![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
thewayneThis is mind-bogglingly bad. "Samsung shipped an estimated 100 million smartphones with botched encryption, including models ranging from the 2017 Galaxy S8 on up to last year’s Galaxy S21."
FOUR YEARS they blew it?! And Samsung was supposed to be the flagship of Droid phones?! There were two major flaws, one was fixed after it was revealed, then the second, dealing with initialization vectors, which was also there from the beginning, wasn't fixed until another paper was published.
Sorry, I'll happily stick with my lovely walled-garden iPhone. But to each their own. It may have its own issues, but I think their attitude to security is better than the Android paradigm.
As a commenter on Slashdot points out, "... Apple just issued a Security Update in September, 2021 that patches iOS 12, covering models clear back to lhe iPhone 5s." Instead, Google just obsoleted the Pixel 3, released three years ago.
'Build things fast and break shit' indeed. Great paradigm when you have your life's history in a device in your pocket. And it's not secure.
https://threatpost.com/samsung-shattered-encryption-on-100m-phones/178606/
https://mobile.slashdot.org/story/22/02/24/222207/samsung-shattered-encryption-on-100-million-phones#comments
FOUR YEARS they blew it?! And Samsung was supposed to be the flagship of Droid phones?! There were two major flaws, one was fixed after it was revealed, then the second, dealing with initialization vectors, which was also there from the beginning, wasn't fixed until another paper was published.
Sorry, I'll happily stick with my lovely walled-garden iPhone. But to each their own. It may have its own issues, but I think their attitude to security is better than the Android paradigm.
As a commenter on Slashdot points out, "... Apple just issued a Security Update in September, 2021 that patches iOS 12, covering models clear back to lhe iPhone 5s." Instead, Google just obsoleted the Pixel 3, released three years ago.
'Build things fast and break shit' indeed. Great paradigm when you have your life's history in a device in your pocket. And it's not secure.
https://threatpost.com/samsung-shattered-encryption-on-100m-phones/178606/
https://mobile.slashdot.org/story/22/02/24/222207/samsung-shattered-encryption-on-100-million-phones#comments
no subject
Date: 2022-02-27 10:13 pm (UTC)no subject
Date: 2022-02-28 05:09 am (UTC)Well, Samsung hardware runs Android software and is therefore built to Android design specs and customized within certain Google-specified parameters. Samsung, truly a mega-corp, certainly has the resources to do it right, and they failed. That's not encouraging for smaller smartphone operations. I was late getting into the iPhone ecosystem and had already bought into it with an iPod Touch, basically using it like a Palm Pilot. While the iPod functionality was very sweet, the Palm Pilot functionality was truly critical for me at the time. My first iPhone was a 4S, which was announced October 2011. I think it was the fifth generation of iPhone for Apple. Android was announced in '08, I have no idea how many generations of operating systems and phones they had at, let's say, early '12. Ignoring the fact that I already had an investment of sorts in the Apple line of devices, even at that point there were far too many reports of malware in the Android stores for my comfort, so I went with the iPhone and have stayed with them since. They're not immune to malware, but much lower counts. I will accept the 'freedom' discussions, but I'm perfectly content with the walled garden with people more skilled than I manning the walls and defending me. Sadly, the simple truth is that we cannot have perfectly secure devices. If you want a secure device, don't own one connected to everything. Get yourself an iPod Touch, turn off the WiFi and Bluetooth. It's now pretty darn secure from outside intercept. And not terribly useful. You can use a flip phone, but you can still be traced and your calls intercepted. Look at Donald Trump. Doesn't carry a phone at all, gets others to do it for him. Doesn't write letters, tells others what he wants others to do. Absolutely minimal paper trail. Of course, he's also the subject of multiple investigations because he's a scummy businessman and absolute moral shipwreck. But that's a different story.
no subject
Date: 2022-02-28 03:37 pm (UTC)no subject
Date: 2022-02-28 11:31 pm (UTC)Having read what you do with home automation/control, yeah, I can see where that would benefit you. I would like to see some openness in iOS, for example, to be able to do Python programming on my iPads. But that's not really critical to me, just something that I would like to do. A few years ago I broke a Droid tablet to try to do that, and it was just a hot mess: not friendly and not very stable, IIRC, and I got rid of it. It's probably better by now, but the experience left such a horrible taste in my mouth that I'd rather not repeat it. If I were serious about programming on a tablet, I'd just buy a Microsoft Surface tablet and take the easy way out of it. Much better developer toolkits available IMO.
no subject
Date: 2022-03-01 12:13 am (UTC)I'm still pretty firmly in the end user category of a lot of these things, using the talents and expertise of others to achieve what I want. I might occasionally understand what I'm doing, but probably not at the code level.
Something more like a PineTab, or rigging up a touchscreen-controlled SBC, or similar would be the ideal tablet to do development on.