• 1 Post
  • 20 Comments
Joined 1 year ago
cake
Cake day: June 15th, 2023

help-circle

  • Software optimization is mostly not a language-level problem. I’ll be dailying my 3 year-old OnePlus 9 Pro until it starts missing out on security updates, but it will probably still be “usable” long after that. Support/updates aside, my 6 year-old galaxy s9 can still run most normal apps. Hell, I got the most recent lineageOS running on a pixel 2 XL from the year before that and it straight up felt fast as long as I wasn’t playing some super intensive game or something. This isn’t an android vs. iOS problem, it’s a “developers of [insert flashy new app here] either not bothering to put effort in to optimize their code or being forced to push out a minimum viable product ASAP” problem.

    Edit: fixed my hyphen use


  • That’s partially my point. You can never be 100% safe, but there’s a lot you can do to increase your safety besides just relying on intuition (edit: because intuition is usually the weakest link, see social engineering/phishing tactics). Anti viruses (when they aren’t just bloatware) are part of that.

    Your second point about not meaningfully defending against backdoors and vulnerabilities is kind of against the point. You can totally defend against backdoors by not giving apps admin privileges, limiting network access, etc. so that damage can be limited even if an exploit happens. Then, if some backdoor or exploit is discovered, it’s only as dangerous as the permissions you give that app.














  • I think we’re on the same page? If an attacker wanted a keylogger they wouldn’t even need to go as far as a screen, there are plenty of other ways (like a 3rd party keyboard app) that would work just as well, if not better, on an iPhone.

    Hell, while we’re at it, using a phishing email to get you to enter a password in a fake site or using social engineering to reset your passwords is way more effective than reverse engineering and modding a camera/screen.

    There’s no reason why Apple should get to keep exclusive rights on repairs just to profit more on parts. 3rd party screens, cameras, face id modules, etc. aren’t going to suddenly make your phone less secure.




  • If you think keyloggers require software running on your physical keyboards you’re in for a rude awakening.

    Keyloggers are almost always at a pure software level and are conceptually simple to make. So simple that in fact, it’s the same thing as running a regular application with background shortcuts. The only thing that is different is that regular apps aren’t saving/recording anything, they’re just listening for you to press cmd+whatever.

    It takes maybe ~10-15 minutes to make a keylogger in Python that could run on any computer, mac, windows, or Linux. Maybe a little longer if you wanted to use a compiled language and properly hide it.

    Sorry to burst your bubble.

    • A software developer

  • No, you can’t, because that isn’t a good analogy. Those two situations are not at all the same, but I’ll humor you.

    The analogy you’re making is like saying only the company who makes doors is allowed to change the lock on your door, and they’re allowed to just stop offering the lock-changing service whenever they want. They also conveniently put a mechanism in so that whenever a third-party locksmith comes, your door falls apart. Your only option is to buy a new door, doorknob, frame, and hinge because your lock is worn out.