back to article Half the Fanbois in your office are unpatched ATTACK VECTORS

Duo Labs researcher Mike Hanley says one in two iPhones connected to corporate networks are running outdated versions of iOS. The poor patch performance means half of all iDevices are corporate attack vectors running April's iOS version 8.3 or lower, and as a result are brimming with more than 100 vulnerabilities. Almost a …

  1. Anonymous Coward
    Anonymous Coward

    Some good points but...

    Can we have the same survey for Android devices please? Just to keep some semblance of journalistic balance.

    Brimming over with problems? A little rash but I don't care one way or another. My ancient Nokia 6310i has just had a new battery and and internal 'de-fluff'. Should be good for another few years.

    I got some strange looks last night when I used it on the tube to Richmond. It seemed that everyone else were Fanbois/Fangirls using their iDevices and they not just young hipsters. I expect that some of them had never seen a dumbphone in years.

    1. Anonymous Coward
      Anonymous Coward

      RTFA

      >> Android devices are even worse. One in five users have upgraded to the latest stable Android Lollipop in the rare instances stars align between carriers and handset-makers. <<

      1. Frank Oz

        Re: RTFA

        Mmmm ....

        And in the final conclding paragraphs of the article.

        One wonders why the headline wasn't 'Android Fanboys in your office ...", and why the writer didn't lead with the Android vulnerabilities.

        I have Android and Apple devices in my home, and the ones I'm REALLY worried about, security wise, are the Android ones.

    2. Anonymous Coward
      Anonymous Coward

      Re: Some good points but...

      Can we have the same survey for Android devices please? Just to keep some semblance of journalistic balance.

      It was in the article, but stating "Android devices are a risk" would not make for an interesting headline (it's not really news anymore)..

    3. Richard Taylor 2 Silver badge

      Re: Some good points but...

      Ahh but us old Hipsters (the genuine(tm) article) still revere the 6310i. Truly cool retro-tech

  2. oneeye

    I bet he turns it off and keeps it in the glove box of the automobile. Still using a rotary dail phone in the house,and has Windows XP still limping along. (-;

  3. Anonymous Coward
    Anonymous Coward

    In other news

    Zonko Labs researcher Penelope Fishtail says one in two iPhones connected to corporate networks are running the latest versions of iOS. The excellent patch performance means half of all iDevices are not corporate attack vectors as they are running April's iOS version 8.3 or higher, and as a result are devoid of more that 100 vulnerabilities.

    1. Steve Davies 3 Silver badge
      Pint

      Re: In other news

      A sort of glass half full vs a glass half empty dilemma.

      I know that the sun has not been up very long here in Londinium but this talk of glasses has made me think about (see Icon) already.

      1. 45RPM

        Re: In other news

        @Steve Davies 3

        Agreed and, looking on the even brighter side, it's POETS day today. Only two and a half hours until I can get on with the vital job of ensuring that the bar doesn't topple over.

      2. Tom 13

        Re: A sort of glass half full vs a glass half empty

        Does it really matter when you're drinking hemlock?

        1. Michael Thibault

          Re: A sort of glass half full vs a glass half empty

          >Does it really matter when you're drinking hemlock?

          It might matter if you're drinking hemlock. The glass might be too small. IOW, the poison's in the dosage.

    2. sabroni Silver badge

      Re: In other news

      You new here Aimee? At El Reg the glass is ALWAYS half empty.

      1. LucreLout Silver badge

        Re: In other news

        At El Reg the glass is ALWAYS half empty.

        At El Reg the glass is neither half full nor half empty; the glass is incorrectly specified. Probably by a user.

        1. Velv Silver badge
          Boffin

          Re: In other news

          Technically the glass is always full. There might be more than one substance in varying proportions filling it, but it's still full.

          1. Tim99 Silver badge
            Coat

            Re: In other news

            @Velv

            "In vacuo"?

            Unless you meant quantum theory experiments like the Casimir effect? I gave you an Upvote.

        2. dogged

          Re: In other news

          > At El Reg the glass is neither half full nor half empty; the glass is incorrectly specified. Probably by a user.

          The important thing is that the glass is refillable. And it's your round.

      2. Richard Taylor 2 Silver badge

        Re: In other news

        You new here Aimee? At El Reg the glass is ALWAYS half empty.

        Ahh you forgot the qualifier - 'but urgently awaiting the refill'

      3. Chemist

        Re: In other news

        "At El Reg the glass is ALWAYS half empty."

        And what's left in it is vitriol !

      4. Anonymous Coward
        Anonymous Coward

        Re: In other news

        And one has to wonder why all the Apple bashing.

        Is it envy?

        Is it a direction from the owners of the 'rag'?

        They dont seem to whack Microsoft or Android products as much, suggesting a bias.

        The Register is unfortunately becoming rather like some newspapers one would only want to use as a chip wrapper, or worse.

        1. Tom 13

          Re: why all the Apple bashing.

          I didn't take the article as Apple bashing, more corporate PHB bashing.

          As for the comments, well you get that sort of backdraft when the first post is from a FANBOI who can't read.

    3. Terry 6 Silver badge

      Re: In other news

      ... only half of all iDevices are not corporate attack vectors...

      I think that's what you meant.

    4. Anonymous Coward
      Anonymous Coward

      Re: In other news

      Zonko Labs researcher Penelope Fishtail says one in two iPhones connected to corporate networks are running the latest versions of iOS. The excellent patch performance means half of all iDevices are not corporate attack vectors as they are running April's iOS version 8.3 or higher, and as a result are devoid of more that 100 vulnerabilities.

      That sort of reporting is not going to happen, I think. Ever.

  4. 45RPM

    Yup. That's me that is, right there. My preferred iPhone (I have two, for software testing) is maxed out at 7.1.2. I'd upgrade it to a newer iOS if I could - but I can't.

    I'm still not keen on my iPhone bendy - it's just too damned large for my tastes.

  5. Ed Mozley

    Some people might say

    You are as strong as your weakest link

  6. Terry 6 Silver badge

    Whoa there!

    "Android users keen to upgrade should check the XDA Developers forums to see if custom ROMs have been developed for their devices."

    We are talking about Android here, aren't we.

    The OS that sits in consumer tablets, phones and (shudder) watches.

    Which means used by ordinary folk. Not tecchies or El Reg commentards.

    People who barely even know they have an OS on their device. People who think Android is just a type of phone. People who would no more think of visiting a forum of any kind than they would of rebuilding their fridge.

    1. Anonymous Coward
      Anonymous Coward

      Re: Whoa there!

      People who think Android is just a type of phone.

      Exactly. These are same people that think the big blue 'e' is the internet.

      1. Julian 8

        Re: Whoa there!

        I watched the IT Crowd and I know the Internet is a box - Moss said so

      2. Richard Taylor 2 Silver badge

        Re: Whoa there!

        May I commend the last Tom Wrigglesworth account of technical support for his Dad - still available on iPlayer - http://www.bbc.co.uk/programmes/b03hwbrr#play -

      3. Tim99 Silver badge

        Re: Whoa there!

        Exactly. These are same people that think the big blue 'e' is the internet.

        Yes, the same people who know that the Internet was invented by Bill Gates...

        1. Terry 6 Silver badge

          Re: Whoa there!

          ...And the ones who call the computer "The email". As in, "The email isn't working" while staring at a BSOD/dead computer.

          Or call the monitor the computer and carefully turn it at leaving time and leave the actual PC logged in.

          Or.... well you've all been there.

        2. Tim99 Silver badge
          Facepalm

          Re: Whoa there!

          Yes, I am replying to myself.

          I wonder if my Downvoter is unaware of 'verbal irony' or even satire. Perhaps from the USA?

          I must remember the Joke Alert icon.

          Perhaps we can have a 'UK speaker Irony Warning' icon?

    2. Fred Flintstone Gold badge

      Re: Whoa there!

      The OS that sits in consumer tablets, phones and (shudder) watches.

      Which means used by ordinary folk. Not tecchies or El Reg commentards.

      People who barely even know they have an OS on their device. People who think Android is just a type of phone. People who would no more think of visiting a forum of any kind than they would of rebuilding their fridge.

      I don't think that's an Android exclusive or an iOS - that is the general state of the world. Granted, more and more people are becoming IT literate, but for most people fixing an IT problem still starts with attempting percussive maintenance.

  7. Velv Silver badge
    Facepalm

    Wow! Half of iPhones are not in a latest up to date fully patched state.

    I'm going to stick my neck out and suggested 99.9% of all devices connected to all the corporate networks in the world are in this state.

    Yes, it represents a potential attack vector. As does every other unmatched device. You've removed Adobe from your systems now, haven't you?

    1. sabroni Silver badge

      99.9% of all devices connected to all the corporate networks in the world are in this state.

      A lot of windows devices are attached and are in the latest up to date fully patched state (as long as you don't count Windows 10 as a patch, obv...). We're discussing OSs, not all the additional code on the devices.

      Not to mention the 50% of iDevices that are up to date.

  8. Terje

    I believe that this shows clearly that the lifetime of a phone (or tablet) is usually a lot longer then the software support is. I'm on a HTC One X and the last official release for it is 4.2.2 sure I'm contemplating upgrading it, but I'm hard pressed to find a compelling reason other then "new shiny" as it works perfectly well. I guess my situation is mirrored by quite a few users nowadays, it's not that you don't want to update it's that there's simply no updates to get, and I'm way to lazy to go looking for unofficial updates.

  9. david@stanaway.net

    If they would just add a SD slot for photos and media, then people with those tiny ass 16GB phones wouldn't be perpetually out of space all the time for doing over the air updates.

  10. Hellcat

    If it doesn't have a method of pushing security updates, then it needs to stay behind an internal or outside the external firewalls as a minimum of security.

  11. ntevanza

    A pox on both your subnets

    We do exactly this. BYO devices get to connect to a bad network that is treated as public by the good network. Bad devices are free to infect each other in an bacchanalian orgy of licentious filth, as is their wont. However, unfortunately, those bad devices accumulate (securely transmitted) sensitive data. Maybe it's encrypted, maybe it isn't. We can wipe them remotely, unless we can't. Seemed like a terrible idea at the time, and still does.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020