top | item 32282453

(no title)

kjander79 | 3 years ago

This write up highlights a depressing fact we all know: the mobile security situation is bleak, to the point of being untenable.

I checked my own device, and despite owning it just about a year, security updates have likely already stopped (although the manufacturer website hasn't exactly confirmed that, just yet) and even if the security updates were still coming, the gap between when they are released and then reach the devices are measured in months, not days, making these exploits worse than zero-days. I have seen no movement in correcting these issues from any of the manufacturers.

You too can check for yourself at source.android.com/security/bulletin

discuss

armitron|3 years ago

Android is not the only mobile ecosystem around, and not every ecosystem is a train wreck.

kjander79|3 years ago

In theory I agree, but in practice...

The exploit given here works on any device with the given driver, regardless of OS. Android is just the primary example since it is the 800lb gorilla.

And as the article mentions, just 2 hardware stacks make up nearly the whole ecosystem.