Comment by grugq
7 years ago
Think of it like GMO. There are two sides with legitimate concerns. But only one side can speak publicly.
As for backdoored Chrome, what is to prevent China using a modified version of Firefox that removes the backdoor? It would blind NSA to collection on the Chinese target.
There is no way you can use backdoors against hard targets. Hard targets are why they need 0day. It is an arms race because it is a conflict between states.
Whatever fears people have about 0day being used against them are, as I’ve said before, like worrying about ninjas rather than cardio vascular disease. One is something you have no control over, but almost no exposure to as a risk. The other requires regular work to stay safe.
Years ago I wrote “free security advice” and the basic concept is still relevant. I should update it now though. Android 9 is a much harder target that 4.4 was. I would actually rate Android as safer than iOS because all of these ridiculous articles about million dollar pay outs have driven most developers towards iOS, and iOS is a monoculture.
A hardened Android device (disclaimer, I’m making one for retail sale) is safer than a stock iOS.
Literally everything in the media is complete garbage. No one who knows how things work would ever discuss them again.
Your argument is limited to technical and political science concepts, and by limiting itself so, is correct. It is inapplicable to the real world.
Governments have used zero days. Most famously to use a zero day unlock an iPhone against a terrorist (whose house was ransacked by the news media). Less famously was to botch a legal case against a pedophile (amazingly, it would be possible to find and arrest nearly all pedophiles on Tor by burning half a million dollars in zero days). But the government didn’t want to release the zero day for Play Pen and Mozilla got involved in the case.
But Freedom Hosting’s zero day was discovered while it was being used. I think the government still uses zero days, but parallel constructs the evidence from them. This is policy making by mismanagement.
On face value, the government is involved in abhorrently irrational decision making. The government cannot be considered responsible enough to have zero days, but that’s an argument that will lead nowhere.
> Your argument is limited to technical and political science concepts, and by limiting itself so, is correct. It is inapplicable to the real world.
I read your post, but still have no idea why it's inapplicable in the real world. Could you explain that again? I think it's a very interesting discussion, so I'd like to actually understand your point.
I’m sorry, I don’t understand.
I Googled for grugq, iCloud, and terrorist, and yielded the below link:
https://medium.com/@thegrugq/feeble-noise-pollution-627acb59...
>Farook destroyed his personal phone. The FBI wants access to his work phone. UPDATE: FBI locked themselves out of the iCloud account after it was seized.
>FBI already has huge amounts of data from the telco and Apple. This is almost certainly enough to rule out clear connection with any other terrorists.
>FBI is playing politics, very cynically and very adroitly.
2 replies →
>Years ago I wrote “free security advice” and the basic concept is still relevant. I should update it now though.
It looks like you DID update it: https://gist.github.com/grugq/353b6fc9b094d5700c70
And from that gist:
> Use an iPod or an iPad without a SIM card
> Use an iPhone
How can you then says:
> A hardened Android device (disclaimer, I’m making one for retail sale) is safer than a stock iOS.
?
Is Android (and in general any open source system) safer than a iOS (a closed and highly customized system) ?
The idea I heard over and over is that a open source system is more secure because the code is scrutinized by anyone that wants to.
But with a monthly security update and how quickly a vulnerability can be exploited, it does not seems to be the case anymore.
The main reason is the time between a vulnerability is patched in the source code and the patch is deployed. When a commit that fixes a vulnerability is committed on the Android codebase, anybody that knows what is looking at would be able to notice it, and likely build/distribute an exploit before the patch is actually pushed to all users. On a closed source system, an exploiter can still reverse engineer the changes in an update but less people have the skills to do it and it is not straight forward to understand which changes in the code are a security patches.
Considering the timing and what I see on the Android security bulletin almost every month there are EoP and even RCE vulnerabilities being patched. A Google Phone, on average, will go 2 weeks every month vulnerable to a "known" vulnerability.
For all the others the situation is dramatically worse. Samsung is at best a month behind the security update schedule. A Samsung's user will have a phone that is always behind the last vulnerabilities patched and visible in the Android code base.
Some of these vulnerabilities can be quickly distributed since everybody has an LTE internet connection, read new on a browser.
As I said, I should update it.
When I wrote it Android devices never got patched (hence the advice to switch to a FOSS rom that would be updated, rather than a frozen in time factory ROM.)
Security involves a lot more than just access to the source code. That is simply a factor in the ease of some techniques for vulnerability discovery. Back then Android had poor process isolation, significant problems with its sandbox, lax SELinux configurations, insecure software architecture (eg not using “least privilege”)
For a regular user, a stock iOS device is safer than an Android device because there is very little iOS malware in the wild. For a user at risk, then they are safer using a secured device, which by default means modified Android.
Security is not a generic “thing”. It is a continuous process that provides countermeasures against threats by mitigating risks.
If you want a device that is safe by default, will always be patched, and is not vulnerable to indiscriminate exploitation or malware embedded in apps — use iOS.
You can achieve that with a Google Android device (starting with about v8 or so). Of course you still have to be vigilant against malware laden apps.
> A hardened Android device (disclaimer, I’m making one for retail sale)
Any more information on this? I'm more than a little depressed by the current options in phones - I don't relish the idea of moving to ios - but at the same time I'm a bit worried about the direction Android is taking...
What kind of marked/price range are you aiming for?