Discussion in 'other security issues & news' started by Minimalist, Jul 27, 2015.
Now watch lots of vendors continue to not provide any patches for old phones.
So, my phone is an affected model (no kidding). Posted about this on the vendor's support forum... 12 hours later, no replies. I don't know if they're even updating the newer phones. There are 3-4 other posts about this, and no replies to any of them.
Absolutely shameful. I'd say this is a breach of contract on their end, but of course they're smarter than that; they retain the right to sue, I don't. Jerks.
Anyway, right now my Android phone is lying on my desk with the battery removed. I'm considering transferring the number to a dumb cell phone. Too bad I'd have to keep paying the vendor for service I was not recieving. Yay!
P.S. What's with the Heartbleed analogies? This is more like Shellshock, actually really serious.
How many of the models would get patched? I think the vendors would only issue OTA for flagships, the rest will be left out. I was thinking about shifting into the ship of smartphones, but after this, would buy another dumbphone until Linux/Firefox OS gets matured.
Yes I find this a big problem also. Most vendors just stop supporting older models and stop releasing newer Android versions. That means that after few years, your smartphone becomes insecure. Vendors should release support lifecycle for their devices so that users would know how long their devices will be safe to use.
Would disabling "auto mms download" feature mitigate this?
OTOH, there's an unexpected benefit to this: smart phones are quite distracting to carry around turned on all the time. I'm using a flip phone instead today, and I feel like my IQ has increased by a few points.
I guess so, however, not only by receiving MMS your smartphone can be compromised
Sometimes I regret getting a smartphone. It gives me sore fingers and on top of that security issues.
I miss the good old gsm only phones.
Trend Micro Discovers Vulnerability That Renders Android Devices Silent
What about the other browsers?
I don't know, it's not mentioned in that article.
Thanks. Nothing much I can do other than to follow the mitigation suggestion for now.
Note that TextSecure doesn't autoplay and gives a warning first:
Samsung announces new Android security update process, promises over-the-air patches ‘about once per month’
Android's 5 biggest security flaws 2015
IBM finds another Android phone bug
Separate names with a comma.