fsebugoutzone.org:9999

       Post ATiijsOSVLLbXV3CDo by jasonmashak@infosec.exchange
 (DIR) More posts by jasonmashak@infosec.exchange
 (DIR) Post #ATidAHzTMIPGjOZhbM by jasonmashak@infosec.exchange
       2023-03-17T16:15:21Z
       
       0 likes, 0 repeats
       
       I’m amazed when I see anyone working in the #security industry and still using #Android. For years, there have been countless instances such as this and malware-infested Android apps.Android phones can be hacked just by someone knowing your phone numberhttps://grahamcluley.com/android-phones-can-be-hacked-just-by-someone-knowing-your-phone-number/
       
 (DIR) Post #ATidAIhQirZIvj8o7M by sesivany@floss.social
       2023-03-17T16:24:42Z
       
       1 likes, 0 repeats
       
       @jasonmashak not that there would be any secure option among smartphones. In the end it&#39;s just a matter of resources and people are safest if they use something rare. It&#39;d probably be as vulnerable as Android or iOS, but it&#39;s not a target big enough to look for exploits.
       
 (DIR) Post #ATidAJLqIbtWx4356m by jasonmashak@infosec.exchange
       2023-03-17T16:52:52Z
       
       0 likes, 0 repeats
       
       @sesivany Of course nothing is fully secure, but there’s a world of difference between Android and iOS.
       
 (DIR) Post #ATidAK8lMj1hOmw9MO by marianisoehartono@ohai.social
       2023-03-17T17:16:09Z
       
       0 likes, 0 repeats
       
       @jasonmashak @sesivany I&#39;d like you to point out which apps in #fdroid have malware; should be no problem for any security researcher, considering it&#39;s all open source.Jeff Bezos used iphone, then got permanently snooped just with a single video message from bin Salman. There&#39;s no worlds of difference, that&#39;s just apple marketing line for gullible consumers.
       
 (DIR) Post #ATidAKvKS9sHpPew3k by jasonmashak@infosec.exchange
       2023-03-17T17:23:53Z
       
       0 likes, 0 repeats
       
       @sesivany @marianisoehartono you don’t need to be some OSINT wiz to google “malware in Google Play store” and then realize why Apple is so much stricter about what it lets in.
       
 (DIR) Post #ATidALXc9oV1k9ZVjc by marianisoehartono@ohai.social
       2023-03-17T17:31:06Z
       
       0 likes, 0 repeats
       
       @jasonmashak @sesivany It&#39;s a *choice* to use Play Store or other stores; it&#39;s not like Android users are limited in choices like Apple users are. Hey, I can even compile my own binary apk and sideload them with no trouble. The app that caused Jeff Bezos&#39; iphone to be spied upon via bin Salman was one that&#39;s approved by App Store. What&#39;d you say about that?
       
 (DIR) Post #ATidAM12OQ2FDPL0b2 by jasonmashak@infosec.exchange
       2023-03-17T18:18:20Z
       
       0 likes, 0 repeats
       
       @marianisoehartono @sesivany There were legitimate reasons that our whole fleet of company phones got switched over to iOS when I worked for a large AV company a few years back – and it had nothing to do with them being cheaper.
       
 (DIR) Post #ATidAMdK64ez89FaGu by marianisoehartono@ohai.social
       2023-03-17T18:29:44Z
       
       0 likes, 0 repeats
       
       @jasonmashak @sesivany I&#39;d prefer discussing real world security-related cases rather than speculating over a company&#39;s deployment choice. Real world cases thus far don&#39;t demonstrate much difference between the two; users and their behavior will always end up being the weakest link.
       
 (DIR) Post #ATidAN8sCltgi00mRs by jasonmashak@infosec.exchange
       2023-03-17T19:05:34Z
       
       0 likes, 0 repeats
       
       @sesivany @marianisoehartono yeah, your firsthand knowledge of Jeff Bezos seems to be the leverage you need here.
       
 (DIR) Post #ATidANd0Ok04DS6qPo by marianisoehartono@ohai.social
       2023-03-17T19:28:44Z
       
       0 likes, 0 repeats
       
       @jasonmashak @sesivany I don&#39;t quite understand what you&#39;re trying to imply here. Are you trying to say that we can only discuss real security breaches in which we have firsthand accounts of?If you&#39;re not familiar with the case, there was public postmortem report by security researchers Bezos commissioned himself: https://assets.documentcloud.org/documents/6668313/FTI-Report-into-Jeff-Bezos-Phone-Hack.pdf
       
 (DIR) Post #ATidAO5MhIgXdPNUcS by jasonmashak@infosec.exchange
       2023-03-17T19:59:07Z
       
       0 likes, 0 repeats
       
       @marianisoehartono @sesivany The likelihood of encountering vulnerabilities by OS isn’t some tough formula to crack. Android users are far more likely to encounter such.Source: Comparative analysis of Android and iOS from security viewpointhttps://www.sciencedirect.com/science/article/abs/pii/S1574013721000125
       
 (DIR) Post #ATidAOYmvuDl6f8zTs by marianisoehartono@ohai.social
       2023-03-17T20:23:03Z
       
       0 likes, 0 repeats
       
       @jasonmashak @sesivany Walk me through your thought process on these statistics. It&#39;s better to narrow my focus on concrete arguments rather than my presumptions of them.
       
 (DIR) Post #ATidAP4L2bSSgVuBeq by jasonmashak@infosec.exchange
       2023-03-17T20:28:06Z
       
       0 likes, 0 repeats
       
       @marianisoehartono @sesivany This NordVPN article actually covers the situation pretty well.https://nordvpn.com/blog/ios-vs-android-security/
       
 (DIR) Post #ATidAPeUsANiUep41A by sesivany@floss.social
       2023-03-17T20:37:49Z
       
       0 likes, 0 repeats
       
       @jasonmashak @marianisoehartono &quot;Apple’s closed source code makes it harder for hackers to find security flaws&quot;Sorry, but I can&#39;t take seriously an article that argues with security by obscurity.Some of other arguments are pretty doubtful, too, to say the least.
       
 (DIR) Post #ATidAQM6G3GAftDsyu by pro@mu.zaitcev.nu
       2023-03-17T21:19:44.080904Z
       
       0 likes, 0 repeats
       
       @sesivany @jasonmashak @marianisoehartono Did you mean &quot;article argues for security by obscurity&quot;?
       
 (DIR) Post #ATiijsOSVLLbXV3CDo by jasonmashak@infosec.exchange
       2023-03-17T21:25:58Z
       
       0 likes, 0 repeats
       
       @pro @marianisoehartono @sesivany This is pretty clear, unless one is deliberately trying to be obtuse:“Android makes it easier for hackers to develop exploits, increasing the threat level. Apple’s closed development operating system makes it more challenging for hackers to gain access to develop exploits. Android is the complete opposite.”
       
 (DIR) Post #ATiijsuiZP9T9Y8xVI by sesivany@floss.social
       2023-03-17T22:00:24Z
       
       0 likes, 0 repeats
       
       @jasonmashak @pro @marianisoehartono ah, I thought we were already past the &quot;everyone can see the code and more easily find vulnerabilities, thus open source is less secure&quot; arguments.Open source code means more eyes reviewing it and more vulnerabilities getting fixed resulting in more secure code which is less vulnerable to attackers despite the fact that the code is open and available to them.
       
 (DIR) Post #ATiijtVENeMIynE7Ps by jasonmashak@infosec.exchange
       2023-03-17T22:02:23Z
       
       0 likes, 0 repeats
       
       @sesivany @marianisoehartono @pro come on, it’s a combination of multiple factors that can make one OS less secure than another, and you all know that.
       
 (DIR) Post #ATiiju3yIU9EiXTrZA by sesivany@floss.social
       2023-03-17T22:11:28Z
       
       1 likes, 1 repeats
       
       @jasonmashak @marianisoehartono @pro I&#39;m not making general judgment which OS is more secure. I&#39;m just saying that closed source doesn&#39;t make iOS more secure.I can admit that a random Android phone is probably less secure than a random iPhone, I just don&#39;t agree with the original premise that Android is inherently insecure.