What ecosystem is the most secure?
 

I think all mobile OS and ecosystems failing when it comes to securety simply becouse that wasn't a priorety when they were designed.

during 2013 I'm sure we will see worse things happen simply when entering a weburl. This is pretty limited so far and most focus on when you install something.

Apple encrypt all data which is exellent but how do apps send information, the most apps I have been investigated send username and password in clear text which makes me pissed :rolleyes:.

mobiles are simply not secure! To me android has seriuos securety issues, with apple, microsoft and BB slightly better. What do you think?

Re: What ecosystem is the most secure?
 

Have you seen this?

Re: What ecosystem is the most secure?
 

Have you tried it? might try it on emulator. But seems a bit annoying when vendors pumping out so much products, all different. impossible to keep up.

Re: What ecosystem is the most secure?
 

That's why you should get a Nexus.

Re: What ecosystem is the most secure?
 

At least Android tells you what permissions an app requires, with Apple you have no way of knowing.

I read a report stating a researcher from a US university tested around 60 (I think it was 56) of the most popular apps from the Apple app store and found all but a handful were harvesting data and sending it off to remote servers. Most apps were encrypting what they sent so he couldn't say what the data was just that some was being sent. I'll try and find a link to the report, I'm sure I've got it bookmarked on one of my computers.

Aren't the problems with Android users installing malware and giving it permission to run rather than some sophisticated exploit?

Another issue is most SD cards are formatted as Fat 32 which I understand doesn't support the assigning of permissions so apps have free reign over anything stored there.

Re: What ecosystem is the most secure?
 

Yes, I will go for nexus 5, but that doesn't really solve anything ;).

But I'm thinking in a bigger area here, not a specific device or app. The over ecosystem and OS. Sandboxing more could be one area to move to but that is not perfect either...


Androids permission is a joke. User still not understand what they mean and when they sees them the first time they have already clicked twice and will likely to click again without thinking twice about it. Apple has some restrictions, YES but google is wide open they just recently admit that there was a problem, before that they are in total denial. Google mostly move when the incident has happen.

Re: What ecosystem is the most secure?
 

None of them is secure. No software is secure, especially if it has been developed so fast.

Re: What ecosystem is the most secure?
 

That is true and I think the companies behind the Oses must communicate that to the average Joe! They must be forced to take their responsibility and more proactive rather than reactive.

it's not total security I'm looking for but increase the awareness and improving the security.

If a company is compromised on the level that affect the public users they have to admit(forced by law if necessary) it publicly and the extent of the breach. This would be a great first step world wide!

Re: What ecosystem is the most secure?
 

Secure products, especially mass produced products are products of fiction.

Security always has it's limitations and generally speaking one could say that the people working hard on making secure systems are always one step behind on those who try and find holes in them.

Also I do tend to believe that further simplification of the multiuser/single-user paradigm is prone to increase the amount of insecurity.

/cliche
/kicking_open_doors

Re: What ecosystem is the most secure?
 

How so?


They're stated in Google Play before you've even downloaded the app, again during installation and you can check them even after you've installed the app. If the user doesn't know what they mean they should RTFM!


Would you prefer Google to be more like Apple where they retain control of your device? They decide what you are and aren't allowed to do, what you can and can't install?

80ll0ck5 to that!

Re: What ecosystem is the most secure?
 

The "ecosystem" in your pants, Dave

Re: What ecosystem is the most secure?
 

That don't mean a **** to the user and don't explain what happening and how the app communicating in a "secure" way or not.

http://www.android-permissions.org/

yes, they can, but do they?

If I want google to be more like apple? Yes, in some areas. I would say that apple is better/easier to secure the data and device. They also have fewer versions available.

I would suggest google to enable a management system to secure the device better if user choose to. Many companies using MDM and end user could also if google wanted. Seriously, you can easily upload very very bad stuff at Google Play before they are removed.

Re: What ecosystem is the most secure?
 

The ecosystem mankind hasnt' access to. Oh, are we talking 'bout software? That wasn't mentioned!

Re: What ecosystem is the most secure?
 

The best forms of security are:

• Obscurity: < 1% market share FTW.
• FOSS: Sunlight is the best disinfectant.

Re: What ecosystem is the most secure?
 

The problem with android is that you can't use the app without giving it permissions. Developers use that to request every conceivable permission (I downloaded a gong-style app that needed GPS!) and because all of them do it, you just can't use anything if you don't agree.

Good thing is that blackberry allows you to download application and decline specific permissions to it. That's pretty nice.

Re: What ecosystem is the most secure?
 

PDroid. Or root-based solutions.

Re: What ecosystem is the most secure?
 

Re: What ecosystem is the most secure?
 

Think about the traditional wisdom with computers and why so many people say apple is more secure then windows.

The ecosystem with less mainstream attention will have the less attention from hackers.
Windows>Apple>Linux.

With phones you will go
Apple>Andriod>The rest.
Our Meego/Maemo are pretty safe for the simple fact that its a very small community of users.

Re: What ecosystem is the most secure?
 

This is part of the reason I've jailbroken my iPhone and used firewall IP, it tells me of every connection that gets in or out for any reason and I have the right to stop it. I assume none of the games I have should be connecting externally, so they don't. :)

Re: What ecosystem is the most secure?
 

Android>Apple>The rest

maybe?

Re: What ecosystem is the most secure?
 

Are you referring to the old "shallow bugs" myth? ;)

Re: What ecosystem is the most secure?
 

I've always been under the impression that Blackberry and Symbian phones were designed with security in mind. Security versus convenience is a tradeoff that many people choose convenience instead. Symbian has dialogs where user interaction is required to affirm an action that it becomes an annoyance to people who just want things to work "automagically".

Re: What ecosystem is the most secure?
 

Rule of thumb is why the hell should any app, unless it's a web browser need a data connection unless it needs to acquire something for it to work.
I agree with unoace. The popularity of something will eventually be it's downfall. If it's security you want don't go mainstream.

As for Sailfish, can't say at such an early stage. But Jolla's watchword has been "Security by isolation". Probably meaning the Android layer isn't embedded and can be removed if the end user wishes, maybe it's built into one of the "Other Halfs".

Re: What ecosystem is the most secure?
 

I think the question is more about real security, not in the sense of how exposed a system may be.

In fact, I submit that Maemo is probably the most insecure mobile OS. For the simple reason that about 101% (+/- 5% :) of the users have rootsh installed. Meaning any program or script can simply run "sudo gainroot" and do whatever it pleases.

But then again, Maemo is Linux is Unix. User is expected to know what he's doing.

Re: What ecosystem is the most secure?
 

There is intrinsic security and there is perceived security. Regarding the former, I absolutely agree with reinob. Maemo is intrinsically insecure for many reasons, not just because of rootsh. You have no way of knowing or controlling what the apps you install do behind your back (unless you check their source code, but who can do/does it?)

Android is more secure since you have to explicitly allow applications to do certain things. The trouble is you have to do it at install time and you have to allow all or nothing. No way of saying, I am happy to install this cool game but I do not want it to connect to some server in China. Which sort of defeats the whole point and what is meant to be a security measure becomes just another annoying step that users just want to wave out of their way.

I do not know enough about iOS, WP or RIP to comment. Sticking to what I know, PalmOS was just as bad as Maemo with its "free for all" approach, with the added benefit of the source generally not available. Symbian was probably the best in this regard but, as has been mentioned before, it went a bit too far to the point of being intrusive, both for the user and for the developer.

Then there is the perceived security.

This is a bit trickier and depends on many factors, the most important of which is the OS's popularity. Despite various claims of open-source fascists enthusiasts I do not agree that on the desktop, Linux is intrinsically more secure than Windows. I would even argue that it is the opposite. Windows allows you a more fine-grained level of specifying who can do what and has a more focused development force behind it. But it has two big disadvantages. One, it is the most common (popular?) platform and two, partly because of number one, it is used by clueless users. Both make it a popular target for attackers. Security holes are more likely found and more eagerly exploited.

In this regard, Maemo is probably one of the most secure OSes simply because no one will bother to attack it and Android the least secure because everybody will. To illustrate it simply, I would not bother with any security software on Maemo but it was always my first thing on Android.

Re: What ecosystem is the most secure?
 

very nice post, thank you for that.
however, i wonder whether you ever heard of... Security-Enhanced Linux
i suspect the only thing most users care to do about it is disabling it, but if used properly, i think it provides more then decent security :)

Re: What ecosystem is the most secure?
 

Linux does have the advantage of the closed ecosystem however, without being really closed. You have the convenience to install everything from repos, thus trust one authority for your security, and scrutinize only the odd app you download from the internet. On windows you have to trust a wide variety of vendors either because they are well known (microsoft, apple, adobe, autodesk, and the list goes on) or because of prior experience, plus scrutinize everything else you need (utilities etc.). And even then, you never know if the download mirror has wrapped an unarchiver with a browser toolbar around the setup program.

Even in our small maemo community, you are pretty safe if you keep everything installed from extras. This peace of mind is for me one of the greatest values of the N900. I don't care that I don't have a choice of 130000 launchers, when I can apt-get blindly and be pretty sure nobody steals all my data.

Re: What ecosystem is the most secure?
 

i'm not sure if software is the most common source of malware
on windooooz, a lot of ppl get infected by browsing or e-mail, no?
security is but one aspect of software availability for any platform.

• quality of the software
• availability of developer for improvements
• cost - not only monetary, but also the time wasted wadding thru "shareware cr@p" to try & find the right app :mad:
• ???

Re: What ecosystem is the most secure?
 

Yes, but believe it or not, browser malware is not choosy and affects Linux just as well as Windows. The days of "I don't need antivirus, I use Linux" have gone.

This is even more crucial on servers. I once had my personal website infected on one hosting server (that shall not be named). I cleaned it and got reinfected within minutes. I found that other punters coplained about the same thing. The sysadmins were clearly in the "Linux is immune to viruses" school. I switched to a more clueful bunch before you could say "antivirus".

Re: What ecosystem is the most secure?
 

Well, it is not Android http://bluebox.com/corporate-blog/bl...id-master-key/

Re: What ecosystem is the most secure?
 

windows 3.1 :cool:

Re: What ecosystem is the most secure?
 

I think the question is somewhat flawed. The real question is, which system is most open and free?

Currently there is no GNU/Linux phone that I know of. Maemo is at best a busybox phone with both closed and open componenents.

From a hardware point of view anythng with Linux is more secure, but most relevant operations today are done with software. That's why the most free and open system is the most secure as well, because it offers you the most options to customise the system, even rewrite the whole thing if you have the ability. Open and free system are also far better at providing specific software for security minded software use, anonymizing and network manipulation. This allows users of such system to naturally use things such as Tor, SSH, Proxy, hardened OS and customised software solutions.

In windows, apple and google you have big corporations who make these things difficult and obscure and opaque systems that make it even more difficult.

No system is safe aside from your own self made Linux distribution and not even that is safe.

Did you all know that Richard Stallman don't surf/download internet sites directly, but instead email these requests to a network of proxy servers that download the content for him and send it back to him per email to open in the Lynx browser?

Re: What ecosystem is the most secure?
 

http://qsalpha.com/en/quasar-iv/

This looks secure and also a bit like Ubuntu Edge...

Re: What ecosystem is the most secure?
 

Not really.
Too many buzzwords for my liking.
How do you know what's really in it?
Might be a NSA front, how will you ever know?

Re: What ecosystem is the most secure?
 

True, but your mentality goes for everything so you are ****ed with every choice you make. I figure it's better than something else. Plus it's not so mainstream. Another buzzword right there.

Re: What ecosystem is the most secure?
 

Repost. Arguments in the first thread.

Re: What ecosystem is the most secure?
 

http://apps.washingtonpost.com/g/pag...right-now/634/

Nice read... This is how I track you all day long;)