Accountability, Not Code Quality, Makes iOS Safer Than Android 210
chicksdaddy writes "Threatpost is reporting on a new study of mobile malware that finds accountability, not superior technology, has kept Apple's iOS ecosystem free of viruses, even as the competing Android platform strains under the weight of repeated malicious code outbreaks. Dan Guido of the firm Trail of Bits and Michael Arpaia of iSEC Partners told attendees at the SOURCE Boston Conference on Thursday about an empirical analysis of existing malicious programs for the Android and iOS platforms which shows that Google is losing the mobile security contest badly — every piece of malicious code the two identified was for the company's Android OS, while Apple's iOS remained free of malware, despite owning 30% of the mobile smartphone market in the U.S. Apple's special sauce? Policies that demand accountability from iOS developers, and stricter controls on what applications can do once they are installed on Apple devices."
You have to be kidding (Score:3, Insightful)
Since when is the iOS more secure? The latest Android has a very stable code and a solid permission system that allows the user to set exactly what an app can or can't do. This in contrast to an OS that can be rooted by a fucking website.
Re: (Score:3, Insightful)
This article is pure FUD. Plain and simple.
Malware, by its very definition [us-cert.gov] is:
Android requires that you give consent, since it tells you what permissions the application needs prior to installing it. So by very definition, these data leakages on Android are not malware. The user said it was ok for that application to
Re:You have to be kidding (Score:5, Insightful)
This article is pure FUD. Plain and simple.
Can't imagine that a company called "iSEC" would be biased on this matter.
Re: (Score:3)
iLOL, what makes you think so :p
Re:You have to be kidding (Score:5, Insightful)
There's a number of things you're missing. Most importantly: practically everyone would consider trojan horses to be malware, or at least an important security issue. Just because the user checked a box somewhere doesn't mean that trojans don't count.
Beyond that, trojan horses are due to their very nature less useful in an environment where accountability is higher. This is definitely the case with Apple/iOS, and has lead to a large number of false positives and censorship by Apple, both of which have been discussed at length here on slashdot.
Thirdly, unlike Android, I haven't seen any major and widely-reported breaches of apple devices, despite widely-available jailbreaking tools. This surprises me quite a bit. According to the iPhone users I've asked about this they claim that the cause is that most jailbreaks these days work through a physical connection (ie. with a computer).
Android may be more secure in capable hands, but the average user is safer in an environment where available software is code-signed and strictly supervised, either by a single entity such as Apple's iOS market or by the community such as the debian repositories.
Re:You have to be kidding (Score:4, Insightful)
What about the Path app. [arstechnica.com] It would steal your address book and private photos. It's recent and very high profile. That's not malware?
I find it very suspicous that their "empirical analysis" didn't uncover a single bit of "malware" on iOS. Mod article Troll.
Re:You have to be kidding (Score:5, Interesting)
The Path app is not malware. It's still on sale on the App Store, and has 5 times as many five star ratings as any other rating, and litterally zero one star ratings. (the possible ratings run from one to five stars).
Email addresses were uploaded simply to facilitate a find-my-friends feature of social networking.
It was a naive implementation, because the same functionality could be achieved simply by uploading hashes of the email addresses. And it was wrong that in earlier versions it didn't explicitly ask the users permission to upload those email addresses.
But there's no evidence of malign behaviour. Only behaviour intended to implement the advertised features.Therefore it's not malign software; it's not malware.
Re:You have to be kidding (Score:4, Informative)
You're showing your ignorance again. Apple did care about it, and that's what got the rule about asking for user permission before uploading contact details came from. A rule which Path now adheres to, which is why it's still in the App Store.
Re:You have to be kidding (Score:5, Insightful)
Sure, but if the user is asked for every app whether to share data, the act of sharing data then becomes a standard part of the install. Very technically aware users will make use of this, but for most users it's effectively worthless: it's just another mind-numbingly annoying button you click for the app to run, like EULAs almost no one reads. (Just to be clear, I'm not really arguing about Android vs. iOS, I'm just pointing out the generally low value of relying on users giving consent for an install.)
Re: (Score:3)
So basically the only way would be protecting users from themselves?
Do you see where that'd be going?
Re: (Score:2)
Well, in country politics terms it'd be more like Sweden, and less like Columbia.
Re: (Score:3)
Android requires that you give consent, since it tells you what permissions the application needs prior to installing it. So by very definition, these data leakages on Android are not malware. The user said it was ok for that application to collect that data.
Does that mean that there can never be malware on an operating system like Windows which (AFAIK) doesn't have a mechanism for the user to "say that it's ok for an application to collect that data"?
Re: (Score:2)
Re: (Score:2)
Android requires that you give consent, since it tells you what permissions the application needs prior to installing it. So by very definition, these data leakages on Android are not malware. The user said it was ok for that application to collect that data.
If all users factor out the apps that require these kinds of permissions, how does the set of Android apps compare to the set of iPhone apps?
Re: (Score:3)
Android requires that you give consent, since it tells you what permissions the application needs prior to installing it. So by very definition, these data leakages on Android are not malware.
Do you really think that a significant number of users actually read what permissions they are giving to applications? The problem is that most users are not to be trusted!
Re: (Score:3)
So it depends on your definition of the word "is"?
Gotcha.
Re: (Score:2)
Android requires that you give consent, since it tells you what permissions the application needs prior to installing it.
It's the wrong time to ask, and the information to make the decision isn't complete enough. For example, these days huge numbers of apps have social components, so permission to access the contacts list is not a warning sign. And at install time the user may only have a hazy idea of the features of the app anyway.
If you're going to have a permission based system, the request for permission should come at the point in time when the restricted resource is about to be used, and should come with an explanation
Re: (Score:3, Insightful)
and what percentage of phones out there have the latest Android release? My Galaxy S2 is still waiting...
Re:You have to be kidding (Score:4, Informative)
Re: (Score:2)
What about security updates, are they also delayed for months (or never shipped?) to most Android phones?
Re: (Score:3)
Good question. My Droid won't even run the latest release, and I have no idea how good they are about security updates for out of date releases.
Re: (Score:2, Insightful)
Could you post the link, please? Seriously. I have an iPhone 3GS which I want to jailbreak to use with another phone carrier, but it has been updated to ios 5.1 and nothing I find (whited00r, redsn0w, tinyumbrella etc) seems to work. The most I've been able to is make the phone boot with a non-working 3G/Wifi radio, which defeats the device being a mobile. Fucking Apple support doesn't want to make it free, and my old operator says it has been freed (my ass).
Please, post the link, it would have saved me a w
Re: (Score:2)
That didn't stop them from comparing it to the latest version of Android, though...
Re:You have to be kidding (Score:5, Informative)
Since when is the iOS more secure? The latest Android has a very stable code and a solid permission system that allows the user to set exactly what an app can or can't do.
The reason there are fewer iOS malware infections has to do with something totally separate from security of the device.
There is a 'more efficient' distribution channel for Android platform malware.
Developing for the Apple platform requires a security certificate from Apple to sign applications, paying money to apple, signing a contract, and approval from Apple and review to be listed on the pap store, which makes the app store a less efficient means of distributing malware than the Android marketplace.
An operating system can be extremely insecure, but if there is no useful distribution channel, or no network connection, it is not likely to be infected.
Re:You have to be kidding (Score:5, Interesting)
I don't think that is the reason that we hear more about Android malware, although it may be a factor. The barrier to entry of becoming an iOS developer is: buy a Mac (Intel Mac Mini will do), pay $99, sign up on web site. The barrier to entry of becoming an Android developer is: buy a PC (any will do), pay $25, sign up on web site. You could argue that the cost of a Mac Mini is prohibitive, or that hackers are less likely to own a Mac and begin hacking around on iOS in the first place, but for serious malware authors these are not significant barriers.
The real reasons that we hear more about Android malware:
1. Android users can enable installs of apps from non-official markets and random web sites. Many of the reported malware apps come from these kind of sites. But users have to explicitly do this, no phone ships with random web sites enabled as app stores. These same users, having enabled random app sources, then presumably don't bother to check the permissions that the app they install requests.
2. Android allows apps to send premium rate SMS messages and calls without an explicit popup. I personally think Google should probably kill this ability, but then I never call premium rate numbers. Blocking premium rate texts would kill the profit incentive for most malware. If this were an explicit, in your face, permission or setting (like the big warning for data roaming in settings!), then we wouldn't have seen any premium SMS fraud malware.
3. Apple marketing is happy for the media to push the "no iOS malware" angle in the same way that they did successfully with "no OS X viruses". It isn't strictly true, but people believe it anyway, and there is a huge class of users who are willing to pay more for the belief that there will be fewer problems in future. Malware that affects a few thousand people really isn't important in the big scheme of things, but it is something that marketing can use to try and differentiate iPhones in the eye of the consumer from very similar and equally capable Android phones.
4. Apple fans are pushing the "Android is full of malware" meme extensively, even though very few Android users have actually been affected. Is malware an issue that should be dealt with? Yes, but these same Apple fans who argue that Android is "straining under the weight of malware" after a few thousand users have been infected, are also the ones who claim that half a million infected Apple desktops is no big deal.
History has shown that a monoculture is actually more vulnerable to attack. There were some very skilled virus writers back in the 80s who innovated with polymorphic, anti-virus proof code, hidden boot sector infections etc. For whatever reasons, these kinds of hackers moved on to other projects, and what we see now in the virus/malware sector is mainly an industry driven by financial profit motive. iOS has had root exploits, and getting an app on the iPhone app store isn't that hard. Maybe they scan code and do some static analysis to try and spot dodgy functions, but at least one person has gotten malware into the iPhone app store, so it is certainly possible. I really do think that the only reason this hasn't been done is due to the explicit permission that the iPhone requires to send a premium rate SMS. If people ever start doing widespread banking on the Android/iPhone, or Android/iPhone malware ever becomes a populist hobby again (like viruses of the 80s), then I'm sure there will be more. An X-Prize, designed to stimulate malware production on either platform, would almost certainly produce results.
Re:You have to be kidding (Score:5, Interesting)
Re: (Score:3)
You would have a point in the case of a killer app, or an only app. In the case of the SSH app, simply pick one of 20 other SSH apps in the market place. Typically for most things you want to do on your mobile there is ample choice available.
The only time this breaks down is when you're forced to use an app for a specific purpose due to popularity. If for instance Draw Something suddenly needed a stupidly unrealistic set of permissions then you'd have something there, but the app would likely drop in rating
Re:You have to be kidding (Score:4, Interesting)
.NET gets this right, as it happens - the administrator can grant or deny permissions on a fine-grained level, on a per-app or per publisher basis. The downside to that, though, is that if your app isn't well written, the permissions exception will kill it, which is a big no-no on a phone.
You can do automatic static analysis to determine which APIs the app calls, which provides a list of permissions it might request, but doing analysis to check that it copes with permission denied exceptions is much harder, so you can understand their choice.
What really sticks in my craw is that despite doing this static analysis, and providing this information on the Android market, you can't filter the listings based on the permissions that an app requests.
Anecdote : my wife wanted a bible reader app. I couldn't find a single one, paid or free, that didn't want what I considered an unnecessary level of permissions for something that is essentially an offline eBook reader. What the hell does a bible app need SMS, or contact list access for? In the end, she just installed the one she liked the look of the most, even though I couldn't say I approved of any of them. And I'm sure most people won't even consider it, and click through.
Re:You have to be kidding (Score:5, Informative)
Since when is the iOS more secure? ...an OS that can be rooted by a fucking website.
If that is your measure, the answer to the question you pose is July 15th 2011. That was when the last version of iOS that could be rooted via a website was replaced.
4.3.3 could be jailbroken via website, 4.3.4 would not.
5.x has been out since Oct 2011.
Personally I'd say a better measure is the amount of malware. And on that measure, Android has always been many times worse than iOS.
Re:You have to be kidding (Score:5, Insightful)
I like Android, but what has kept me away from it is that I have not found an Android phone that consistently gets new updates after they are released for a long period of time. Sure, Apple makes mistakes like this but the important thing is that they shipped an update and basically all affected phones got it even if they were a couple of years old.
Let's say that the same thing happened to Android. How large percentage of Android phones would even get the update at all?
Re:You have to be kidding (Score:4, Interesting)
Get a Nexus phone? They tend to get extensive updates, and once your warranty's up/official support dries up, you're guaranteed to be able to flash to Cyanogenmod or any other distribution you can think of thanks to unlocked bootloaders and the inherent popularity of the device.
For anyone remotely tech savvy, it's the logical choice.
Re: (Score:2)
Flashing is a activity that is not to be done. It is a sympthom of a manifacturer and carrier leaving its users to the wolves, instead of doing a proper job.
Re: (Score:3)
First off, I want to say that I own a Nexus One and really like my Android phone. I have no intention of going iPhone. I get to hands-on with iPhones all the time and I still like Android better. I both iPhone and Android to everyone, they are both awesome compared to old stupid phones and Blackdeathberry.
That being said, the truth is that Apple does a much better job at releasing updates and supporting older phones than ANY Android phone manufacture out there.
Obviously, Apple has a much much easier time
Re:You have to be kidding (Score:5, Informative)
Afaik most Android malware is not from the Play Store, but from third-party Android stores.
And besides Play Store does have accountability: every developer has to register, and pay a small one-off registration fee as form of identification.
Re:You have to be kidding (Score:4, Informative)
And besides Play Store does have accountability: every developer has to register, and pay a small one-off registration fee as form of identification.
But as the article points out, Apple requires verification of a developer's identity, and Google does not, so a malware author who gets banned from Play can just sign up under a new identity.
Plus:
Beyond that, Guido said that Apple's iOS ecosystem has put controls in place that squeeze malware authors in other ways. An automated and manual application vetting system includes static analysis of compiled binaries that make it very difficult for developers to merely repackage malicious or legitimate applications for sale on the AppStore. That prevents infections of Trojaned applications like the DroidDream malware, which frequently popped up on Google's Android Market.
Re:You have to be kidding (Score:4, Informative)
the exploit you're talking about existed for 1 or 2 minor version numbers, and can no longer be exploited (including by the device owner) due to the OS version(s) no longer being installable without jumping through some hoops (apple's server no longer signs off on the installation). It was a bug in the PDF renderer for safari, for anyone wondering.
Rooting iOS devices remains a hunt for exploits in every version release, and no one's ever sure if and when the next version's exploit will be released. Many 4S/iPad users on iOSv5.1 are have been stuck using a jailed, but perfectly secure device for months now, with no guarantee that the jailbreak will come anytime soon.
Each version makes iOS more and more secure, and there's no guarantee Apple won't eventually release a perfectly secure, jailed OS, and I hope at that point this OS dies off, but that may be asking too much.
Re: (Score:3)
Since when is the iOS more secure?
Headline says "safer", not "more secure". Safer != more secure. A Windows 95 machine that is not connected to the internet is safer than a Linux web server, but it's certainly not more secure.
BTW, most Android devices have Flash. If Flash isn't current (and even if it it), it's likely your device can be rooted by a website. I haven't heard about targeted attacks on Flash for Android, but Flash for Android has most of the same vulnerabilities as Flash on the desktop.
Re: (Score:2)
Since when is the iOS more secure? The latest Android has a very stable code and a solid permission system that allows the user to set exactly what an app can or can't do. This in contrast to an OS that can be rooted by a fucking website.
None of that matters as long as that version of android doesn't exist on any Android phone sold.
Re: (Score:2)
The latest Android has a very stable code and a solid permission system that allows the user to set exactly what an app can or can't do.
Therein lies your problem....the user. Oh and it doesn't hurt that a large portion of the marketplace is crawling with malware. Google does not do a good enough job of policing the apps and end users can't be relied on to secure their machine.
Re:You have to be kidding (Score:5, Insightful)
I'm not sure why this was modded insightful, let alone +5 since if you read TFA you'd know that they weren't saying that iOS is more secure, only that there are virtually no delivery mechanism for malware because of Apple's app store policies of requiring real world identification of an app author to publish apps in the app store. That and iOS apps are more restricted in what they can do over Android apps.
That's the problem when articles like this hit Slashdot. Rabid fanboys (Apple and Google) start posted without even reading the article. The same thing with modders.
Re:You have to be kidding (Score:5, Insightful)
Wow! What a fair and unbiased comparison! A year old iOS version that anyone with an at least 3 year old iPhone could and should have upgraded from, versus the latest Android version that most people can't upgrade to! Rated Insightful, of course, because there's a lot of circle jerk insight in that nonsense of a post!
This is not even to mention that the article has nothing to do with the security of the platform itself but rather its exposure to malware, but hell, let us make it about security and debate the merits of each platform, shall we?
I find it interesting how ignorant some Android fanboys are regarding iOS' sandbox, which is extremely restrictive and does not, by design, allow apps to do anything too fishy even if all permissions are granted. At most an app may be able to pull up your contacts without your permission or access call information, but not much beyond that without the user being notified unless they pierce through the sandbox. An app can't keep itself running in the background for longer than 10 minutes (unless specific profiles that permit so are chosen and approved by Apple for each app), run any kind of code not present during the approval process (meaning it's not OK to download code unless it's an in-app purchase, which may be free, and this includes interpreting code other than HTML and Javascript on Safari, which is why emulators are not permitted), launch or interact directly with other applications unless they register themselves as resource handlers (even running a secondary executable within your own application will result in iOS completely obliterating it without even bothering to inform any attached debuggers of what happened).
In essence, the article hits the spot by claiming that it is the screening process and its walled gardens that keep the nastiness away. It's simply not worth developing malware for iOS, you don't have much to gain by doing it, either you pierce through the sandbox and your app will be rejected (with potential consequences to your developer and / or publisher certificates) or you can be easily detected by any user. There are exceptions, of course, but compared to Android, they are very few in number.
Re: (Score:3)
Not to mention Apple has a huge cert process for their iOS store, versus basically anyone being able to code and upload to the Android markets. They do some minor "known problem" screening, but largely it is up to the user to determine what they allow the software to do on their device.
That said, it is the fact that people who are too lacking in knowledge(stupid seems a bit harsh) who use Android are at a greater risk than if they use an iOS device, because Android actually allows you to control your device
what counts as malware.. (Score:5, Insightful)
..and how would they detect it on the ios? they just said that there is _zero_ malware, yet there's plenty of ios games/apps which leak all your contact info?(as is there for android).
(and the accountability part is that it takes a little more checks to get yourself identified as a publisher for itunes appstore.. however.. it doesn't take that much, there is and has been plenty of unauthorized distribution of asian comics etc there)
I haven't identified any iOS malware either, but that could be because I haven't looked for any(just not my field).
Re:what counts as malware.. (Score:5, Informative)
Malware has been accepted in the Apple App Store, TFA is bullshit.
Re:what counts as malware.. (Score:5, Funny)
No, no, no. Totally wrong. If it's reviewed and accepted for listing in the App Store, then it's not malware. So the App Store is by definition 100% malware free. QED.
Re:what counts as malware.. (Score:4, Insightful)
As a tul of thumb:
Uploading your contact data for the purposes of expected social connections within the app is not malware. It's not the way it should be done, and poses a security risk if the server is compromised. But there is no mal-intent there. Nevertheless such practice is now explicitly banned without asking the users permission via a dialog at the time.
Uploading your contact details to a server for the purposes of mailing lists, tracking outside of the intended application domain would be malware.
The former is what was flagged up for iOS.
Android meanwhile suffers from both, and much, much worse, such as malware sending premium rate SMSs, thus potentially causing users severe financial losses.
Re:what counts as malware.. (Score:5, Insightful)
..and how would they detect it on the ios?
Good point. The security researchers who identified some of the Android malware visited third party Android app stores and downloaded all of the apps so that they could build up a huge app corpus, which they could then scan (static analysis) for malware suggestive signatures. They stated that they couldn't do the same with the iPhone because Apple prohibits mass downloading of iPhone apps in order to build an iPhone app corpus. So the only people who can look for malware across the whole range of iPhone apps is Apple, and it seems unlikely that they would announce if they found any malware, when they can instead just silently remove it from the app store.
Freedom has it's risks (Score:5, Insightful)
Guess what?! Freedom comes with risks! I don't make any decision until I weigh the pros and cons and do a bit of research, and yes, this includes any and all apps I may want to use.
Re: (Score:2, Insightful)
Freedom has little risks compared to looking to be "taken care of".
Re:Freedom has it's risks (Score:5, Insightful)
And that is why the Android model is flawed. Not fatally mind you, but flawed nonetheless.
You can't expect people to have to audit every bit of software that they install on their smartphone. In fact, it ought to be reasonable for users to expect software they download off the official repositories (App Store, Market) to be malware free.
And yes freedom comes with risks. But freedom also allows users to choose a phone that doesn't require them to expend more effort than necessary to be able to do what they require. Don't forget, a smartphone is a luxury, not a necessity.
Re: (Score:3)
> to choose a phone that doesn't require them to expend more effort than necessary to be able to do what they require
Am reading this the day after having to perform a forced itunes upgrade (no not on my boxes of course)
Re: (Score:2, Insightful)
You CHOSE to upgrade your iPhones to the latest iOS version, that iOS version wasn't supported by the version of iTunes you had on your computer, so you CHOSE to upgrade iTunes too.
The fact that one software product is only compatible with certain version numbers of another software product doesn't make for a forced upgrade.
Re: (Score:3)
No. He was forced to upgrade his software and devices because of the restrictive nature of Apple products. Being told that you can either upgrade or lose access to your personal property is not a "choice", it's coercion.
There are tons of Android phones which can't (Score:2)
upgrade to ICS--I suppose that is coercion?
Comment removed (Score:5, Insightful)
Re:Freedom has it's risks (Score:5, Insightful)
Certainly, but even when setting aside that people ignore this all too easily because they simply want the shiny, your examples are obvious.
What if a chat app wants access to the internet, your contacts, and your phone?
Well the internet makes sense - can't very well expect an app that is intended for chatting to not have that connectivity.
Contacts also makes sense because in combination with the phone, it allows the app to send a text message if you have no internet connectivity or simply choose to use SMS instead of its internet-based chat functionality.
So you install the app, and the app sends all your text for datamining to China, all of your contacts to some company in Bulgaria, and sends a bunch of texts to expensive SMS service numbers.
Oh, and it also lets you chat with people, so as far as you know, it's doing exactly as advertised.
This is no different on any other platform, of course. It may have been different in the early days of the iPhone, but I rather doubt that they still check each and every app before making them available and instead rely on exactly what the article says.. accountability.. you only get away with malware once unless you also manage to fool Apple into allowing you a new account. But to the end-user(s), the damage is already done anyway.
Re: (Score:2)
So what you are advocating really is extensive government meddling in the app stores.
Either that you you don't fully understand what sort of government oversight occurs within our food and water supply.
Re: (Score:2)
Don't forget, a smartphone is a luxury, not a necessity.
This may change over the next few years, if efforts to turn smart phones into payment devices gain enough traction. You might find yourself in a store that is not equipped to handle transactions by any means other than smart phones (or paper money, but for something items paper money is a bit impractical -- do you really want to hand someone a wad of $20 bills when you buy a new matress?).
Re: (Score:2, Insightful)
Guess what?! Freedom comes with risks! I don't make any decision until I weigh the pros and cons and do a bit of research, and yes, this includes any and all apps I may want to use.
That's a pretty high cost. A bit like living in a ghetto, and having to consider your personal safety every time you go out, versus living in a nice, safe, pleasant community.
Re: (Score:2)
And that's why only a fool would buy a gun that might blow up every 10th round fired.
Enjoy your free STDs.
Stats among rooted or jailbroken phones? (Score:2)
Would the ability to run unapproved software make the infection rates in both of these subgroups near equal? I wonder how many out of all android device are rooted, and how many out of all ios devices are jailbroken. If a higher ratio of droid phones are rooted, with all else equal, then that could also push up the infection rates.
Re: (Score:2)
Ah sorry I didn't rtfa. They focused on the availability of malware within each marketplace, which is another good measurement, though totally different from what I was thinking. Post rescinded.
Is this Covert Advertising for Apple's Ecosystem? (Score:5, Informative)
Re: (Score:3, Insightful)
Call it whatever you want, but we just got the first major malware outbreak in OS X recently after so many years. On the iPhone that is unheard of. Much as in the Windows world and the much hated Vista security system that kept asking you, do you want to do this, or allow that?, that security model is fail since regular users will start saying yes to everything and then end up with a problem. Call Apple what it is, an overpriced hardware/software company that likes to keep the lid closed, but as far as thei
Re: (Score:2)
And another big difference: Windows/OS-X malware are usually worms that spread themselves over the network (including drive-by downloads). I haven't heard of any such malware with Android or iOS, instead it was always linked to a certain app that contained some "extra functionality".
Re:Is this Covert Advertising for Apple's Ecosyste (Score:4, Interesting)
I've told people for several years that Apple, Windows, and Linux are for totally different philosophies. Apple seems to be more for the creative content producers, that don't really want to know how the computer works, or play with it, they just want to focus on whatever it is that they want to do. They may pay a premium, and have a severely limited selection, but they are getting what they want. Windows seems to appeal to the largest percentage of the consumer market and industry. It's got everything under the sun available for it, and is fairly well locked down, but with some work you can dig into it and do some limited customizing.
You didn't think I was going to leave out Linux/Android, did you? My personal favorites, but I don't recommend them for everyone. They seem to appeal to the tinkerers and hackers, not afraid to get their fingers burned or let the magic smoke out. Linux does run most of the Internet though, and most smartphones, and a lot of tablets now, and Google and Yahoo! and Ebay, and 9 out of 10 financial institutions, and is embedded in most home routers and god-knows-what-all. Just not most desktops.
Re:Is this Covert Advertising for Apple's Ecosyste (Score:4, Funny)
Funny. Everybody I know of who runs Windows can be slotted in one of two categories:
-Runs the computer with a modicum of common sense. Doesn't click "free cat wallpaper" links on ihaxyou.com. Lets Windows run its updates.
-Does everything in his/her power to wreck the computer.
The few that are in the second category deserve to be hacked, really. It's like complaining that your car sucks because you didn't do your oil change for five years and used summer tires in winter.
Not a complete shock (Score:3)
Time is precious (Score:2, Funny)
the competing Android platform strains under the wait of repeated malicious code outbreaks
Yeah, it's the waiting that I can't stand.
Apple Fanboi article (Score:2)
Re:Apple Fanboi article (Score:4, Insightful)
I would not be so quick to label it Apple Fanboy.
FTA: "despite accounting for <strike>more than 40%</strike> 30% of the same market."
Seems like a jab at falling market share. I think the real motivation behind the article is inflammatory statements to get views.
Begging the question (Score:2)
Thursday about an empirical analysis of existing malicious programs for the Android and iOS platforms shows that Google is losing the mobile security contest badly — every piece of malicious code the two identified was for the company's Android OS, while Apple's iOS remained free of malware,.
Wait, what?
An empirical analysis of existing malicious iOS and Android programs (which the article claims do not exist for iOS) shows that no malicious apps exist for iOS.
Begging the question much?
A price I'm willing to pay? (Score:2)
Re: (Score:3)
Re: (Score:2)
Expandable storage isn't going to hurt apple's bottom line one bit. I mean, apple already sells an sd card and USB host socket for the iPad. Not only that but Dropbox and other cloud storage APIs can be used across the system. That's not the problem. The problem is data presentation.
waiting for a clue (Score:5, Funny)
From TFA: "the competing Android platform strains under the weight of repeated malicious code outbreaks"
It takes a determined idiot to make a spelling mistake when copying and pasting from a website.
Re: (Score:2, Informative)
'Cept that if you read the comments in TFA, the original article had "wait" in it and was corrected.
Re:waiting 4 clue: Better causes (Score:2)
> "under the wait of repeated malicious"
> "under the weight of repeated malicious "
>
> "It takes a determined idiot to make a spelling mistake when copying and pasting from a website."
No, All it takes is someone using a Speech Recognition (SR) system.
"wait" and "weight" are pronounced exactly the same way and so identifying the actual word intended by the speaker is harder for the software. The software converts speech to text so quickly these days that most people cant keep up with it and hence
This just in (Score:5, Insightful)
Crushing authoritarianism leads to lower crime, worth the misery? Film at 11.
Re:This just in (Score:4, Informative)
Re: (Score:2)
That's pretty authoritarian for a "libertarian" platform.
Re: (Score:3)
Reality check: it's a phone, not your life.
Rampant Fanboyism (Score:4, Informative)
Wow... the last time I saw such rampant fanboyism is when I badmouthed the original iPad here on Slashdot on the day of release. Of course, every one of my comments was completely on the mark... and this from someone who still has an original iPad that gets used when I take business trips and almost no other time in my life. But I digress.
Seriously? I had to do a doubletake when I read the summary, and had to take a few more when I read the article. I have run an Android phone for over a year now and I am seriously happy with it. It's not failing under the "crushing weight of viruses" any more than my aging but still useful iPhone 3GS is (I use it as an iPod because I bought into the iTunes ecosystem years ago and it happens to integrate beautifully with my car). I install apps on both depending on my utilization and needs, and neither has been unduly burdened with malware. Of course, my Android phone actually tells me what an application wants to do while I install it, thus providing the knowledgeable user some modicum of security. And yes, every app I install I read those and make a decision whether the app is asking for appropriate rights or not. And yes, I've refused some apps because of it. Of course, I AM a knowledgeable user and that kind of security doesn't help Joe Schmoe with his free smartphone with a 2 year contract and no lube... but one of the central tenets of security is that people are the weakest link in any security chain and that will never change.
So far I've found my only complaint with Android is that it fails under the crushing weight of battery technology that can't cash the check the manufacturers of the device wrote. But at least with Android I can have a second battery hanging around that I can swap in at any time... can't do that with an iPhone unless you're a really determined hardware hacker. Yes, I can improve it slightly by turning off all my antennae but then I am running a dumb phone with games on it... I have a smartphone so it can be connected anywhere at any time. Of course, many of the apps I install probably don't help... but that's a choice I make. Because the charging port is completely standard I just took my charger and left it at work; I use my Kindle's charger at home to keep my phone charged at night because really... how often do I need my Kindle?
As a past and current iOS user (sometimes), AND an Android user I find the article FUD. Actually, can I mod it trollbait?
special sauce? (Score:2)
Really? That number in that question? Do you think malware takes the US market share into consideration? Don't you think the global market share would be the only relevant number if citing share percentage numbers related to global malware proliferation? Or malware is only written and distribute themselves in the US? If so tell us, so we can disconnect the rest of the world, just to be on the safe si
a better method (Score:3)
Here's a much better method for optimising security on your smartphone or tablet:
DON'T INSTALL WORTHLESS SHIT
Apple's App Store and Google's Marketplace make Sturgeon's Law seem like hopelessly naive pollyanna-ish optimism. They each may have a few hundred thousand apps, but less than one in ten thousand or so are worth even looking at, let alone installing.
Re: (Score:2, Informative)
Don't you remember being a lil kid? Anything you want to do is safe as long as you have someone to blame.
Accountablility=safety.
Oh a security breach! It's Norms fault, Fire him!
Problem solved, you're all safe now that Norm isn't coding for us anymore.
For Security, just think different.
Re:But the Apple factor? (Score:5, Insightful)
Being accountable does help keeping people honest. Knowing you will get away with taking a fistful of dollars from the cash register versus knowing that the management will realise that there is money missing from your cash register makes a big difference.
Security is all about layers. Accountability is just one of them, and it is an important one.
Re: (Score:3, Insightful)
Re: (Score:3)
I'm sure there will be plenty of hair splitting by the apple afficionado's but just about every app I load, whether ios or android, all wants access to data they dont need and many transfer stuff like my name, phone number and who knows what else. I've had quite a few that broke my device or gave it some real problems, again on both platforms. I call that malware. It steals my stuff (although I agree to the theft because if I didnt, I'd have no apps) and often eats my battery life or gives me operational
Re: (Score:2)
Well , I'm certainly not going to pay for it.
Re:"has kept Apple's iOS ecosystem free of viruses (Score:4, Informative)
Flashback is a trojan, not a virus. And it only affects OS X, not iOS. If someone knows of an actual virus for iOS (and for OS X too by the way) I'm very interested to know about it.
Re: (Score:2)
No I just wanted to clarify it since there is a huge difference between a trojan and a virus.
Re:"has kept Apple's iOS ecosystem free of viruses (Score:5, Informative)
That is a distinction that the study apparently did not make, because it talks about "malicious code" rather than viruses. In fact, most of the malicious apps that one hears about are spyware or trojans rather than viruses.
Re: (Score:2)
My thought exactly... it is not necessarily because a platform is currently less plagued that it is more secure and I won't be splitting hairs w/ you... part of the reason is I am not really sure how I would go about splitting hairs anyway :p
Re:iOS programmers are superior (Score:5, Funny)
Telepathy= Salt flats
C.B. Radio= Nascar
Twitter= lemmings jogging
Re: (Score:2)
Re: (Score:2)
Flashback targets Java for OS X, not iOS.
Re: (Score:2)
Some Mac users are stuck up and bought into the cult. I am a Mac user, but I'm also an Android smartphone user. I have had iOS devices and my iPhone 3GS still does sterling duty as a portable music box mostly used in my car.
I like the Mac because it's UNIX. I like the Mac because my 13" Macbook Pro is one of the nicest designed and manufactured laptops I've used in the last few years. I like the Mac because most of the time the OS gets the hell out of my way and lets me get my work done. For two years I tri
Re: (Score:2)
I bet there are people who have read this and wish there was an interesting (-1) mod!
Re: (Score:2)
And I doubt that the security advantage will keep after all. Give it a bit more time and iOS will be just as virus plagued as Android is.
Why would more time matter? For OS X, sure it is slowly gaining market share and becoming a more and more attractive target. For iOS though, it has dominated as the biggest single target for a long time.
I highy doubt iOS is fundamentally more secure than Android...
The article makes no such claim. Rather, it claims the difference is the ecosystem in which each is released. The claim is not that iOS is more secure, but that the distribution model locked to the Apple store and the accountability of people submitting to the iTunes App store is the determining factor. It'