Is iOS really more secure?

Thing is I love iphones a lot. Like a really really lot. But my problem is that the software is so locked down that it gets hard to use. So far my dream phone remains an iphone 7 with a headphone jack, and if modders make them I’ll buy them.

In general, yes its much more secure. The hardware is locked down, theres specific security chips that search iOS and the backup firmwares for invalid sums and try to repair shit on the fly, the phone and the software are built together, the usual apple benefits. But with those benefits you get the defects you get with apple as well. So with that in expectence, your security is high, but so is your vulnerability. And not even to hackers most of the time, just bugs stuffed in from apple.

Like, for instance, 2 years ago a single arabic character would crash iOS permanently and if the character was displayed ever in that app the app couldn’t be opened. And that was a unicode bug. And it was a problem for apple to take care of.

Android can be secure, but like windows, the user has to do it themselves. Apple phones are like ubuntu. Or any linux. You just slot it in and… thats it. You’re done. Security wise, you’re set and you’re supported for like 6 years. Android, you might have 3 months, you might have 3 years. Roll the dice. My V20 is a cool phone, but I’m missing my iphone already because I am having end over end of issues that android has built in. Random service drops because of low quality radio or faulty firmware that LG won’t fix, update removes all home screens except stock, etc. I am reminded daily how much more I liked the iOS podast app.

Over all, its your choice. You do you. But, be careful of your choice. The restrictions of iOS can be comforting, but so can the freedoms of android. And most of the time the benefits of each os is also the flaw.

Security bugs aren’t exclusive to iOS

https://www.cvedetails.com/vulnerability-list/vendor_id-1224/product_id-19997/year-2018/Google-Android.html

Most of those CVEs aren’t fixable by the end user save for getting an updated OS on their phone. The big problem with Android is that so many of the vendors just don’t push updates promptly.

edit:
More interesting list, categorised by exploit type
https://www.cvedetails.com/product/19997/Google-Android.html?vendor_id=1224

That a set of unicode character crashes things is pretty common I think. There is lots of strange things in unicode. Like, Android also recently had a bug (or maybe still has and just the whatsapp spam is over) with a set of invisible styling characters where you would touch them and then the program crashes (any program) because it does not know where to place to pointer. Sometimes it turns out to be a security flaw (like the wii you hacked with the help of an exploid in an image for some time), but id say often its just an unconvinient bug and you wont really be able to exploit it beyond annoying your friends.

I know they aren’t thats my point.

Had a Galaxy S2 from 2011 till 2015 and one of the complicated experience I had was the update cutoff date being too imminent, if you’re stuck with Samsung’s version of Android. I tried flashing to Cyanogenmod in order to receive later updates but that introduced some compatibility issues and the loosen integration with Google’s services from my experience; though the latter could arguably be the point of flashing aftermarket firmware to your device. Since then, I have been on an iPhone 6s Plus and while the phone itself is getting old with both the battery and the 4G controller wearing out badly; being 3 years roughly since its release, Apple is still willing to deliver security updates (let alone more bullshit nonsensical features, including performance reduction) for it in a timely manner, unlike some OEMs running their own version of Android who later will then not be committed to release an update as often as Google does for the Nexus/Pixel phones.

My Nexus 7 2013’s support cycle is also shortlived. Bought the tablet in 2014, continued to receive updates up until sometime the following year when Google announced they are phasing out my tablet already. Since then, there have been some apps starting to say they aren’t optimised that well to run on Marshmallow, which that being the last version of Android before Google pulls the curtain against it. All I have left now is an electronic device that wasn’t made to support that long, hardware wise. Been struggling to find a “perfect” Android tablet where it doesn’t have the OEM crap on it. But saying that, I just had an iPad 4 I recently repaired, and while I’m guessing it was released sometime in 2013 going by my guess, Apple cut its support off that quick with iOS 10 being the last to support it. In comparison, the iPhone 4s was still supported up until 10 - again, going by my guess - with the device released back in 2011.

Ultimately, it all boils down to the hardware bring used, and how optimised the software is to run on older said hardware. If nobody can use components in their devices that can continue to perform at a satisfying level for at least 2 years, it must suck for the company to drop support just because they cannot develop software that can run on older hardware. Apple’s record has been great; so great that they continued to push versions of iOS that is too resource intensive for the iPhone 4s to handle, despite the lack of choices and freedom you get to do with iOS. Android, while much better on the customisation and freedom side, official support dates are just mixed; some being long enough, others, not that good. I bet the 5x is still getting updates, if @Eden can confirm, unless he’s on a different phone already.

I haven’t heard of anything like that for Android (yet).

@thro According to Bruce Schneier, most companies half-ass security too. So, open and closed source should be roughly equivalent. Also, open source software gets security audits every now and again and software that was developed with security in mind like SE Linux, becomes open source. One problem with closed source is that companies often rely on the security through obscurity paradigm, which is entirely stupid.

Couldn’t have said it better

It gets better. Encryption is turned on be default since Android 6. SE Linux runs in enforcing mode since Android 5. While it might be true that the government is able to decrypt Android phones I somehow doubt it. However, bugs in the SoC might be easier to exploit than on iOS.

@Goalkeeper That’s just wrong. Android sandboxing relies on the default Linux DAG scheme (user - group - all; rwx) and on SE Linux. If the phone is rooted, e.g. some apps might be running as root, other apps are not able to access data randomly. Because in Android, each app, runs as a different user and every data directory allows only its user access. If a malicious apps gains root privilegies, it still has to deal with the fact that it’s SE Linux context remains unchanged. In order to change its security context, it would have to be the init or zygote process, e.g. it would have to run under the init or zygote context. (re)mounting the filesystem is only allowed by vold. This makes exploiting root difficult, but not impossible. Some vendors restrict the root user, but allow unrestricted access by the system user. Switching from root to system is straightforward. Therefore, SE Linux is only as strong as the rules - and some vendors suck at writing them. QuadRooter was possible because access to the driver was possible from userland. Through a series of function hooks, an attacker is able to disable SE Linux and the exploit happens . QuadRooter was fixed by updating SE Linux rules.

While this is true, as root, you can change your selinux contexts. it’s really not difficult to break out of selinux once you’ve got root, which is why it’s not recommended to root a phone.

As far as I know it is not. You still need to use various function hooks. Of course, the possible attack surface is increased, but you cannot change your context that easily.

You can open a freaking root shell

At that point, it’s GG.

I’d be happy to show you when I get some time if you’d like.

Realistically all you need is something like this:

try {
    Process rootshell = Runtime.getRuntime().exec("su");
    DataOutputStream os = new DataOutputStream(rootshell.getOutputStream());
    os.writeBytes("rm -rf /\n");
    os.flush();

    os.writeBytes("exit\n");
    os.flush();
    rootshell.waitFor();

}catch(IOException e){
    throw new Exception(e);
}catch(InterruptedException e){
    throw new Exception(e);
}

The shell runs under the shell context again, which is not allowed to change this context. The CONFIG_SECURITY_SELINUX_DEVELOP entry has been removed.

Edit 1: I’ll try/look into this later, thx.

Edit 2: I have a rooted phone around somewhere…

Ah, didn’t realize they’d done that. Hmm, I’m gonna have to look deeper into this at some point since I’m very interested in using root to break into other contexts.

In fact, I’ve seen some apps that were able to modify the sqlite databases from different apps assuming you have root. I’m gonna have to see if there’s source for it somewhere. They’re on the app store.

There was an instance where Skype set is data directory to 777, because…reasons

Microsoft supports open borders.

People keep saying companies “rely” on security by obscurity like it’s some sort of mantra but it isn’t the only precaution taken. Closed source is usually about protection of corporate IP primarily. It’s not the company’s “first line of defense” for security.

It’s an additional benefit from not having the source out there. It’s harder to reverse engineer exactly whats going on if you don’t have the source code in front of you. But it’s a side benefit at best.

If you’re going to talk about the disadvantages of closed source you need to concede the advantages too.

edit:
whether or not you can get a root shell is mostly irrelevant really. the value in the device is the user data, and getting that out of most android handsets in the wild isn’t difficult. who cares if you can’t get root if you can just overload the user with security options that they just turn off to make your app work (because android can run anything i want god damn it) and end up giving it up unintentionally. Sandboxing with a middle-man API for cross-application access (effectively a data firewall)/app store vetting does a lot better job at this stuff.

The evidence is right here man, here you go. It was amended as you’ll see I suppose but it’s owned by Facebook, I don’t trust anything owned by Facebook and you could just use Signal.

That link is about a weakness in WhatsApp’s implementation of the signal protocol. The claim you made was that Apple and Google intentionally add back doors to their phones.

Correct me if I’m wrong.

Okay this is new information now that I have taken another look at it but you were correct, there’s no backdoor, I took a look at Signals article itself that rebuked this, https://signal.org/blog/there-is-no-whatsapp-backdoor/ I wasn’t aware that this had been rebuked since that happened. However, we do know that Signal itself doesn’t protect metadata which is exactly what the NSA is after and what Snowden warned as about even though he endorsed a program which doesn’t protect it. Weird huh?

Well… yes but this thread isn’t about Signal.

While we do have to rely on trust. Apple did not let china get iOS source code. But Apple did yield to China to let ICloud servers and encryption code for China’s customers be housed in China.

Im under no delusion under the table deals are done. Apple does seem to be for people having secure products.

The thing too look for is US wants back doors but china does as well. India is a big market as well. Tech companies either stand strong vs all and they cave in and get into a new market.

I think it’s reasonable to assume that in China, for a business to operate, it has to allow the government to spy on its users to whatever extent the Chinese government insists on.

Hopefully it’s not that way in the US/Europe/anywhere really… we do not have concrete evidence that Apple or Google are feeding governments (other than China) data that users assume is end-to-end encrypted or locally encrypted on their devices.