[AndroidFan128]

Note that the malware I'm talking about doesn't involve the owner being kind of not careful and install a suspicious apk from a random site.

[chanchan05]

You mean like a PC virus where opening a website can open a can of worms? Not to my knowledge, no. AFAIK Android needs to have a malware installed by the user for it to have any sort of access. Which is why the most common form of attack is a fake virus warning with a link to install something.

I haven't heard of any newer form of malware if any exists. Let's wait if someone else might.

Note that the malware I'm talking about doesn't involve the owner being kind of not careful and install a suspicious apk from a random site.

[AndroidFan128]

You mean like a PC virus where opening a website can open a can of worms? Not to my knowledge, no. AFAIK Android needs to have a malware installed by the user for it to have any sort of access. Which is why the most common form of attack is a fake virus warning with a link to install something.

I haven't heard of any newer form of malware if any exists. Let's wait if someone else might.

So is security patches on my Android 1 so that important?

[chanchan05]

So is security patches on my Android 1 so that important?

Yes, because for one thing, even if you're careful, you might inadvertently install malware. Second, the patches protect you from other things like malware. For example the patch for KRACK and BLUBORNE aren't meant to protect from malware. They protect against active hacking. BLUBORNE for example is an exploit that allows a hacker to access your phone if your Bluetooth is on, even if you set it to hide.

[AndroidFan128]

Yes, because for one thing, even if you're careful, you might inadvertently install malware. Second, the patches protect you from other things like malware. For example the patch for KRACK and BLUBORNE aren't meant to protect from malware. They protect against active hacking. BLUBORNE for example is an exploit that allows a hacker to access your phone if your Bluetooth is on, even if you set it to hide.

So how about the other phones that never geet updates? are they vurbnable to attacks likr KRACK and BLUBORNE?

[chanchan05]

So how about the other phones that never geet updates? are they vurbnable to attacks likr KRACK and BLUBORNE?

Yes. Those were patched with the September update last year.

[AndroidFan128]

Yes. Those were patched with the September update last year.

so how about a work phone thats are vurnable to those kind of attacks cuz they arent patched?

[chanchan05]

so how about a work phone thats are vurnable to those kind of attacks cuz they arent patched?

Depends on what the phone is. Sometimes depending on manufacturer, the Google patches are not needed because the manufacturer already patched this themselves before hand.

Anyway, phones nowadays are not to be worried about much because most midrange to high range phones from reputable manufacturers are supposed to get security patches for two years anyway.

If you're worried, get a Pixel or a Nokia.

[Rukbat]

We just had this discussion on Quora yesterday. Any computer connected to the outside world, except through the power lines so far, is susceptible to malware. Android, iPhone, Linux computers, Sun SPARC - even supercomputers. Which is why Google is now insisting that all manufacturers who use Android issue monthly security updates. Google issues them, but the manufacturers seem to either wait until there are a few months' worth, or just ignore them. Now there's probably going to be some sort of "Seal of Update Approval" or something - manufacturer A gets it because they've signed onto the program, manufacturer B doesn't - and once people start understanding the difference, manufacturer B either gets with the program or starts making doorbells.

But yes, Android (actually Linux, the operating system that Android runs on) is susceptible to malware, even from apps you install from the Play store, even from visiting "safe" websites. (The worst virus ever - in terms of amount it cost to get rid of it - back around 10 years ago, was a Linux virus. Even being able to root an Android phone is a sign of a security hole in that phone's implementation.