Fun Fact: My smartphone is turned off 95% of the time or so.
-
Fun Fact: My smartphone is turned off 95% of the time or so. I only turn it on when I have a specific need for a specific function. The overwhelming vast majority of my activities are on desktop systems, using native code or browsers where the invasive permissions of common mobile apps are generally not present. REMEMBER: The reason so many websites push you to use their mobile apps is that the iOS and Android permission environments provide vastly more opportunities for the collection of your personal data.
-
R relay@relay.infosec.exchange shared this topicR relay@relay.an.exchange shared this topic
-
Fun Fact: My smartphone is turned off 95% of the time or so. I only turn it on when I have a specific need for a specific function. The overwhelming vast majority of my activities are on desktop systems, using native code or browsers where the invasive permissions of common mobile apps are generally not present. REMEMBER: The reason so many websites push you to use their mobile apps is that the iOS and Android permission environments provide vastly more opportunities for the collection of your personal data.
@lauren this is innaccurate you have vastly better permission models and security on up to date android and iphones then on desktops this is a missunderstanding of the security and permission models of mobile systems in fact your browser is even better off on your phone due to the permissions and restrictions the phone places on apps in fact your hardware identifier on most phones is blocked from apps on basically all current up to date phones including android since I beleive android 10.
-
@lauren this is innaccurate you have vastly better permission models and security on up to date android and iphones then on desktops this is a missunderstanding of the security and permission models of mobile systems in fact your browser is even better off on your phone due to the permissions and restrictions the phone places on apps in fact your hardware identifier on most phones is blocked from apps on basically all current up to date phones including android since I beleive android 10.
You literally cannot know that. You cannot know if the permission model is better. You cannot know the permission model. You cannot know the security. You cannot know the restrictions, and you cannot know your hardware identifier is blocked. You're not allowed to know that. It's illegal for you to know that, considered illegal reverse engineering in the USA, and every country foolish enough to sign a treaty with the USA.
You're just taking them at their word. A company, a giant company, who you can't hold accountable, and even if you could, there are no consequences for lying to you. In fact they make more money from lying to you, much, much more money, since they get to sell you out, while taking your money. And you think they're not lying through their teeth? It's 100% legal to say a phone is secure, when you know it is not secure, as long as anyone who could press charges isn't allowed to find out.
CC: @lauren@mastodon.laurenweinstein.org -
@lauren this is innaccurate you have vastly better permission models and security on up to date android and iphones then on desktops this is a missunderstanding of the security and permission models of mobile systems in fact your browser is even better off on your phone due to the permissions and restrictions the phone places on apps in fact your hardware identifier on most phones is blocked from apps on basically all current up to date phones including android since I beleive android 10.
@lauren source code is publicly available anyone can inspect audit and verify and reverse engineering does not apply to open saurce aosp and also security researchers legally audit systems like apple iphones all the time apple even runs bug bountys and im not sure what your arguement has to do with arguing im wrong nor does it give a solution becouse you cant say desktops are any different so my question is whats this claim your making and how does it affect anything with my original arguement
-
@lauren source code is publicly available anyone can inspect audit and verify and reverse engineering does not apply to open saurce aosp and also security researchers legally audit systems like apple iphones all the time apple even runs bug bountys and im not sure what your arguement has to do with arguing im wrong nor does it give a solution becouse you cant say desktops are any different so my question is whats this claim your making and how does it affect anything with my original arguement
@lauren also I do know its better compare permissions and test weather they work I dont take noones word I actually use and look at devices ill tell you on a comparison microsoft has better permission model and security by default and its a data collection hub compared to even linux by default and they have massive amounts issues as well but defemder is on the moment you turn it on and there security makes its very hard to do things lile change os with out going through alot of steps
-
R relay@relay.mycrowd.ca shared this topic
-
@lauren this is innaccurate you have vastly better permission models and security on up to date android and iphones then on desktops this is a missunderstanding of the security and permission models of mobile systems in fact your browser is even better off on your phone due to the permissions and restrictions the phone places on apps in fact your hardware identifier on most phones is blocked from apps on basically all current up to date phones including android since I beleive android 10.
@lauren while again linux ufw is not even on by default on most this is not even worth explanation you need to do actual research into the way these things actually work
-
@lauren while again linux ufw is not even on by default on most this is not even worth explanation you need to do actual research into the way these things actually work
@lauren ill give you a project get a normal computer say intel look for a location and camera and nearby devices permission in settings
-
You literally cannot know that. You cannot know if the permission model is better. You cannot know the permission model. You cannot know the security. You cannot know the restrictions, and you cannot know your hardware identifier is blocked. You're not allowed to know that. It's illegal for you to know that, considered illegal reverse engineering in the USA, and every country foolish enough to sign a treaty with the USA.
You're just taking them at their word. A company, a giant company, who you can't hold accountable, and even if you could, there are no consequences for lying to you. In fact they make more money from lying to you, much, much more money, since they get to sell you out, while taking your money. And you think they're not lying through their teeth? It's 100% legal to say a phone is secure, when you know it is not secure, as long as anyone who could press charges isn't allowed to find out.
CC: @lauren@mastodon.laurenweinstein.org@cy @lauren And this whole charges thing is useless again its open and you show no evidence on desktops exceeding what Ive said and are you taking them at there word evey desktop is built by a big company so whats your point you think that intel chip or m1 from apple is built in a garage lmfao explain how your court arguement would hold up im telling you provable facts your stating some court nonsense that changes nothing
-
Fun Fact: My smartphone is turned off 95% of the time or so. I only turn it on when I have a specific need for a specific function. The overwhelming vast majority of my activities are on desktop systems, using native code or browsers where the invasive permissions of common mobile apps are generally not present. REMEMBER: The reason so many websites push you to use their mobile apps is that the iOS and Android permission environments provide vastly more opportunities for the collection of your personal data.
@lauren when I compare Pi-hole blocks on phone vs desktop, its like 5x at least.
-
@cy @lauren And this whole charges thing is useless again its open and you show no evidence on desktops exceeding what Ive said and are you taking them at there word evey desktop is built by a big company so whats your point you think that intel chip or m1 from apple is built in a garage lmfao explain how your court arguement would hold up im telling you provable facts your stating some court nonsense that changes nothing
There's a difference between using a company's chip under protest, and laying down and prostrating for them begging to be used as their customer drone with a shiny magic brick whose contents you are forbidden to know, that you carry along with you wherever you go. Also a difference between having vulnerabilities that cannot be mitigated because they literally shoot you with automatic rifles when you try to inspect their fabrication plant, and just openly embracing every vulnerability on the planet crying out "Hurt me more, daddy!"
But yes, chip making needs to be nationalized without compensation. By like... anyone. That doesn't make phones any more secure than open source software running on desktop computers, who don't follow you around, and leave much less wiggle room for your attackers to do stuff to you undetected.
I mean you claim that it's open and verifiable, but laws like the DMCA demand that it not be open, nor verifiable. The few "evil hackers" among us might know how a phone works, but your cops attack them for even trying to tell people, so their knowledge is kinda inaccessible.
CC: @lauren@mastodon.laurenweinstein.org -
There's a difference between using a company's chip under protest, and laying down and prostrating for them begging to be used as their customer drone with a shiny magic brick whose contents you are forbidden to know, that you carry along with you wherever you go. Also a difference between having vulnerabilities that cannot be mitigated because they literally shoot you with automatic rifles when you try to inspect their fabrication plant, and just openly embracing every vulnerability on the planet crying out "Hurt me more, daddy!"
But yes, chip making needs to be nationalized without compensation. By like... anyone. That doesn't make phones any more secure than open source software running on desktop computers, who don't follow you around, and leave much less wiggle room for your attackers to do stuff to you undetected.
I mean you claim that it's open and verifiable, but laws like the DMCA demand that it not be open, nor verifiable. The few "evil hackers" among us might know how a phone works, but your cops attack them for even trying to tell people, so their knowledge is kinda inaccessible.
CC: @lauren@mastodon.laurenweinstein.org -
-
