One of the great things about brand loyalty is that it often blinds you to what is going on slap bang in front of your face. And one of the great things about Androidians and iPhonians is that they honestly believe that Google and Apple care about them.
Yeah, insert BBM emoticon here. *ROFL*
So, with the news, as the BBC reported today and we have reported ourselves recently that around 1 BILLION Android phones are now at the mercy of any hacker that fancies it just by sending them a self destructive text (their phone number being easily accessible, remember, Whatsapp and Facebook have been spreading their number FAR AND WIDE???) you’d have thought that Androidans would have been up in arms at the lack of care by their preferred OS provider, Uncle Google.
Not a bit of it.
Phil Nickinson of Android Central made light of the whole situation. To be fair to Phil, he has to…
The exploit was announced July 21 by mobile security firm Zimperium as part of an announcement for its annual party at the BlackHat conference. Yes, you read that right. This “Mother of all Android Vulnerabilities,” as Zimperium puts it, was announced July 21 (a week before anyone decided to care, apparently), and just a few words the even bigger bombshell of “On the evening of August 6th, Zimperium will rock the Vegas party scene!” And you know it’s going to be a rager because it’s “our annual Vegas party for our favorite ninjas,” completely with a rockin’ hashtag and everything.
So, ya know, it’s serious. Or something.
But then pointed out that:
Make no mistake about it: This is a bad exploit. And it further highlights the difficulties of getting updates pushed out through the manufacturer and carrier ecosystem. On the other hand, it’s a potential avenue for exploit that apparently has been around since Android 2.2 — or basically the past five years. That either makes you a ticking time bomb, or a benign cyst, depending on your point of view.
Well, dur… yes Phil, it’s baked in. Well and truly.
Herr’s the best bit. Google said it’s all fine and they’ve got things well in hand:
We thank Joshua Drake for his contributions. The security of Android users is extremely important to us and so we responded quickly and patches have already been provided to partners that can be applied to any device.
Most Android devices, including all newer devices, have multiple technologies that are designed to make exploitation more difficult. Android devices also include an application sandbox designed to protect user data and other applications on the device.
But Phil thinks that:
This is an exploit that needs to be fixed, sooner rather than later — if it hasn’t been already. But it’s not one that’s going to keep us up at night. There are a lot of unknowns, and unfortunately they’re being ignored for the sake of scary-sounding storytelling.
Before pointing out what we already knew. That it’s down to the Android OEM’s to push it out. Not Google.
Still, Androidians in comments took the whole thing VERY seriously…
It’s so vague as to be lacking credibility.
It’s probably a very typical bug known as a buffer overflow
Before making it all ok by turning things on Apple:
Yet another reason why Apple will claim why they are better.
We are just 2 months out from Apple dealing with their own SMS exploit that was taking down the majority of their devices
I think the bug in the iOS/OSX keychain is a bit more serious
I smell another FUD article from Rene Bitchey coming later today from iMore…
Just after those gems people start to actually discuss what could happen to them. And it’s not good. But it doesn’t matter..
They own an Android device!
Google will take care of them!
They (didn’t) say so in the above quote!
Hey, if you’re going to get all prissy about it, that’s fine. Just remember where you’ll be safe.
It’s not Apple.
And the quicker you guys drop the ‘talk to the hand’ attitude and realise it the better.