What's more secure from a crypto perspective, an up to date Android phone or an iPhone? Or are they about the same at this point. Most comparisons between Android and iOS are done with out of sate Samsung devices which makes it pretty unclear.
What's more secure from a crypto perspective, an up to date Android phone or an iPhone...
Nicholas Campbell
Other urls found in this thread:
youtube.com
theregister.co.uk
cvedetails.com
arstechnica.com
source.android.com
twitter.com
Brayden Price
iPhone without a doubt
Elijah Wright
iPhone
Gavin Cruz
iPhone is prioprietary so it cannot be secure
on Android you can use dm-crypt like on any linux
Landon Johnson
Why iPhone? Apple forks over just as much meta data as Google does to the NSA
My pixel came pre encrypted, and without my fingerprint or PIN you can't get in my phone. Plus I use signal for SMS.
Elijah Walker
SMS is still wildly insecure no matter what application you use for it by default. At least iMessage provides some form of encryption for the messaging itself.
Connor Ross
Windows
Aaron Gomez
CopperheadOS > Pixel ROM = iOS > other Android ROMs
Noah Roberts
>iPhone
lmao
Ethan Morris
>Apple forks over just as much meta data as Google does to the NSA
When they can, since it's the law and they have to. The FBI case showed us that they fight for the privacy of their users, and given that it took a expensive as fuck zero day to crack an old ass, relatively insecure iPhone (compared to newer models) it also showed us that the basic security is pretty decent.
Obviously if someone really wants to get your shit, they will find a way but with Apple it's limited to state actors ... who can just as easy kidnap your ass if they did really care.
Carson Bennett
iPhone. it's not even close. Android is like a swiss cheese.
Benjamin Hughes
For all of you that are answering with the iPhone, has Android been improving at all? Or are these fundamental flaws in the OS structure?
Jonathan Ortiz
>For all of you that are answering with the iPhone, has Android been improving at all? Or are these fundamental flaws in the OS structure?
Fundamental flaws in how encryption is handled. Problem is that Google only controls the OS and doesn't control the hardware. Apple controls both so everything's heavily integrated.
That's why Android doesn't come with FS encryption enabled, for example. And that's why so many Android encryption schemes were defeated.
This talk explains:
Joseph Mitchell
To date iOS has had very close to 100 vulnerabilities and software backdoors have been found.
Android has had half that and no software backdoors have been found.
cvedetails.com
If you give a single fuck about security I highly recommend you stay away from iPhones at all costs. The latest vulnerability allows you to crash an iPhone via a very simple text message AGAIN.
Zachary Watson
Great resources, thank you!
Sebastian Gomez
*1000
Aiden Watson
See, I've heard a lot of this and it makes sense. But then I hear a lot of things about Qualcomm drivers, among other things, and it's conflicting.
Noah Diaz
It's a combination of fundamental flaws and the way Android is developed and distributed by companies. The fundamental flaws are illustrated by the fact that Android had more than three times as many vulnerabilities as iOS in 2016 (check cvedetails.com). That's just AOSP. OEM software departments are staffed by Pajeet-tier developers tasked with customizing AOSP and writing driver code under insanely tight development schedules, so they introduce their own vulnerabilities on top of AOSP (see Samsung's security bulletins for proof).
And after shipping buggy, unsafe code on launch day, they drag their heels with patches that fix those vulnerabilities. In most cases you aren't even guaranteed to get security updates once they launch the next hardware model.
Jayden Peterson
>That's why Android doesn't come with FS encryption enabled, for example
see
>My pixel came pre encrypted
especially given that the OP said an up to date Android phone
Isaac Lee
Most of these are simply annoying bugs and not shit that compromises the security though.
Chase Watson
If the Android phone properly uses dm-crypt like in Samsung's devices, then Android wins. Otherwise the iPhone wins.
Gavin Johnson
dm-crypt won't save you from Samsung's own driver vulns, which are abundant
Jeremiah Russell
Kinda on topic, let's laugh about the feds getting played by the Jews.
arstechnica.com
Jackson Hill
>iPhone is proprietary so it can't be secure
>Android isn't
Nice meme, pajeet
David Hughes
Has there been a case where dm verity was implemented correctly but was still bypassed?
Isaac Lopez
What you need to mainly understand is actually attacking the security of Android is actually very difficult. For most of the vulnerabilities found on Android you need to have the user download a malicious app outside the play store. So as long as you're not searching for free_games_hd_legit.apk on the internet compromising your security on android is very difficult.
Joshua Ward
This is interesting to see, but plays more into the weaknesses of using a passcode rather than iPhone software itself.
Adam Stewart
Right, well this is what makes researching this topic very difficult. Assuming the end user is an intelligent human being and has an up to date Android device, you'll get very different results from the average Samsung device user with no technical knowledge. I'm interested in the former case.
Nolan Stewart
Correct but combine a few of these and you have the real serious vulnerabilities hackers use.
When it comes to android vs ios on security ios flops hard since many of those "minor" vulnerabilities can be combined to deal serious damage to ios security. This is also true for android but less overall less likely.
Bentley Myers
not to my knowledge
Easton Thompson
Is there a reason that it's less likely? It's comments like this that make me pretty unsure of what people are saying throughout threads on related topics.
Grayson Cook
Because android is open source and finding serious vulnerabilities is much more efficient. iOS is a walled garden that only a select few can see the source code a find serious vulnerabilities.