The iPhone versus Android battle has just taken a sudden twist as hackers attack smartphones.
  • prettybunnys@piefed.socialEnglish
    1321·
    3 days ago

    I spent quite some time in mobile security and I won’t use an Android device knowing what I know.

    I’d like to caveat that this is not an endorsement of Apple security but rather a “OH MY GOD NO” about Android “security”

    These downvotes brought to you by tech tribalism, read the thread

    People hate that iPhones have locked boot loaders and you can’t boot a custom rom. Defensive security experts love that at least for now a critical threat vector is nearly non-existent.

    • Possibly linux@lemmy.zipEnglish
      11·
      1 day ago

      I’m not sure why you think Android has security problems. In general it is very secure since it enforces least privilege everywhere.

      It does have security vulnerabilities but so does iOS and ever other piece of software

      • prettybunnys@piefed.socialEnglish
        11·
        1 day ago

        It does not actually enforce least privilege everywhere, its application of SELinux is … well it’s better than what targeted policy does, but it’s designed to be unobtrusive not protective. The issue isn’t Android itself, as a concept it’s not awful. The issue is the reality of being a security professional and attempting to secure the edge which in this case is the users and their devices.

        From a practical standpoint administering and protecting one device type on a fairly closed OS is significantly easier than one where the hardware landscape is so varied.

        If you look critically at what it appears this action (the article, and what I am responding to) is for it is because the USERS being exploited is the threat vector. Android devices have significantly more documented malware out in the wild AS WELL AS many documented and active boot exploits.

        My comments have nothing to do with what I like. This isn’t fanaticism. It’s practical reality.

        A nation state actor likely doesn’t care what device you use because they can get the data they want elsewhere, your device is just a beacon at that point for where.

    • givesomefucks@lemmy.worldEnglish
      163·
      3 days ago

      Literally the opposite…

      https://www.timesofisrael.com/israeli-tech-company-says-it-can-break-into-all-iphones-ever-made-some-androids/

      Israel doesn’t want the IDF able to hide/leak anything about the ongoing genocide, so they’re making everyone use the phone that they can spy on.

      Like, Israel says it’s for safety but they’ve been committing an open genocide for two years now, why they fuck is anyone taking their word?

      • favoredponcho@lemmy.zipEnglish
        44·
        3 days ago

        Do you have any credentials at all here or are you just gonna keep reposting a six year old article about Cellebrite and a long since patched vulnerability. If you knew anything about this space, you’d at least try to post the latest info on which phones Cellebrite can hack. As for iOS, here is what I can find…they cannot hack phones running the latest version: iPhone Cellebrite Hack.

        For Android phones, Pixels can be easily hacked, unless you’re running GrapheneOS: Pixel Vulnerabilities to Cellebrite Hacks. Non-Pixel Android phones are likely even more vulnerable given that few manufacturers even try as hard as Google to secure their phones and do as much to keep their phones on the latest Android version.

        As someone with a career in tech, I concur with the original commenter. On the whole, Android is not a secure OS unless you run Graphene OS. If you care about security, I would choose Graphene OS, iOS, and then everything else.

    • TrickDacy@lemmy.worldEnglish
      166·
      3 days ago

      I spent some time knowing about business practices and user-hostile design and I’ll never use an apple device. And I’ll definitely never give apple another penny, fucking fake assholes.

      I’d like to caveat that this is not a denial that google is horrible, their os is just the only reliable alternative to a Linux phone atm

      Edit: this dude seems really invested in apple. He went back through the thread and edited in weird stuff in several of his comments. I think their appeal to authority fallacy is pretty glaringly on display. Fair to bring up that you know what you’re saying and why, but beating someone over the head with it just makes you sound wrong and like you’re giving a flimsy excuse as to why you don’t have to prove anything.

      • prettybunnys@piefed.socialEnglish
        920·
        3 days ago

        I think you’re doing the tech tribalism thing here whereas I’m talking about actual device security.

        I get it’s popular to hate Apple. Cool. You’re cool for hating Apple.

        Anyone who is genuinely interested in mobile security ought to read some of the white papers or device analysis’ which are available to the public. Security conferences are your best avenue for finding information available to the public.

        Anyways, cool, hate Apple but for some reason give Google a pass.

        • TrickDacy@lemmy.worldEnglish
          104·
          3 days ago

          On the contrary. Someone posted evidence showing apple bullshit is not secure and yet here you are saying it’s a fact and that any denial of that would undoubtedly be rooted in some baseless fanboy shit. K.

          Ps I used to like apple until I realized that everything they claim to be is a lie. That and their entire business model is to prevent you from using your device any way besides ways that make them more money.

          • prettybunnys@piefed.socialEnglish
            58·
            3 days ago

            What evidence are you referring to?

            As far as I can tell my anecdote about my professional experience is the only context here besides the post.

            Your ps is irrelevant, I’m a security researcher and spent the last decade in this field, specifically mobile security. I’ll take my professional experience over the it’s cool to be a tech tribalist opinion.

            Disagree if you’d like, the device you use doesn’t matter to me at all.

            Edit popped the thread in a browser and saw the other comment. They were refuted there too. Fucking hell dude why are you beating this drum?

            • TrickDacy@lemmy.worldEnglish
              83·
              3 days ago

              You can pretend they didn’t post a link showing that an Israeli software company can unlock any iPhone. Pretend is all you can do though. Kind of telling that I explicitly said fuck Google but you still insist I’m tRiBaLiSt.

              And you claiming to be an expert couldn’t possibly mean less. I have no way of confirming that and honestly even if I did it wouldn’t mean you know everything.

              Enjoy your unsecure, unusable phone in a literal fascist ecosystem.

              • favoredponcho@lemmy.zipEnglish
                14·
                3 days ago

                The link is 6 years old and includes dated information about Cellebrite. You should at the very least post updated information about the latest mobile OS versions vulnerable to Cellebrite. Spoiler: Android is very vulnerable and I haven’t seen information that the latest iOS is.

              • prettybunnys@piefed.socialEnglish
                57·
                3 days ago

                I legitimately don’t see the link you’re referring to, I’m not pretending about anything.

                Maybe it’s not federating on my end, could you link it?

                Cellebrite struggles with iPhones, and some newer Android devices. Is it another company?

                You’re getting awfully vitriolic about this discussion, I’m not sure if you’re unfamiliar with the concept of tech tribalism but this is it basically to a T.

                Again, use whatever device you want. My experience informs my anecdote which has you so upset.

        • favoredponcho@lemmy.zipEnglish
          44·
          3 days ago

          Thanks for at least speaking the truth to these drones. I think there is a certain type of tech fanboy that doesn’t actually have any technical knowledge, but likes to spout off. They think because they are fans they know something about technology, but don’t know about the real details of security and how exploits work.

          They have difficulty accepting that actually iOS is more secure than almost every Android phone aside from GrapheneOS.

            • favoredponcho@lemmy.zipEnglish
              23·
              3 days ago

              Talk about something of substance or don’t talk. If you aren’t citing security research or up to date details from Cellebrite’s technical documentation, then you’re not contributing anything. And, citing 6 year old articles as if it means something shows me I am more knowledgeable than you. I do have a degree in computer science and have studied security exploits. What about you? You’re an Android fan boy?

    • Eheran@lemmy.worldEnglish
      51·
      3 days ago

      I don’t downvote you because I like one side or the other, I do it because of what you write: Hefty claims with zero substance behind.

      • prettybunnys@piefed.socialEnglish
        58·
        3 days ago

        Rather than speak from my expertise which will be refuted (the thread you’re commenting on has already gone this route), go look at what mobile research says.

        Graphene OS which is held up as the champion makes the same claims I do.

        Watch conference demos, look at cellebrited claims from 2026.

        I’m parroting what is known in the wider security community, it just doesn’t conform with what enthusiasts think.

        The reality of the situation is when it comes to a nation state level actor no device is safe. That’s baked into just about all the infrastructure your device uses.