Is 2GB Of RAM "Enough?"

[kramer5150]

A variety of things. See Moto G5 / Moto G5 Plus at forums.lenovo.com

Bottom line, for me, is after the way Lenovorola did G3 owners wrong I no longer have much trust in them. That's one reason I held off as long as I did. I was actually going to hold off another couple weeks. But, now I'm thinking my decision is made. The "red tint in corners when recording 1080P at 60FPS," and Lenovorola's blow-off (essentially "That the way it is. Too bad.") brought back into very sharp focus why six months ago I'd decided I'd be disinclined to buy Lenovorola again.

FWIW... All cell phone tech support forums read like that... even apple / iOS. For the simple reason that those customers who have no issues won't be logging in and posting questions/complaints. If you try and make purchasing decisions based on tech support and complaint forums, you'd never buy anything in this industry... because EVERYTHING reads like a dumpster fire. When it really may not be the device at fault. There are FAR too many variables at play (network, user error, apps, intended usage...etc) to decisively conclude one device is or isn't up to par. Especially with a handset as new as these.

IMHO just having manufacturer support community forums is a step in the right direction. Manufacturers who do not have them, still have unhappy customers and defects... you'll just never hear about it, or more likely the will be scattered across the www as opposed to being consolidated.

I got to spend some time with a moto G5 plus this weekend on a camping trip with my sons boy scout troop. We were continually in and out of cellular coverage throughout the weekend. The G5 plus was purchased carrier unlocked by its owner and was running on ATT. This scout was using it for GPS, some pictures, video, and gaming during the long car rides. I didn't ask him how bright his screen setting was, but logically he had it turned up enough to be seen in very bright sunlit conditions. I was overall very impressed with his G5+ on ATT. Good battery life, good connectivity, he was using BT headphones much of the time....etc. Overall I have been very happy with my LG-V10 on Verizon since Dec 2015. He and I could have easily switched phones for the weekend and I would have been just fine with his G5+ on ATT. Sure my V10 camera may be a little better, and I can swap batteries on a whim... but when you consider his moto was under $250 and my LG was $750 (!!!). He's running a FAR better CPU, pure Android with very little bloatware, and a better version of Android.

 

[LeoRex]

My wife's Google account was just owned again, yesterday. Long story short: Between the demise of Motorola Mobility, thus there no longer existing any decent affordable Android handsets, and Google/Android being the security disaster it is, my current thinking is we may walk away from Android entirely. All my worst fears about "smart"phones, what kept me away from them for so long in the first place, are coming true.

Well... breaches are a pain.. but that's not solely a Google thing.. there have been plenty of iCloud accounts that have been compromised (ask Scarlett Johansson)

Have you tried using two factor authentication? I have it on my account and no one's getting in there unless authorized by me (via prompts on my phone, emails, etc). There are a lot of safeguards that you can enable on Google's dashboard to reduce any chances of that happening.

 

[Almeuit]

*ick* I'm reading nothing good at all about the UI on Huawei's Honor line.

My wife's Google account was just owned again, yesterday. Long story short: Between the demise of Motorola Mobility, thus there no longer existing any decent affordable Android handsets, and Google/Android being the security disaster it is, my current thinking is we may walk away from Android entirely. All my worst fears about "smart"phones, what kept me away from them for so long in the first place, are coming true.

Thanks for the feedback, everybody! Appreciate it.

I have yet to get my Google account hacked once and I have been on Android the entire time (except for 2-3 months with the iPhone 6 Plus when it came out to give it a shot and see how a big iPhone felt). I use LastPass so my password is insane (and long) but also I use 2 factor. No issues .

 

[Old Stoneface]

Have you tried using two factor authentication?

The problem now is Google has her phone locked-out because of their poorly-designed FRP (Factory Reset Protection). It may be the phone is essentially bricked. Will have to wait up to 72 hours to find out.

To say that I'm exceedingly annoyed with Google, right now, would be an understatement of epic proportions.

How annoyed? Today I uninstalled Google Chrome on every computer and Android device. I cancelled my G+ and YouTube accounts. I deleted my Google Voice number. I have disabled or removed from my Android devices every application for which I don't have an absolute need (and the bar for that is slowly shifting upwards). I just disco'd and put up for a give-away the Google ChromeCast I bought a few months ago. (I ceased using Google for a search engine long ago.)

When my tablet dies I will simply send it off to a recycler. I will not replace it. Not with an Android tablet, anyway.

Google has finally annoyed me so many times, and so greatly, this time, that I want as little to do with them as possible.

 

[Old Stoneface]

I have yet to get my Google account hacked once and I have been on Android the entire time (except for 2-3 months with the iPhone 6 Plus when it came out to give it a shot and see how a big iPhone felt). I use LastPass so my password is insane (and long) but also I use 2 factor. No issues .

I never been 0wn3d, either, and I use... used my phone and tablet far more intensely than my wife. I'm guessing, from the way this happened, that one of the games she installed, from the Play Store, had an exploit in it.

Coincidentally, this showed up in one of my security newsfeeds today: FalseGuide malware hits 600K devices via botnet on Google Play

The way I see it: It's only a matter of time before the bad guys sneak something into a legitimate non-game app. I do not plan to wait for it to happen to me. As I noted: I've already removed or disabled everything I don't absolutely need. I'll probably remove or disable more, before I'm done.

I'm as done with Google as I can possibly be, short of tossing this Android stuff in the trash. (And if I could afford to do that, right about now I probably would.)

 

[Almeuit]

I never been 0wn3d, either, and I use... used my phone and tablet far more intensely than my wife. I'm guessing, from the way this happened, that one of the games she installed, from the Play Store, had an exploit in it.

Coincidentally, this showed up in one of my security newsfeeds today: FalseGuide malware hits 600K devices via botnet on Google Play

The way I see it: It's only a matter of time before the bad guys sneak something into a legitimate non-game app. I do not plan to wait for it to happen to me. As I noted: I've already removed or disabled everything I don't absolutely need. I'll probably remove or disable more, before I'm done.

I'm as done with Google as I can possibly be, short of tossing this Android stuff in the trash. (And if I could afford to do that, right about now I probably would.)

Good luck! I still find it hard to believe she got owned simply by installing something from the Play Store but without truly knowing .. I guess it is hard to pin-point. I just have yet to have it happen to me or friends who follow proper online security.

 

[Old Stoneface]

Good luck! I still find it hard to believe she got owned simply by installing something from the Play Store ...

Did you see the reference to the article I posted previously? 600k Android users compromised by games downloaded from the Play Store. That wasn't a first. Though it may be a first of that magnitude.

My wife almost never uses her desktop system, any more, and it's Linux, not MS-Windows, anyway. While not immune, it's not the Internet equivalent of an electronic Petri dish, either.

In my estimation the only places from where her Google password could possibly have been harvested were her two Android devices.

That, coupled with the 600k incident, tears it for me. IMO it's apparent Google's stewardship of the Play Store is lax, at best. Coupled with Android's execrable security, where many (the majority of?) Android devices never see even critical security updates, I no longer feel it can even remotely qualify as an even nominally secure platform.

I just have yet to have it happen to me or friends who follow proper online security.

How do you define "proper online security?"

Mind you: I've been doing computer/network security since before the vast majority of people currently on the Internet even knew such a thing as computer networks, much less the Internet, even existed. My wife is no computer/network fool. She knows better than to open just what ever flies past or to click on whatever link presents itself. She wouldn't have the first idea of how to side-load, even if her devices had had "Unknown sources" enabled.

How aware is she? When she got the first "account compromised" notification, she examined the email headers to verify the email actually came from Google (yes: I taught her how to do that), before clicking the link to account recovery.

 

[Almeuit]

Did you see the reference to the article I posted previously? 600k Android users compromised by games downloaded from the Play Store. That wasn't a first. Though it may be a first of that magnitude.

My wife almost never uses her desktop system, any more, and it's Linux, not MS-Windows, anyway. While not immune, it's not the Internet equivalent of an electronic Petri dish, either.

In my estimation the only places from where her Google password could possibly have been harvested were her two Android devices.

That, coupled with the 600k incident, tears it for me. IMO it's apparent Google's stewardship of the Play Store is lax, at best. Coupled with Android's execrable security, where many (the majority of?) Android devices never see even critical security updates, I no longer feel it can even remotely qualify as an even nominally secure platform.


How do you define "proper online security?"

Mind you: I've been doing computer/network security since before the vast majority of people currently on the Internet even knew such a thing as computer networks, much less the Internet, even existed. My wife is no computer/network fool. She knows better than to open just what ever flies past or to click on whatever link presents itself. She wouldn't have the first idea of how to side-load, even if her devices had had "Unknown sources" enabled.

How aware is she? When she got the first "account compromised" notification, she examined the email headers to verify the email actually came from Google (yes: I taught her how to do that), before clicking the link to account recovery.

And did she have 2 step already enabled?

 

[Aquila]

The FalseGuide thing - that's 600 apps installed that were not malware in and of themselves. Only those that enabled the administrator permission had a chance to become infected - we don't know how many people were dumb enough to do that. And of those people, only the ones dumb enough to click links sent to them in a messages after giving a game guide admin privileges would be able to actually become "contaminated".

Getting malware on an Android device is actually pretty difficult. You almost have to go out of your way to do it.

 

[Aquila]

IMO it's apparent Google's stewardship of the Play Store is lax, at best. Coupled with Android's execrable security, where many (the majority of?) Android devices never see even critical security updates, I no longer feel it can even remotely qualify as an even nominally secure platform.

Man, there is so much wrong with this part ... it's just not even close. So if you're an experienced security expert, how do you not know about the layers protection both within the Play Store and the operating system itself that make it nearly impossible for what you're describing to ever do any harm? I'm not trying to be a jerk here, it's just that there's a TON of information about this available. As an example, the most secure mobile device available to consumers - is the Google Pixel. The iPhone 7 is the next best thing, but Android edges it out. That is, until users decide to break the security, such as by allowing apps to have permissions they don't need, downloading apps from third party markets or shady websites or granting physical access to a device to a third party.

 

[LeoRex]

And if you REALLY want to go all Lord Torquemada on your phone, you can always get one of the supported devices and install Copperhead OS on it....

https://copperhead.co/android/

Still, a device is only as secure as the person using it. It is extremely difficult to brute force into even a moderately up to date Android phone from a remote source. About the only way to do so is either trick the user into inviting your attack in, or having the actual physical device in hand.

Still... if two factor is enabled, if a remote party did manage to get ahold of your account and password, it would be extremely difficult for them to ever access it without you knowing the instant they attempted.

 

[mohit9206]

I know OP no longer has intentions to buy the G5 Plus but if he changes his mind, then definitely do not buy the 2gb ram model. The reason being you mentioned doing bit of browsing, and chrome is a memory hungry app that eats ram for breakfast. Even if you only do little bit of web browsing, you should avoid 2gb ram model. The frustration of web page being refreshed every time you switch to it from another tab or app is something best avoided.

 

[Old Stoneface]

This will be my last post to this thread and my last words on the matters addressed here. At least here, and at least for now.

Re: 2FA. No, because we're using IMAP/submission email clients on desktops and mobile devices. Can't use 2FA in conjunction with those.
Re: FalseGuide. No, it wasn't "600 apps," it was 600,000 Android users compromised by dodgy games downloaded from Google's own app store.
Re: "There's so much wrong with that..." All I can say is I'm subscribed-to or follow multiple security venues/feeds and the number of advisories I've seen relating to Google/Android far outstrip those I see related to iOS. There's no arguing with the fact that my wife's account was 0wn3d and I'm 99-44/100% sure it had to be via one of her Android devices, since nothing else was used between the 2nd and 3rd events.
Re: Copperhead. Device set too limited. Thanks for the pointer, though.
Re: 4GB Moto G5 Plus. Noted. Thanks, despite the fact I hope never to have to use your advice

I have not committed to make the switch to iOS, but, I am now researching it seriously. Until and unless I've determined it is not practical, either for economic or other reasons, I'll be investing in no new mobile devices. Meanwhile: Our Android stuff has been stripped of any and all applications or access they don't need, to be useful, and will remain that way for the foreseeable future. Bottom line: My faith in the Android ecosystem, already fragile, has been shattered. I doubt I'll ever fully trust it again.

And, because we're now so annoyed with Google, and distrustful of them and Android: No Google products or services we cannot avoid will be used by us, going forward. Very likely ever again.

Do me wrong once: Your fault. Do me wrong again: My fault.

Lastly: Thanks, everybody, for your courteous replies, suggestions and feedback. Agree or disagree: I appreciate it.

 

[Ry]

You can avoid Google altogether.

 

[Aquila]

. No, it wasn't "600 apps," it was 600,000 Android users compromised by dodgy games downloaded from Google's own app store.

My fault on the typo, it was 600,000 app installs - of which an unknown number of users were dumb enough to give it the permission it needs to do anything and from there, an unknown number of people who were dumb enough to then download stuff from random messages that appeared on their phone. So far the number of confirmed maliciously impacted devices is 0.