This is an important question given iOS has the shortest full support lifecycle of all common consumer operating systems, including Android.
FACT:
*Apple fully supports only a _single_ operating-system major version*
That means, as of today, an iPhone 8, for example, is toast from a security standpoint (which is why iOS has the most exploits of all mobile systems!).
Of the few iPhones & iPads which are still fully supported on iOS 17...
*How old are they?*
HINT: The iPhone XR, shipped in October 2018 is only five years old. DOUBLEHINT: The iPhone 8 shipped in September 2017 is only six years old.
Think about _why_ I ask given iKooks lied for years about Apple support.
which is why iOS has the most exploits of all mobile systems!
which is why iOS has the most exploits of all mobile systems!
This is not true. There was typically a single vulnerability per version that will allow for root access on an iPhone. These were typically used for jailbreaking and usually required a connection to a computer and physical access to the device. There isn't any exploit available for iOS 15 or 16 on devices newer than A11 (because there is a boot exploit on earlier versions, which is similar to unlocking a bootloader on an Android device). Of course none of this can compare to BlackBerry 10's record of zero exploits from release to discontinuation. There remains no way to gain root access on a BlackBerry 10 device.
On Sep 18, 2023, Wally J wrote
(in article <ueaiua$j7uq$1@paganini.bofh.team>):
which is why iOS has the most exploits of all mobile systems!
This is not true. There was typically a single vulnerability per version that will allow for root access on an iPhone. These were typically used for jailbreaking and usually required a connection to a computer and physical access to the device. There isn't any exploit available for iOS 15 or 16 on devices newer than A11 (because there is a boot exploit on earlier versions, which is similar to unlocking a bootloader on an Android device). Of course none of this can compare to BlackBerry 10's record of zero exploits from release to discontinuation. There remains no way to gain root access on a BlackBerry 10 device.
I enjoyed my Z10 for as long as I had it. It tried to give its users an Apple-like experience but failed. Security was admittedly spectacularBB10 also had spectacular multitasking functionality. In fact, many of the multitasking gestures on iOS are the same as on BB10.
though, as was the fact that users could easily change the battery or
expand storage. In fact, I was able to get a double-size battery to
extend the life of the thing since it wasn't too power efficient.
For the past three years iOS has had double& triple the zero-day bugs,don't. A major bug is one that grants root access.
but we're talking here about active exploits in the wild, right? Of which most are minor. If they were major bugs then we would have a jailbreak, which we
Just look at the astoundingly huge number of iOS *active exploits*! <https://www.cisa.gov/known-exploited-vulnerabilities-catalog> Ah yes NVD/CVE, well known for not giving ridiculously high scores to minor bugs<https://daniel.haxx.se/blog/2023/08/26/cve-2020-19909-is-everything-that-is- wrong-with-cves/>
The reason is partly because Apple summarily drops full patch support the instant the next release of iOS or macOS ships. Apple support sucks. This is false. Apple supports iOS 15, 16, 17 and macOS 11, 12, 13, and 14. Having onlytwo years of support sounds like it sucks (it does) but that is what most companies do now. Microsoft only supported Windows 10 21H2 for two years.
It's important to note that no other operating system vendor of a common consumer operating system has a support policy that atrocious. Only Apple!Oracle and RedHat. ArcaOS but nobody has heard of that. $200 for a year of updates.
Any iPhone that can't install iOS 17 is likely already filled with exploits and definitely it will never be patched with all Apple's known patches. Fear mongering over this sentence:not all known security issues are addressed in previous versions (for
Note: Because of dependency on architecture and system changes to any current version of Apple operating systems (for example, macOS 13, iOS 16 and so on),
Dorper <usenet@dorper.me> wrote
However Apple does appear to fixing security issues in previous versions based on CVE details.
Don't be fooled...
According to the gov, there is no smartphone OS more exploited than is iOS. <https://www.cisa.gov/known-exploited-vulnerabilities-catalog>
Due to the primitive update mechanism only Apple employs, zero-day bugs last far longer in Apple operating system than in Android for example.
However Apple does appear to fixing security issues in previous versions based on CVE details.
To be clear, you may not even be aware that only in iOS 16 did iOS _begin_
to break down that primitive monolith - which I'm not sure you're aware of.
*About Rapid Security Responses - only available in iOS 16 and up*
<https://support.apple.com/en-us/HT201224>
Windows employs the same update strategy.
https://www.catalog.update.microsoft.com/Search.aspx?q=windows+10
You can't seriously claim, sans a shred of evidence, that Windows is a monolith like iOS is a monolith since Microsoft does NOT update
Windows as the primitive stone-age monolithic package that Apple uses.
How do most Windows users get their updated drivers, for example?
*You do know they don't generally come from Microsoft, right?*
Where do you think the iOS drivers come from?
Quite different from Apple's monolithic update mechanism, Android has
Project Treble with Qualcomm where the drivers are asynchronously
updated irrespective of the carrier and the Android release process. <https://www.qualcomm.com/news/releases/2020/12/qualcomm-and-google-announce-collaboration-extend-android-os-support-and>
Likewise, are you aware how major applications on Windows and Android
update? Again, nothing like that of the primitive monolithic method Apple uses.
You can't be oblivious that with Apple - it's everything - or nothing.
With every other operating system - the updates are in many layers.
With iOS, you instantly lose full support the moment a next release ships!
*Distinguishing software updates from upgrades*
<https://support.apple.com/guide/deployment/about-software-updates-depc4c80847a/>
It's fine that Apple uses a stone-age primitive update mechanism - which is Apple's prerogative - but it's the main reason iOS has the most zero day holes and even more importantly the most exploited zero-day holes.
By far.
And the iOS security sandbox model makes it so a compromised app will not be >> able to screw up the entire rest of your system, like it is so in Android.
WTF? You've never heard of the many zero-click zero-day exploits of iOS?
Are you serious?
Again, we have to get to common ground which is you can't discount that
on average, iOS has had one a month (sometimes two or three!) for years!
*You can't just ignore that iOS has been extremely insecure* (for years!)
*About Rapid Security Responses - only available in iOS 16 and up*
<https://support.apple.com/en-us/HT201224>
Wait, they're *that* recent?
Windows employs the same update strategy.
https://www.catalog.update.microsoft.com/Search.aspx?q=windows+10
You can't seriously claim, sans a shred of evidence, that Windows is a
monolith like iOS is a monolith since Microsoft does NOT update
Windows as the primitive stone-age monolithic package that Apple uses.
Plus they have a better security update policy.
According to the gov, there is no smartphone OS more exploited than is iOS. >> <https://www.cisa.gov/known-exploited-vulnerabilities-catalog>
CISA NVD is a mirror of The MITRE Corporation's CVE system, which is flawed. And you don't understand how different operating systems are packaged.
Due to the primitive update mechanism only Apple employs, zero-day bugs
last far longer in Apple operating system than in Android for example.
Windows employs the same update strategy. https://www.catalog.update.microsoft.com/Search.aspx?q=windows+10
And the iOS security sandbox model makes it so a compromised app will not be able to screw up the entire rest of your system, like it is so in Android.
Dorper <usenet@dorper.me> wroteThey changed the update system. What is your problem then?
According to the gov, there is no smartphone OS more exploited than is iOS.
<https://www.cisa.gov/known-exploited-vulnerabilities-catalog>
CISA NVD is a mirror of The MITRE Corporation's CVE system, which is flawed.
And you don't understand how different operating systems are packaged.
It's good that you're thinking - which means there's a possibility of learning but first we have to equilibrate our knowledge to a common ground.
You can't seriously claim, sans a single slice of evidence, that I don't understand that iOS is packaged as a monolith (yes, a delta is applied to each & every user but the release is built and tested as a monolith).
To be clear, you may not even be aware that only in iOS 16 did iOS _begin_
to break down that primitive monolith - which I'm not sure you're aware of.
*About Rapid Security Responses - only available in iOS 16 and up* <https://support.apple.com/en-us/HT201224>
The RSR aside, the primitive release process only Apple employs is very likely the fundamental reason why iOS has not only the most zero-day holes (by far!) but also the most _exploited_ vulnerabilities (ten times more!).
*You do know they don't generally come from Microsoft, right?*
WTF? You've never heard of the many zero-click zero-day exploits of iOS?> Are you serious?
Again, we have to get to common ground which is you can't discount that>on average, iOS has had one a month (sometimes two or three!) for years!
Of course there isn't a large variation of software for the macOS so
Apple doesn't have to distribute drivers and those are typically
installed and updated how you THINK drivers are installed in Windows,
through random 3rd party tools. Suboptimal but whatever, only had to
do it for a Wacom tablet.
On 2023-09-29, Dorper <usenet@dorper.me> wrote:
Of course there isn't a large variation of software for the macOS so
Apple doesn't have to distribute drivers and those are typically
installed and updated how you THINK drivers are installed in Windows,
through random 3rd party tools. Suboptimal but whatever, only had to
do it for a Wacom tablet.
Apple actually does distribute and bundle quite a few drivers with
macOS. Having to go out and get your own is a relative rarity.
It's a Samsung Galaxy S10+.
Thanks for the confirmation. BTW, mine is a Samsung Galaxy A51, a
little over 3 years old, came with Android 10, now on 13.
So the strange things are that 1) we (YTIW! :-)) didn't get notified
that there was a 'Google Play system update', 2) my phone didn't
download it and 3) your phone downloaded it, but didn't tell you to
restart.
So I now indeed have a 'Google Play system update' from *Google*,
which is *newer* (August 1, 2023) than my 'Software update' from
*Samsung* (June 1, 2023).
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 490 |
Nodes: | 16 (2 / 14) |
Uptime: | 61:51:32 |
Calls: | 9,676 |
Files: | 13,719 |
Messages: | 6,171,615 |