Cybersecurity

5277 readers

226 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

Google Patches 25 Android Flaws, Including Critical Privilege Escalation Bug (www.securityweek.com)

submitted 1 month ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

8 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] nevemsenki@lemmy.world 3 points 1 month ago (1 children)

I don't know. According to this : https://www.statista.com/statistics/921152/mobile-android-version-share-worldwide/ android version 13 and 14 account for almost half the device versions, and those usually have forced auto update and also recent enough to be getting updates in theory...

[–] 01189998819991197253@infosec.pub 2 points 1 month ago (1 children)

But if the manufacturers don't then update their custom bits, the updates don't make it to the phones. Right? Or is that not a thing anymore?

[–] nevemsenki@lemmy.world 2 points 1 month ago* (last edited 1 month ago) (1 children)

That is a difficult topic. Google did take steps to mitigate issues there. Android got Hardware Abstraction Layer to prevent blobs from blocking updates ; also, a lot of updates were moved from AOSP to the Play Service, so Google can more easily roll them out. (And to make AOSP and 3rd party roms less of a threat, eh.)

Edit : that said, most android phones have woefully short support period.

[–] 01189998819991197253@infosec.pub 2 points 1 month ago

It is a difficult topic, but one worth discussing I think. Cellphone security used to be an afterthought, at best. Google (and some rom maintainers) have done an amazing job at improving overall security. They have a long way still to go (such as forcing manufacturers to a certain level support), but what they've done thus far is commendable.