On Fri, 26 Sep 2014 09:21:35 -0700 Kristian Erik Hermansen wrote: > Yeah pretty much Android team doesn't seem to care much about security. We > all have 0day they are not prepared to compensate for nor seem eager to > fix... > > --
Which 0day's are current from a remote perspective? Or do you mean protecting from a trojan app which is nigh on impossible in any generic case? Android security is way ahead of Iphone if your device is one that is kept upto date by the vendor and a phones largest attack vector being the browser is actually updateable on Android whereas on IOS it is enforced to part of the firmware. In fact just from an operating system point of view (kernel which iswhat linux is and ignoring java/apps) like modern Windows it is way more secure than Linux and I am fairly sure OSX. http://www.openbsd.org/papers/ru13-deraadt > Regards, > > Kristian Erik Hermansen > https://www.linkedin.com/in/kristianhermansen > On Sep 26, 2014 8:01 AM, "Joseph Birr-Pixton" <[email protected]> wrote: > > > Hi Yogesh, > > > > I would counsel against using the keystore for storing anything. Apart > > from (as you've found) deleting things[1] all the time, it also > > sometimes leaks your private keys to other apps[2]. True and I wouldn't use it, being very careful about security but would use it before a wireless barclay card! -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/android-security-discuss. For more options, visit https://groups.google.com/d/optout.
