- 08-02-2013, 07:32 AM #1
So, I am not a member of the tinfoil hat society, by any means. That being said, this is scary. I know this is not really new information.
For instance, one ex-official said that the bureau's analysts (shown above) can routinely turn on the microphones in laptops and Android devices to record conversations without a person's knowledge.
Open source code has it's merits, but has it's drawbacks, too. I am not saying a determined hacker can't find exploits in code that isn't open source, but when it is open, it has to be that much easier. Apple and MS, please keep your source in the safe. Thx.
Last edited by ParoleGA; 08-02-2013 at 11:33 AM.
- 08-02-2013, 07:50 AM #2
I hear ya. As much as I like my Nexus 7, I never, ever! Do any banking or any activities that would include entering either my credit card, SSN or any sensitive information on it. I save that for my desktop at home or my WP8.
- 08-04-2013, 07:03 PM #7
08-06-2013, 12:45 PM #8
- 993 Posts
I have to take issue with people saying that open source = less secure. In fact, you can find a lot of developers out there that would argue that open source = more secure. In my opinion, neither option (open vs closed) is inherently more secure than the other. It's all about the individual piece of software. Projects that are continuously maintained with a focus on security are more secure than those that are not.
On a broader level, open source projects generally have more sets of eyeballs looking for security vulnerabilities. Some of these may be malicious, but they're offset by the larger amount of people looking to fix vulnerabilites. On the flip side, closed source projects generally have a smaller team maintaining the code. While this may mean that more vulnerabilities go completely undiscovered, it also increases the likelihood that a vulnerability already discovered by the black hats stays unpatched.
- 08-06-2013, 01:04 PM #9
OP and everyone else has it completely wrong.
So we have Windows, generally acknowledged as the worst OS in terms of security. It is closed-source.
We also have UNIX/Linux, completely open source. These are used in all sorts of mission-critical enterprise deployments all over the world. Open source, currently far more secure than Windows.
We have Mac OS, which is really a POSIX-compliant UNIX system with a proprietary user interface and added features. Everyone will acknowledge that OSX is for now at least, more secure.
Any security engineer will tell you this: No system is safe. There is no such thing as a secure computer. Windows and Android are just that much more popular and have more people targeting those systems.
Finally, please see the pwn2own and pwnium results for 2013. Everything was broken; a Surface Pro included. In fact, the only system that was not cracked was Google ChromeOS (Chrome itself was compromised, however). And Chrome OS is again, an open source project.
08-06-2013, 01:20 PM #10
- 3 Posts
the point to note is that the Hacker is interested in affecting more systems, not small number. So the prime focus is on the Popularity of the OS. Windows is one of the most used operating system by Naive users, who are vulnerable. where as the Android is the Mobile OS that has the higher Circulation. so more attacks can be expected there than the Windows Phone.
I am not an expert, still think system works like this.
- 08-06-2013, 01:40 PM #11
My point was really about phone OSes, while most of your comments were about PC, but points taken; nothing is secure. That being said, there is nothing you can say to make me believe that an open source code OS, with huge popularity (Android), is more secure than iOS (also hugely popular), or WP8 (relative deployment makes it far less targeted), when it comes to remote attacks. But to your direct points...
1. Also the most used OS, by the least tech savvy users base, making it a prime target for exploit by determined hackers.
2. Probably true, but it's enterprise use still doesn't approach Windows. Lower user base, and a more tech savvy one, at that, makes it a far less opportune target.
3. Certainly true. Personally, I think that is because of it's relative deployment AND it's closed source nature.
4. Chrome OS....really? There would be no money, and little data to be had breaking an OS with such a low user base.
I guess the point is, yes, everything can be broken. The more used the OS, the more valuable the target. And nothing you said makes me believe that an open source code base isn't easier to exploit than a closed source.
- 08-07-2013, 12:35 PM #12
There is no doubt as far as OS's go, WP is the safest behind only BlackBerry due to it's closed source, controlled system and smaller user base. It is not as easy of a target, nor as profitable. Android is the complete opposite. That being said, I am surprised Google has done as good of a job as they have as far as damage control with security.
It does make me want to see BB10 succeed. They are still the only one determined to keep your system safe. They deserve a nod and some credit for that.
- 08-07-2013, 02:00 PM #15
A well maintained closed source can be as well. I get security patches weekly on Windows. The problem with Android is, once the issue is found, Google can not simply patch it. They need to send an update through many companies first, for approval and modification.
If I would ever use Android again, it would be Vanilla Android. But I won't. I see little effort, even from Google, to quickly patch vulnerabilities.
- 08-12-2013, 12:41 PM #16
Re security patches, do I with Windows 7 which to me indicates what a crappy job they did with developing the damn thing in the first place... though to be fair most updates are apparently just Defender database updates and Safe Browsing list updates.
About the patching again, I believe the process is the same with WP - carriers have a say in what goes out (see Data Sense, also Verizon breaking group messaging). Google has always been on the ball about fixing truly broken things, which is why I carry a Nexus 4 - gets updates just as soon as they are released.
- 08-12-2013, 02:41 PM #18
Not much else new in your post. I get it; a lot of people prefer open source for many reasons. I am not one of those people. We won't argue our way to an answer in this thread. The argument is as old and older than Linux. I was simply sharing an article, and my feelings on leaving Android. They still stand.
- 08-13-2013, 02:03 PM #20
But again, this thread had nothing to do with desktop OSes. It was simply about how the FBI was hiring hackers to gain remote access to Android devices (the article actually mentioned PCs, as well), and was able to turn on their mics and record audio. I also assume hackers could do this without the FBI, albeit illegally, if they had something to gain from it.
- 08-14-2013, 03:02 AM #21
I've had to replace my debit card twice this year. Once was cause of a local grocery store getting hacked, but the other one was weird. Makes me kind of cautious to keep doing my money online
Sent from something UhMEHZing using Tapatalk
- 08-26-2013, 09:14 PM #23
Actually if you know anything about android, you'll know that only about 80% of its total code is actually a part of aosp. All of the proprietary Google functions and apps are not. Any Google apps have to be side loaded through a gapps zip on all Google unapproved Roms. That would be any that don't come from Google or a manufacturer.
I should also add that malware can't actually damage a phone, unless it has root access. Which the majority of android users don't even know exist, only ~15% of all android users even know about it and even less are actually rooted. Thanks to Microsoft and Apple being overly zealous in their attempts to downgrade Linux, the uneducated public are afraid to try it, as they have given it the bad stigma of being "unreliable and unstable". Even if they have tried Linux, the average user doesn't know anything about the su program and doesn't need to access it
Now then, I will go back to my point, android, Linux and Mac os are inherently more secure than windows. Hence all of the band aids Microsoft has to release for it on a monthly basis. Microsoft makes it far to easy to access and modify the system partition.
Hence this command in cmd which will hose your system. "del C:/*.*" Notice the simplicity involved with that statement. Any hacker could include this in a batch file or program, and the average user wouldn't even know. Unlike Linux/Unix filesystem's where you need to type "rm -r" just to be able to delete into the file structure. It also requires root access, and to get that you need to know the root/administrator password. And even if they do, rm still asks the user if they are sure they want to issue the command (as it deletes recursively). Whereas the equivalent does command I entered earlier has no check to keep the user from accidentally entering it, once you do it starts deleting.
Sorry for the lengthy response, but I hate seeing posts that claim that windows is the most secure os in the universe. If you don't believe me try entering that command into cmd yourself. Its a very simple command and doesn't really require any technical knowledge at all to do, just basic cmd knowledge that every user should know any way.
Sent from the stars...
- 08-26-2013, 11:00 PM #24
Sure, just tell me how to bring up the command prompt on my Windows Phone again...oh, wait. You are comparing Android to a desktop OS. I see what you did there.
No one said anything about Windows being secure...anywhere. Or anything about hurting a phone. The initial post was about hackers helping the FBI turn on Android microphones to record convos. The most recent link was about the FBI being worried about law enforcement using Android, and fragmentation leading to 40+% running older unpatched versions.
- By rakesh1995 in forum AndroidReplies: 9Last Post: 08-15-2013, 01:21 PM
- By Bosan Klong in forum Windows Phone AppsReplies: 1Last Post: 08-01-2013, 11:30 AM
- By emagius in forum Nokia Lumia 521Replies: 17Last Post: 08-01-2013, 07:56 AM
- By Paul Verizzo in forum Windows Phone AppsReplies: 11Last Post: 07-31-2013, 07:09 AM
- By Psyk00 in forum Windows Phone 8Replies: 3Last Post: 07-26-2013, 08:18 AM