Thanks for giving me so much grief and Twitter drama about saying "Android is not safe to use for journalists or Congressional campaigns"https://twitter.com/patrickgtraynor/status/1032997173288427520 …
-
Show this thread
-
There's a device called a USB filter that turns every USB port into a charge-only port, and protects against sketchy charging ports. Add this helpful dongle to your life if you travel a lot:https://www.amazon.com/Plugable-Universal-Charge-Only-Adapter-Android/dp/B00FA9GXKM/ref=sr_1_1?s=wireless&ie=UTF8&qid=1535130533&sr=1-1&keywords=usb+filter …
4 replies 112 retweets 242 likesShow this thread -
I would rather live in a world where there are both Android devices and iPhones that are out-of-the-box secure enough for a campaign to use. And I know Google is full of engineers who are trying to make this happen. But the effort dies somewhere in the domain of upper management
3 replies 5 retweets 32 likesShow this thread -
Replying to @Pinboard
It’s not even upper management. Android itself has decent exploit mitigation work, etc. it’s OEMs and the fucked up android vendor ecosystem. Bugs happen. Bugs that may be unpatchable amd that users won’t know they have because the vendor has long since moved on, however...
3 replies 0 retweets 3 likes -
Replying to @spongeclipper
I understand the complaint about the ecosystem, but Google also manufactures its own phone, which it has chosen not to make safe.
3 replies 0 retweets 5 likes -
Replying to @Pinboard @spongeclipper
If you read the paper (https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-tian.pdf …), you’ll notice that the severity of the issues on Google phones is low. The really bad issues were all OEM phones. I’m frequently a big Google critic, but IMO you’re being unfair.
3 replies 0 retweets 6 likes -
Replying to @pcwalton @spongeclipper
As
@matthew_d_green points out, the lock screen is functionally the last line of defense on an Android phone, so "it's almost not broken" is not a reassuring consolation. I agree that the phones Google makes are the safest, but they are not safe enough, and that is on Google2 replies 0 retweets 3 likes
Read the paper. Nexus devices were immune to the lock screen bypass. Lock screen bypass was specific to some OEM phones.
-
-
-
Well, if we’re talking about theoretical vulnerabilities, couldn’t iBoot be theoretically vulnerable too? I still think Apple is being given too much of a pass here…
1 reply 0 retweets 2 likes - 15 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.