zlacker

[parent] [thread] 7 comments
1. throwa+(OP)[view] [source] 2025-08-26 06:19:39
Another instalment of HN thread where people try their best to pretend that "security" does not come with "enforced, ideally at hardware level, inability to run random code" for 99% of phone users.

Here a tip: you won't solve the problem of security by just whining about corporate interests (which is a real concern) and NOT proposing a better solution that works for an average tech illiterate, very socially engineerable person trained to ignore every warning screen. And no root switch is not that solution because it will be flipped on day 1.

replies(2): >>hoover+5K1 >>const_+5T1
2. hoover+5K1[view] [source] 2025-08-26 17:23:38
>>throwa+(OP)
I say let people shoot themselves in the foot if they want. That's the cost of a free society.
replies(1): >>throwa+4O1
◧◩
3. throwa+4O1[view] [source] [discussion] 2025-08-26 17:43:35
>>hoover+5K1
You expect random people like your baker next door to be security experts who can beat top notch hackers. It just doesn't work like that. Even you may not be as good as you think is required to protect yourself in the wild internets

Also many of them will be your family (if you have it). Maybe even those from whom you would have inherited something if only they were not hacked

4. const_+5T1[view] [source] 2025-08-26 18:08:31
>>throwa+(OP)
Nothing about this prevents random code running.

You still need an app with far too many permissions to pay for parking. All this does and funnel that through the play store.

Guess what - play store is infested with malware. In fact, most malware comes from the play store. This fixes nothing.

replies(1): >>throwa+Moa
◧◩
5. throwa+Moa[view] [source] [discussion] 2025-08-29 11:58:25
>>const_+5T1
There's so much less malware in the walled gardens compared to wild internet, it's crazy

There is still some

replies(1): >>const_+jRi
◧◩◪
6. const_+jRi[view] [source] [discussion] 2025-09-01 18:39:42
>>throwa+Moa
I don't think this is true, sorry. The reality is 99% of malware is going to target where people actually get software from.

Granny isn't rooting her phone and installing unsigned binaries.

replies(1): >>throwa+n1A
◧◩◪◨
7. throwa+n1A[view] [source] [discussion] 2025-09-07 19:27:19
>>const_+jRi
Yes, and 99% of it gets caught by walled gardens. That's why granny is fine on ios. She will get her data siphoned by shady apps but she will not install a backdoor from the app store. After google locks it down then maybe on android too.
replies(1): >>const_+xOO
◧◩◪◨⬒
8. const_+xOO[view] [source] [discussion] 2025-09-12 02:56:21
>>throwa+n1A
Granny can absolutely install a backdoor from the appstore, there's lots of backdoors on the app store. You can even install a backdoor just from the web browser, feel free to do some research into Pegasus.

But it doesn't even matter, because ultimately Granny can download the Apple Approved (tm) anydesk app and the hacker can remote control her phone. So.

The appstore is not secure, I don't know who lied to you and told you it is. You think Apple reads the code? Fuck no. They just ask the dev "is this secure?". The dev answers "yes", obviously, and that's the entire review process.

Meta was exfiltrating cookies from your browser to their app using an exploit in Safari. They could've taken your bank session and drained your accounts, if they wanted. Luckily they were very kind and only used their malware to sell you shit.

Facebook is a big app with lots of visibility. Now do the other 100,000 apps on the app store.

[go to top]