In message , at 14:36:40 on
Thu, 18 Jul 2019, David Walters remarked:
On Thu, 18 Jul 2019 13:32:23 +0100, Roland Perry wrote:
In message , at 11:07:01 on
Thu, 18 Jul 2019, David Walters remarked:
On Wed, 17 Jul 2019 19:03:26 +0100, Roland Perry wrote:
In message , at 16:15:25 on
Wed, 17 Jul 2019, David Walters remarked:
Ooh, that's a bit strong..! What's wrong with old phones, anyway..?

For a 'dumbphone', not a lot.

Using a smartphone once it no longer receives security patches isn't
something I would do personally.

What's the main threat you are trying to avoid?

Mostly some malware getting installed via a remote or drive-by
vulnerability.

What kinds of drive-by malware has been known to be delivered via apps
like Facebook and Twitter?

I'm not aware of any but I use many other apps on my smartphone such
as Chrome which has had bugs exploited in the past. One example is at
https://www.helpnetsecurity.com/2016...droid-malware/.
That still requires an extra step but a similar bug might not.

That's fixed by an upgrade to the browser app, which I don't regard as
coming into the category of "software patches [that one might no longer
be getting].

My phone which isn't getting *Android* updates, has still managed to
automatically update itself to Chrome dated 4th June 2019. Which is the
latest release version.

What is the malware trying to achieve.

Perhaps it will be combined with some kind of permissions exploit that
means it can harvest data from other apps which in my case would include
my banking details/tokens. I could not have banking apps on my smartphone
but I choose to for the convenience and balance some of the risk by
having an up to date OS. Your choice might be different.

Indeed. I would never have a banking app on my phone unless it was of
very little importance. Although like Chrome, I'd hope to be getting
updates to the *app* which in turn had countermeasures for know exploits
within *Android*.
--
Roland Perry