Comment by Hizonner

7 months ago

> Coincidentally they are also likely to be easily rootable, so you can still have full freedom.

Also easily remotely ownable, so you can be spied on without even having to install any software at all. And any that aren't now will be a couple of years after they fall out of support. Which, by the way, is very hard for the community to step in and do, since they're full of undocumented proprietary binary blobs.

> Just don't "upgrade" and ignore all the propaganda telling you bad things about that.

... and when your fully owned device finally breaks completely?

6 comments

Hizonner

Reply
userbinator  7 months ago

You've fallen for the propaganda. "remotely ownable" is only true if you do things like visit sites with JS enabled by default, which is what has been the case with true PCs for a long time.

There's a whole community keeping these devices alive, I trust them far more than Big G.

  • chowells  7 months ago

    The... propaganda? PoC exploits demonstrating full device takeover by sending an image file are propaganda? What would a real security vulnerability that's not propaganda look like?

    https://nvd.nist.gov/vuln/detail/CVE-2023-4863

    • userbinator  7 months ago

      libwebp, a Google-originated format... how convenient.

      via a crafted HTML page

      Don't forget that the majority if not all exploits will use something like JS to obfuscate their existence and frustrate analysis.

      Also remember the famous sayings "Those who give up freedom for security deserve neither" and "Live free or die". Accepting the insecurity, because freedom cannot exist without it, is also important.

      3 replies →