Security through… low userbase. There are how many different android brands, models? And how many of them share the same vulnerabilities? Is that data available or would be be too time-consuming to compile?
My point is, I highly doubt a malware developer will target specific bits of hardware that may or may not still be in use. I just don’t see it being worth someone’s time hoping they will find a device that is compatible with their malware.
I just think this is an over-reaction, and not remotely as serious as it may seem. Sure you COULD get some malware due to some hardware vulnerability that hasn’t been patched, but what are the odds?
You may say that is not wise to bet on the odds at all, but if it means keeping a device for five extra years and risk getting malware vs upgrading every five years, I’ll keep the device.
I’ll just back up all my pictures and messages and wipe the device and restore the android data folder. Is it life threatening to have a malware infected device? Has that or, is there a very strong possibility of that happening in the next ten years? Are there hardware vulnerabilities that exist currently that put cellular reception at risk, or GPS?
My device has a publicly disclosed wifi security bug in the hardware, guess how much I care. I am extremely confident that my device won’t get malware, and if somehow it does, I really could care less. I have my contacts file saved and data backed up already, it’s not much of an inconvenience to just wipe the data and restore.
At what point is a device considered too “obscolete” to stop targeting for malware? If 75% of android users all upgrade devices every four years because of security reasons, how much time would it take a malware developer to crunch the numbers on exactly what older android devices are out there, which ones have exploitable hardware and how many users of that exact device are out in the wild.
I bet zero malware developers will do that math because it is not worth their time, and that is what I’m betting on. How many malware developers are still targeting Android 2.3.3 or 3.x or 4.4.2 or 5.1 or 6.0 or even the 7 series? I bet zero. At some point, eventually, the device will ne “out of fashion” for long enough that not a single human being will care to develop malware for it, so why not just take the minor risk and help reduce electronic production by upgrading your device as little as possible?
Don’t do banking on your phone, encrypt your passwords with something such as bitwarden and use firefox browser extensions to block scripts and hope you don’t get a strange messags that infects your phone. Just wipe it and restore from a backup. It is the same with a desktop PC, if it gets infected, it is ideal to already have a backup, no reason to throw out the entire computer because of a data file.