Results 1 to 7 of 7
  1. Thread Author  Thread Author    #1  

    Default Stupid question: Lame security questions that need to be asked.

    Okay, disclaimer here... I mean no offence to any dev / xda etc.

    An aqaintance through a friend that is a coder/programmer for a top software company here in silicon valley was mentioning to me that my rooted Android can and will have personal data collected and sent to the developer(s) of said ROM(s), passwords, map data locations tweets, email and more.

    I have to admit he raised some valid points and therefore raised the paranoia flag. He said that this is what happens when you have open source and no controls in place for each ROM.


    He said iOS is locked down so that personal data can't be collected by the third party. Where Android is open via root is vulnerable especially ones bank login passwords etc. Now he has me second guessing.

    Sure I don't have to visit those sites or do online banking etc but that's just not possible. Can anyone explain what measures are in place to protect us? I really like my ROM and want to keep using it. I guess what I am asking is if it's safe?


    Sent from my PC36100 using Tapatalk
    HTC Evo 4G
    _______________
    Running ClockworkMod 2.6.0.1 and
    the awesomeness of CyanogenMod-6.1.2

    Twitter @billbrooksjr
  2. #2  
    Johnly's Avatar

    Posts
    7,357 Posts
    Global Posts
    10,402 Global Posts
    ROM
    AOSP, & stock.

    Default

    Your friend has got a point, but don't think Apple will "keep you safe" Most, if not all of the devs out there do this for fun and a beer/coffee donation. I have seen the same devs around for years, and they are a crew! Never once has anyone been exploited from reputable android sites.

    Sounds a little paranoid to me, he he.....

    iOS can be hacked too, and broken. If a thief wants your info, they will get it, if you are foolish. I bid you to have your friend/you to lay down some framework for this argument? Because as of now, it is a fact less bit.

    Read this.......I would be more worried about a app, lol
    Last edited by Johnly; 01-21-2011 at 04:32 PM. Reason: add link
  3. Thread Author  Thread Author    #3  

    Default

    That's kind of what I figured. Like I said I meant no offense to the devs.
    While I am not a full fledged coder (I dabble) I am a systems administrator/engineer /networks and have many colleagues that are devs and coders, I work on their machines and maintain their servers.

    I kinda understand the crew and brotherhood so to speak and appreciate all their hard work and efforts. I have even donated so they can buy some pizza to go with the beer and or coffee


    I know that anything can be hacked and I don't trust iOS, I trust Android more.
    HTC Evo 4G
    _______________
    Running ClockworkMod 2.6.0.1 and
    the awesomeness of CyanogenMod-6.1.2

    Twitter @billbrooksjr
  4. #4  
    enzofall's Avatar

    Posts
    522 Posts
    ROM
    Cyanogenmod 7

    Default

    +1 Android developers have alot of integrity. Just to add on what you guys have been saying, these guys are making roms that they would like or they think others would like for the benefit of the community. I'm not saying don't be wary of things, with everything there is some kinda risk, just don't let it keep you up at night

    sent from enzofall
    I tweet too - @enzofall
  5. #5  
    Johnly's Avatar

    Posts
    7,357 Posts
    Global Posts
    10,402 Global Posts
    ROM
    AOSP, & stock.

    Default

    This is a good topic to discuss from time to time, and I hope someone reading this will have some new info to go with their device. Nice, pizza donations have got to be the best. I am dropping off a twelve pack for Fabs Apex ROM...it is worth at least that.....
  6. #6  
    npark's Avatar

    Posts
    656 Posts
    Global Posts
    658 Global Posts

    Default

    Quote Originally Posted by Bills_Evo4G View Post
    Okay, disclaimer here... I mean no offence to any dev / xda etc.

    An aqaintance through a friend that is a coder/programmer for a top software company here in silicon valley was mentioning to me that my rooted Android can and will have personal data collected and sent to the developer(s) of said ROM(s), passwords, map data locations tweets, email and more.

    I have to admit he raised some valid points and therefore raised the paranoia flag. He said that this is what happens when you have open source and no controls in place for each ROM.


    He said iOS is locked down so that personal data can't be collected by the third party. Where Android is open via root is vulnerable especially ones bank login passwords etc. Now he has me second guessing.

    Sure I don't have to visit those sites or do online banking etc but that's just not possible. Can anyone explain what measures are in place to protect us? I really like my ROM and want to keep using it. I guess what I am asking is if it's safe?


    Sent from my PC36100 using Tapatalk
    Sounds like an apple fanboy spewing some senseless vitriol.

    So, someone can create an app, or even a backdoor mechanism into a ROM. You're right, once rooted, you have the ability to do that. This is NOT by any means limited to Android.... jailbroken iOS devices have the same Achilles heel. In fact, if you follow recent news, it's always the iOS devices that have malicious software installed onto jailbroken iOS phones.

    However, you have to remember the community. This is the entire arguement of "open-source" versus "closed-source". Your friend needs to come up with some original ideas, because well over a decade ago people made the same assertions about Linux being deployed into production environments for enterprises. "How can you trust open-source??" Sun and Microsoft moaned... "You will be compromised!!" with grim foreboding they tried to warn people away from Linux. Let's face it: Linux is being relied on in some form or another in EVERY major enterprise, bank, and is relied on as the core infrastructure for a plethora of mid-sized companies. So frankly, this argument is neither valid nor original.

    What makes open source secure? The very nature of the open-source community itself: the reason why iOS devices more frequently have malware distributed on those websites for jailbroken devices, is the userbase. By publicly endorsing the open-source community, you attract a lot of legitimate developers and hard-core enthusiasts. This community is also self-enforcing. If a developer made some malware, the Android community would find out soon enough. The only community endorsed by Apple are devs that develop apps to be distributed ONLY on the Apple app store framework.

    The purpose of jailbreaking, is to get free apps (for the most part) and circumvent the official Apple framework. The purpose of rooting and custom recoveries, is to rely completely on a different framework--the legitimate community, open-source framework.

    Doomsday prophecy for open-source is old news. *yawn* This is not to say it's not going to happen, or that no one will do it. What I am saying is, I fully trust software that is vetted by a large and active community of developers... i.e. xda, devs here on AC, etc.
  7. #7  
    2CupsWithString's Avatar
    passionately curious

    Posts
    2,812 Posts
    Global Posts
    2,825 Global Posts

    Default

    Just don't install a rom from some web site you don't know or by a developer that isn't recognized in the community.

Posting Permissions

B