10 posts • joined Tuesday 17th July 2012 15:20 GMT
Use Play Store, don't use Unknown Sources
Still lots of fear about this - you don't need to be on Android 4.3 to be safe:
- If you only install from the official Google Play Store, you're fine - Google can scan their store server-side.
- If you don't install any apps, you're fine.
- Stay clear from Allow Install from Unknown Sources, which by default isn't enabled anyway.
- Vulnerability that trojans are installing via is a phone-side weakness, which is only a problem if the app source you're using (pirate app store, spam email or mms containing installer) isn't vetting the apps before they reach your phone.
Re: stuck on Gingerbread are budget 512mb ram and/or 320x240 screens, they just don't have the grunt needed for the newer Android releases.
Lowest spec owned by my family members is a Galaxy Ace 2 and that's on an official Jellybean 4.1.2 now.
My almost 2 year old midrange Galaxy Nexus is running 4.3 like a pro.
Reputable app stores ++
Google Play, Amazon, et al can scan their stores with updated verification.
The flaw is in the phone's cert verification, but Google Play, Amazon etc can update their server-side verification to detect any dodgy packages.
From what I understand of this particular exploit, it's detectable now that it's understood.
Cyanogenmod users will be happy to know it looks like they're busily releasing new CM7 thru CM10's.
Android phones a factor?
Since most Android phones are linked up directly via credit card and account to gmail accounts, might just be a punters being a magnitude more password hygenic (cash and phone pwnership) vs Y! + MSN accounts which often are used just for mail, or even simply low grade instant messenger accounts.
Ubuntu Phone stayed on my Nexus for almost an hour, I wanted to feel it running on my phone even though I was well-aware it was going to be mostly mockup, similar to what was demoed at CES last month.
On a slightly related note, there was a nice analysis and comparison of upcoming phone OS contenders last week, covering the progress, teams, approaches, and industry support and tips for success for Ubuntu Phone, Tizen, Sailfish OS, Firefox OS, BB10
1.8bil for broken software, at least they're being honest
"pose an unacceptable risk to the ability of the UK to safeguard national security" and "disclosure of this could be used to avoid detection".
So that's 1.8 bil on a system that once finished, relies on security through obscurity, and is expected to have known exploits and be possible to avoid.
Thought green-minded data-centers in northern countries only need an extra 1% power for cooling these days? i.e. would only need about 290KW of cooling for 29MW of compute (Yahoo Chicken-coop claimed this percentage with a datacenter they did a couple of years ago in NY IIRC)
Leveson Inquiry is all a bit pointless then
If all the texts count as publication, there's no such thing as phone hacking (text snooping) any more, and all those who had their phones hacked should be jolly well happy with this judge.
OTOH, the press should start doing more phone hacking and exposing now - probably the only thing keeping t.h.e.m. straight, when the laws are so ripe for abuse^M^M^M^M^M^M^M^M^M.
Next up, MS v Samsung?
So will Microsoft now go after Samsung for copying it's Version-numbering-'N'-suffix-method-for-naming-near-identical-products-with-EU-ban-avoiding-modifications? (Windows XP N, 7 N, etc)
- Xmas Round-up Ten top tech toys to interface with a techie’s Christmas stocking
- It's true, the START MENU is coming BACK to Windows 8, hiss sources
- Google embiggens its fat vid pipe Chromecast with TEN new supported apps
- Pic NASA Mars tank Curiosity rolls on old WET PATCH, sighs, sniffs for life signs
- Microsoft: Don't listen to 4chan ... especially the bit about bricking Xbox Ones