What's more secure from a crypto perspective, an up to date Android phone or an iPhone? Or are they about the same at this point. Most comparisons between Android and iOS are done with out of sate Samsung devices which makes it pretty unclear.
What's more secure from a crypto perspective, an up to date Android phone or an iPhone...
Other urls found in this thread:
youtube.com
theregister.co.uk
cvedetails.com
arstechnica.com
source.android.com
twitter.com
iPhone without a doubt
iPhone
iPhone is prioprietary so it cannot be secure
on Android you can use dm-crypt like on any linux
Why iPhone? Apple forks over just as much meta data as Google does to the NSA
My pixel came pre encrypted, and without my fingerprint or PIN you can't get in my phone. Plus I use signal for SMS.
SMS is still wildly insecure no matter what application you use for it by default. At least iMessage provides some form of encryption for the messaging itself.
Windows
CopperheadOS > Pixel ROM = iOS > other Android ROMs
>iPhone
lmao
>Apple forks over just as much meta data as Google does to the NSA
When they can, since it's the law and they have to. The FBI case showed us that they fight for the privacy of their users, and given that it took a expensive as fuck zero day to crack an old ass, relatively insecure iPhone (compared to newer models) it also showed us that the basic security is pretty decent.
Obviously if someone really wants to get your shit, they will find a way but with Apple it's limited to state actors ... who can just as easy kidnap your ass if they did really care.
iPhone. it's not even close. Android is like a swiss cheese.
For all of you that are answering with the iPhone, has Android been improving at all? Or are these fundamental flaws in the OS structure?
>For all of you that are answering with the iPhone, has Android been improving at all? Or are these fundamental flaws in the OS structure?
Fundamental flaws in how encryption is handled. Problem is that Google only controls the OS and doesn't control the hardware. Apple controls both so everything's heavily integrated.
That's why Android doesn't come with FS encryption enabled, for example. And that's why so many Android encryption schemes were defeated.
This talk explains:
To date iOS has had very close to 100 vulnerabilities and software backdoors have been found.
Android has had half that and no software backdoors have been found.
cvedetails.com
If you give a single fuck about security I highly recommend you stay away from iPhones at all costs. The latest vulnerability allows you to crash an iPhone via a very simple text message AGAIN.
Great resources, thank you!
*1000
See, I've heard a lot of this and it makes sense. But then I hear a lot of things about Qualcomm drivers, among other things, and it's conflicting.
It's a combination of fundamental flaws and the way Android is developed and distributed by companies. The fundamental flaws are illustrated by the fact that Android had more than three times as many vulnerabilities as iOS in 2016 (check cvedetails.com). That's just AOSP. OEM software departments are staffed by Pajeet-tier developers tasked with customizing AOSP and writing driver code under insanely tight development schedules, so they introduce their own vulnerabilities on top of AOSP (see Samsung's security bulletins for proof).
And after shipping buggy, unsafe code on launch day, they drag their heels with patches that fix those vulnerabilities. In most cases you aren't even guaranteed to get security updates once they launch the next hardware model.
>That's why Android doesn't come with FS encryption enabled, for example
see
>My pixel came pre encrypted
especially given that the OP said an up to date Android phone
Most of these are simply annoying bugs and not shit that compromises the security though.
If the Android phone properly uses dm-crypt like in Samsung's devices, then Android wins. Otherwise the iPhone wins.
dm-crypt won't save you from Samsung's own driver vulns, which are abundant
Kinda on topic, let's laugh about the feds getting played by the Jews.
arstechnica.com
>iPhone is proprietary so it can't be secure
>Android isn't
Nice meme, pajeet
Has there been a case where dm verity was implemented correctly but was still bypassed?
What you need to mainly understand is actually attacking the security of Android is actually very difficult. For most of the vulnerabilities found on Android you need to have the user download a malicious app outside the play store. So as long as you're not searching for free_games_hd_legit.apk on the internet compromising your security on android is very difficult.
This is interesting to see, but plays more into the weaknesses of using a passcode rather than iPhone software itself.
Right, well this is what makes researching this topic very difficult. Assuming the end user is an intelligent human being and has an up to date Android device, you'll get very different results from the average Samsung device user with no technical knowledge. I'm interested in the former case.
Correct but combine a few of these and you have the real serious vulnerabilities hackers use.
When it comes to android vs ios on security ios flops hard since many of those "minor" vulnerabilities can be combined to deal serious damage to ios security. This is also true for android but less overall less likely.
not to my knowledge
Is there a reason that it's less likely? It's comments like this that make me pretty unsure of what people are saying throughout threads on related topics.
Because android is open source and finding serious vulnerabilities is much more efficient. iOS is a walled garden that only a select few can see the source code a find serious vulnerabilities.