AOSP Development was almost completely separated from the commonly distributed Android OS around version 2.2 in like 2010-ish, if I’m not mistaken. If you do get an OS built upon the old open source versions, they are usually quite secure and value privacy heavily, such as CalyxOS.
So no, Android is not Open Source nor is it free, but yes proprietary Android software has more potential vulnerabilities.
Last year android had 1400 vulnerabilities to iOS’ 482.
402 of androids were above a CVSS score of 7 & 221 for iOS.
Android is less secure than iOS on average and Apple is widely known to be more secure than android. That’s not to say I’m a fan of things apple does. I’m purely speaking vulns for one OS to another.
Just recently it was discovered that apples m1 silicon has a security vulnerability that exposes encryption keys under certain conditions and it’s a hardware vulnerability which is unpatchable without buying the newer models.
You can’t compare those two. First of all, Apple’s walled garden makes it significantly harder to perform security research. Second, Android has a way larger ecosystem and is not a monolith, so of course there’s gonna be more.
If you had any idea about how it works, you would not compare them. If you had any idea about how hard Apple makes security research, especially without a Mac, you would not compare them.
But you don’t know what it’s about. Being a consumer does not make you an expert.
The more used OS will always have more people looking for ways to break it. Same shit happened with windows and Mac. The old picture of the house in the city with bars on the windows vs a house in the country with unlocked doors still applies.
The only vulnerabilities you even really need to worry about are zero days which won’t be in the threat tracking databases.
But android does this exact thing and has far more vulnerabilities
Open source doesn’t magically make things more secure unfortunately, no matter how many people seem to think this
AOSP Development was almost completely separated from the commonly distributed Android OS around version 2.2 in like 2010-ish, if I’m not mistaken. If you do get an OS built upon the old open source versions, they are usually quite secure and value privacy heavily, such as CalyxOS.
So no, Android is not Open Source nor is it free, but yes proprietary Android software has more potential vulnerabilities.
Last year android had 1400 vulnerabilities to iOS’ 482.
402 of androids were above a CVSS score of 7 & 221 for iOS.
Android is less secure than iOS on average and Apple is widely known to be more secure than android. That’s not to say I’m a fan of things apple does. I’m purely speaking vulns for one OS to another.
Just recently it was discovered that apples m1 silicon has a security vulnerability that exposes encryption keys under certain conditions and it’s a hardware vulnerability which is unpatchable without buying the newer models.
So we both agree that proprietary operating systems need to be outlawed and dismantled.
Outlawed?
Not at all
Think it’s a bad idea?
Yea
You can’t compare those two. First of all, Apple’s walled garden makes it significantly harder to perform security research. Second, Android has a way larger ecosystem and is not a monolith, so of course there’s gonna be more.
Apple = Apple, but Android ≠ Android.
So fine, do you wanna look at specific numbers for the pixel, Samsung, huwaeii, etc against iOS? Bc we can!
Also, I hope you see the irony in you saying we can’t compare apple(s) to oranges (android as a whole ecosystem).
You definitely can, and I did so fairly.
If you had any idea about how it works, you would not compare them. If you had any idea about how hard Apple makes security research, especially without a Mac, you would not compare them.
But you don’t know what it’s about. Being a consumer does not make you an expert.
The more used OS will always have more people looking for ways to break it. Same shit happened with windows and Mac. The old picture of the house in the city with bars on the windows vs a house in the country with unlocked doors still applies.
The only vulnerabilities you even really need to worry about are zero days which won’t be in the threat tracking databases.