545

‘Even stronger’ than imagined: DOJ’s sweeping Apple lawsuit draws expert praise (www.theverge.com)

submitted 7 months ago by nave@lemmy.ca to c/technology@lemmy.world

85 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[+] stevedidwhat_infosec@infosec.pub -32 points 7 months ago* (last edited 7 months ago)

But android does this exact thing and has far more vulnerabilities

Open source doesn’t magically make things more secure unfortunately, no matter how many people seem to think this

[-] FiniteBanjo@lemmy.today 6 points 7 months ago

AOSP Development was almost completely separated from the commonly distributed Android OS around version 2.2 in like 2010-ish, if I'm not mistaken. If you do get an OS built upon the old open source versions, they are usually quite secure and value privacy heavily, such as CalyxOS.

So no, Android is not Open Source nor is it free, but yes proprietary Android software has more potential vulnerabilities.

[-] stevedidwhat_infosec@infosec.pub -5 points 7 months ago

Last year android had 1400 vulnerabilities to iOS’ 482.

402 of androids were above a CVSS score of 7 & 221 for iOS.

Android is less secure than iOS on average and Apple is widely known to be more secure than android. That’s not to say I’m a fan of things apple does. I’m purely speaking vulns for one OS to another.

[-] TurtledUp@lemm.ee 6 points 7 months ago

The more used OS will always have more people looking for ways to break it. Same shit happened with windows and Mac. The old picture of the house in the city with bars on the windows vs a house in the country with unlocked doors still applies.

The only vulnerabilities you even really need to worry about are zero days which won't be in the threat tracking databases.

[-] stevedidwhat_infosec@infosec.pub 1 points 7 months ago

Right but that’s a contributing factor to iOS’ strength

Their risk surface isn’t massive…

Their App Store is on a tighter leash too so less risk there and less opportunities for persistence/c2 activity which encourages and enables further vuln discovery and valuable data mining on devices

I’m confused what you’re arguing here

load more comments (8 replies)

this post was submitted on 22 Mar 2024

545 points (97.4% liked)

Technology

59200 readers

2347 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each another!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago

MODERATORS