On 09/26/14 20:26, Matti Karnaattu wrote: >>I'll have to disappoint you but I don't have any side. >>I'm pretty much agnostic and interested all kind of technology. > > But if we talk on methods to make platform secure, don't you agree that > folks on Google have put effort to make Android hard to exploit?
um. no. No. Hell no. So f*cking wrong, I can't even ignore this idiotic statement for fear that someone will see it on the OpenBSD lists and think it might be true. Sorry, I've had the honor of working with some amazing malware experts (AND the OpenBSD developers. Have I had a rockin' life or what? :), none of them have anything good to say about the Android platform from a security standpoint. ON TOP OF the nature of the beast -- a very open platform you can basically do anything with, including shooting yourself in the foot (and if you can easily be prompted to shoot yourself in the foot, most other security measures are surmountable) -- Google's Android team has done a horrible job on the very basics, including shipping KNOWN BAD, exploitable and long fixed kernel code YEARS after fixed code was available. Start with crappy Linux code...and then don't even fix the known problems? WTF? That's a security face plant before one's foot has left the starting block. I'd LOVE to think Google took security more seriously than other dipshits in the computer industry, but sadly, the Android platform did not show it. I have an Android phone, I would not trade it for an iProduct...but I will never trust it or use it for security critical purposes. ... Nick.
