Apple & Security vs Android/Google

Biggest risk to security is the user.

Adblockers, VPN's, look at ORBOT on Android.

Don't connect to free wifi. Turn off bluetooth/NFC unless you need it.
Don't visit dodgy sites etc

Make sure developer mode is off so you can only install official software from the play store

The biggest tool in securing anything is knowledge.
 
not sure either Apple or google are as open/proactive about security exploits like Microsoft is with the windows security patches, is it because the business/economic impact of security issues is less ... just the consumer ? we are waiting for the first WannaCry equivalent to hit mobiles.

wonder what brand of phone bagdadi had ?
both android and apple share ARM cores which have had similar hardware exploits like Meltdown/spectre
eg https://developer.arm.com/support/a...ocessor-vulnerability/download-the-whitepaper
and believe it was samsung who had to fix hardware for compromised in the trustedplarform hardware modules, so the Android security risk needs to be split out on a manufacturer basis, to which end the government review of huawei s/w proceeses was found wanting.
 
seems like the facebook and app developers should have better bug bounty programmes , or software developers, to reduce exploits,
rather than trying to sue NSO
WhatsApp suit says Israeli spyware maker exploited its app to target 1,400 users


Did apple take these folks to court - https://www.telegraph.co.uk/technol...aw-allowed-government-spying-for-3-years.html
they're still in business

48538784717_c942f30f7d_o_d.jpg



 
KraniX said:
I've been a long time Android fan (primarily via Samsung devices), very happy with it overall from an end-user perspective and I use a ton of Google services but I've been under no illusions when it comes to the fact that nothing is ever free and I'm paying for these services with my data.

I block third party cookies, turn off ad personalisation, use ad-blockers and the like to deal with the visible annoyance of adverts but I've been reading reports on the data collection and usage by Google etc., location tracking and hoovering up of wifi IDs etc. and it just leaves a bitter taste.

I'm only one person and I don't have anything to hide but the invasive nature of companies like Google is just bugging me more and more especially when I see the vast profits they are making (and usually little tax being paid). But there is a lot of that going around in the tech world.

So I'm thinking about what to do about it, I have an Outlook email I can use instead of Gmail so my emails aren't continually being read but I don't think Microsoft are much better to be honest, are there any alternatives you guys would recommend?

But the biggest change would be to ditch my Samsung phone, tablet and smart watch and possibly switch to Apple, quite an expensive move too, I also have Google Home and a Home Hub.

Apple make a big play on the privacy/security aspect of their platform, I've been reading the official blurb on the website which all sounds positive but I wanted to get your take on it, is this legit or are they just as bad in reality?
Click to expand...

My first bit of advice would be - don't worry so much. Until laws/regulations are changed to prevent it, or provide a means for individuals to profit off it - personal data is always going to be leeched. I would tend to agreed that the likes of Google are one of/if not the worst of the bunch (it's a close fight between them and Facebook tbh), but in the same way Capita have a finger in most things out there - you might be hard pressed to completely avoid Google.

My second bit of advice - what makes you think Apple are better? Because they have a bunch of small print about your data security being sacred to them, or because they tout it as a benefit over the competition? How do you know that they're not doing exactly the same as Google, albeit, within their own walled garden?

I'm not at all keen on what Google does with my data, and what their 'algorithms' decide to hide or show me online - I think that goes against the freedoms that the internet, offered way back when I was connecting via a Freeserve CD and 56k modem; and it almost feels like Google are sculpting what this amazing tool shows us.

Personally - I turn off the constant Wifi/Bluetooth scanning (part of the collection of networks you mention), I use alternative browsers and disable Chrome, these browsers then have plenty of third party add-ons to clock cookies and adverts; I also have a Raspberry Pi on my home network helping with these blocks too, I also have stopped using Google search (using DuckDuckGo for now). But aside from these small things, I have accepted that my data is still going to be slurped somewhere along the way - so I try not to fret about it.

Just touching on something though - you have listed quite an amount of gadgets in your post, many of which (such as the hubs/assistants) are the things I have given a very wide berth to, as having an 'always on' microphone in my house, really is no interest to me; but these sorts of things probably rely on knowing a lot about you and your habits on and offline - instead of jumping to Apple, maybe reassess what you want/need from tech?
 
weringo said:
Since Blackberrys died out Apple are the go to provider for companies issuing phones to employees, mainly for the security reasons I understand. I suspect this is a lot down to how locked down iOS is, which makes it much easier to secure, although this lock down is one of the main reasons I am an Android user.
Click to expand...

Nah, large employers tend to use cheap androids with apps like Microsoft Intune or Airwatch to lock down the phone. Apple phones are just too expensive to justify for most organisations.
 
*REBOOT*
Impressive - the French put malware on Eurochat/encrypted phones used by crime organisations

article describing 'how' it was done, pgp is safe !
https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked

This Encrochat case was different, though. This was malware on the Encrochat device itself, meaning that it could potentially read the messages written and stored on the device before they were encrypted and sent over the internet, a devastating finding for a company whose main mandate is to protect the content of communications for highly sensitive clients.

Encrochat's phones are essentially modified Android devices, with some models using the "BQ Aquaris X2," an Android handset released in 2018 by a Spanish electronics company, according to the leaked documents. Encrochat took the base unit, installed its own encrypted messaging programs which route messages through the firm's own servers, and even physically removed the GPS, camera, and microphone functionality from the phone. Encrochat's phones also had a feature that would quickly wipe the device if the user entered a PIN, and ran two operating systems side-by-side. If a user wanted the device to appear innocuous, they booted into normal Android.
....

Law enforcement's quiet coup of Encrochat was over. Over the next several days, the puzzle pieces started to fall into place: The seized shipments, the raids on drug traffickers, the mounting arrests. The common thread among all of them was Encrochat.

The encrypted phone industry source said that after the episode, Encrochat resellers couldn't log into their portal used to manage sales, locking them out of funds.

Right now, the criminal world is in disarray, their main way of communicating ruptured. Paranoid, some people are going offline, unsure of what devices to trust. Others are trying to cross borders before they are detained, the source close to criminal Encrochat users said. The source said that buying drugs in bulk just got a lot harder.
Click to expand...

edit: BBC reporting r4pm - they cracked a code is BS
 
Last edited:
jpaul said:
*REBOOT*
Impressive - the French put malware on Eurochat/encrypted phones used by crime organisations

article describing 'how' it was done, pgp is safe !
https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked



edit: BBC reporting r4pm - they cracked a code is BS
Click to expand...


Looks like police have made good use of the crack.

The UK's 'biggest ever crime bust' has seen more than 700 suspected crooks arrested and murder plots foiled - as well as millions of pounds of dirty cash, two tonnes of drugs and dozens of guns seized.

Entire criminal gangs have been shattered following a two-month sting spanning the globe.

...

The criminal rings were smashed when EncroChat, one of the largest providers of encrypted telecoms which offered a secure mobile phone instant messaging service, was infiltrated by the international law enforcement team who cracked the company's encryption.
Click to expand...


https://www.manchestereveningnews.co.uk/news/uk-news/britains-biggest-ever-crime-bust-18531928
 
How exactly did they get the malware onto the phones in the first place? Hack Encrochat's servers and put it in an update which is then pushed to every phone?
 
yes still some details we're not being told, but, keep them guessing
the vice article said encrochat failed to shut them out on the first attempt, so seems unlikley it was a trojan planted in updates, or maybe encrochat are not that smart.

- the means to prosecute based on this evidence being another - the uk policewomen c4news suggested, unclearly, that they won't be bound by that ,
but, crikey, it's a big fishing expedition.
this suggests otherwise - https://www.jmw.co.uk/services-for-...phones-hack-legal-challenges-and-consequences


liked the arstechnica comment https://arstechnica.com/tech-policy...-hundreds-in-organized-crime-bust/?comments=1
I wonder what the guys who ran the Encrochat thing are doing now. Among their customers were groups like Bandidos, who tend to Not Be Nice to people who Fails Them. They tend to make the depths of their disappointment understood.
Click to expand...
 
There's a number of youtube videos spanning back years showing basic security flaws in the devices. So it does make you wonder if there was complicity involved.
 
You must log in or register to reply here.
Back
Top Bottom