:18 UTC (Sun) by foom (subscriber, #14868) [Link]
1) If that happens, I suspect the news will instead be "Massive data-stealing/phone-bricking/money-stealing worm for Android phones!!", not "${all that} for phones from OEMs which ship massively outdated versions of Android! (which BTW is nearly all of them)". It seems like something Google should want to put some pressure (or give some assistance to) the OEMs in order to avoid having that news release actually happen...
2) How are users even supposed to know if there are any security holes in their phones that their OEMs haven't fixed if Google doesn't release advisories?
EFF: Don't Sacrifice Security on Mobile Devices Posted Jan 23, 2011 21:51 UTC (Sun) by Aissen (subscriber, #59976) [Link]
1) I agree. If Google can't give enough incentives or apply enough pressure, mainstream media will do it, the hard way. It's a scenario no one wants.
2) True, that's what I tried to say in my first comment above.
EFF: Don't Sacrifice Security on Mobile Devices Posted Jan 24, 2011 1:34 UTC (Mon) by drag (subscriber, #31333) [Link]
> You are right, the users decide what's important for them. Once viruses and worms start stealing data, money and bricking or resetting their phones, they will decide (as well as the OEMs) that having latests security updates is important.
Yes. That is about it. They decide how important something is to them then they give their money out accordingly. Manufacturers that do a decent job providing what the users actually want and need will probably do better then those that don't.
BTW. Android virus is found in the wild in China. Unlike the bank widget thing that happened in Android market that was entirely blown out of proportion (the one group that actually examined the software instead of just speculating dismissed the idea that he was using the software to steal bank information as fantasy with no evidence in the software) this is a actual virus infecting applications.
I didn't see much details, but from what I remember it was a virus attached to legit software. Found in third party repos (aka app markets).
> Or maybe they will decide that having an open phone with replaceable firmware is important (but that is a dream
for now
).
Possibly.
One of the big things that we have going for us is the desire to cut costs will probably lead to a standardized platform. This will raise the cost of the development of the hardware a bit and increase complexity, but per unit costs shouldn't be affected much and it will lower the cost of development and support. This should have the effect of dramatically lower the barrier for third party software to support phones.
Since now we have phones and hardware developed from the ground up to work specifically with Linux kernel in Android then we can hopefully avoid most of the 'What would Windows Do?' solutions to work around bugs in ACPI and such.
EFF: Don't Sacrifice Security on Mobile Devices Posted Jan 24, 2011 2:46 UTC (Mon) by drag (subscriber, #31333) [Link]
Here is some details:
Of course this does not come close to the level of really horrible crap that was a constant plague on Symbian and Windows mobile phones, especially in that area of the world. But it's just the beginning.
EFF: Don't Sacrifice Security on Mobile Devices Posted Jan 25, 2011 7:32 UTC (Tue) by cmccabe (guest, #60281) [Link]
I don't think stuff like that is really a technical problem. People make unwise decisions with their personal information all the time. Some people email their bank account numbers to Nigerian scammers. Some people post drunken pictures of themselves on Facebook. Technology can't stop that.
Unless you create an Apple-style lockdown on the platform, people are always going to be able to download trojan'ed applications from shady pirate sites and install them. Some people will also be unwise enough to give those shady applications full security capabilities.
|
|||||||||||||