MAGA: Making Android Great Again?

August 30, 2019

My feeds were stuffed with references to Google’s announcement that Apple’s iPhone security sucks. Here’s a sampling of the headlines I spotted:

Google reveals years-long ‘indiscriminate’ iPhone hack. Most of the vulnerabilities targeted were found in the iPhone’s default Safari web browser. Source: The National

Google discovered ‘sustained attacks’ over at least two years against iPhone users. Source: Neowin.net

Google says hacked websites were attacking iPhones for years. Now-fixed exploits were used to install monitoring implants. Source: TechSpot

And there are more. The Guardian, Inquirer, PocketLint, MIT Technology Review, and others.

DarkCyber does not want to think negative thoughts about Google’s discovery. Apple addressed the issue promptly. On the plus side of the ledger, Google could have made the announcement after the US holiday weekend. Why now?

DarkCyber wants to point out that another article, this one about Google Chrome, offered this headline: “A major Google Chrome bug could let criminals attack your PC remotely.”

Not too much coverage of this item compared with the damning revelation that iPhones. Are. Insecure!

DarkCyber suggests that the information presented at CVE Details may be of interest. This site presents a possibly accurate list of Google Android security issues.

DarkCyber wants to point out:

  1. If a device is any place other than a Faraday cage, unplugged, and behind a security perimeter, that device may be vulnerable
  2. Mass market devices are compromisable because users have “interesting behaviors.” Curious about that to which DarkCyber refers? Check out this link.
  3. Hardened devices which are “black” are not popular because they are [a] expensive to produce and keep up to date, [b] more difficult to use than a consumer phone, [c] expensive, and [d] also vulnerable.

Security exposés capture headlines. Vendors of cyber security services and products make these types of revelations part of their standard operating procedure.

Capturing headlines informs bad actors that there are vulnerabilities to be discovered. “Hey, why not check out this method” publicity is an interesting approach. Is Google grandstanding?

Plus, Google may introduce its own MAGA hat. A “Make Android Great Again” chapeau could knock the famous Google flashing lapel pin off its top spot in the Google collectible hall of fame.

Stephen E Arnold, August 30, 2019

Comments

Got something to say?





  • Archives

  • Recent Posts

  • Meta