On Wed, 17 Jul 2019 15:59:49 +0100, MissRiaElaine wrote:
On 17/07/2019 10:30, Recliner wrote:
Roland Perry wrote:

I just went to Amazon to look, for my LG phone. A choice of 13 products,
every single one "Currently unavailable".

Presumably because your phone is ancient? The assumption is that people
buy accessories when they first buy a phone, not when they unearth one in
an archaeological dig.

Ooh, that's a bit strong..! What's wrong with old phones, anyway..?

For a 'dumbphone', not a lot.

Using a smartphone once it no longer receives security patches isn't
something I would do personally.

On 17/07/2019 16:15, David Walters wrote:
On Wed, 17 Jul 2019 15:59:49 +0100, MissRiaElaine wrote:
On 17/07/2019 10:30, Recliner wrote:
Roland Perry wrote:

I just went to Amazon to look, for my LG phone. A choice of 13 products,
every single one "Currently unavailable".

Presumably because your phone is ancient? The assumption is that people
buy accessories when they first buy a phone, not when they unearth one in
an archaeological dig.

Ooh, that's a bit strong..! What's wrong with old phones, anyway..?

For a 'dumbphone', not a lot.

Using a smartphone once it no longer receives security patches isn't
something I would do personally.

I've given up on 'smart' phones, I don't like the potential for tracking
and the likes of Google et al knowing where I am 24/7, nor having to
charge it every day at minimum. I still use the one I have (Samsung S5
mini) as a portable data terminal for things like 2-factor authorisation
etc. but there isn't a SIM in it any more and it never leaves the house.
In 'flight' mode the battery lasts almost a week, good enough for me.

As for phones, the Nokia 6310i reigns supreme..! I also recently
unearthed my old Nokia 6150, which still works on its 18yr old battery,
which although it uses the battery faster than the 6310i, still lasts a
week on standby.


--
Ria in Aberdeen

[Send address is invalid, use sipsoup at gmail dot com to reply direct]

MissRiaElaine wrote:
On 17/07/2019 16:15, David Walters wrote:
On Wed, 17 Jul 2019 15:59:49 +0100, MissRiaElaine wrote:
On 17/07/2019 10:30, Recliner wrote:
Roland Perry wrote:

I just went to Amazon to look, for my LG phone. A choice of 13 products,
every single one "Currently unavailable".

Presumably because your phone is ancient? The assumption is that people
buy accessories when they first buy a phone, not when they unearth one in
an archaeological dig.

Ooh, that's a bit strong..! What's wrong with old phones, anyway..?

For a 'dumbphone', not a lot.

Using a smartphone once it no longer receives security patches isn't
something I would do personally.

I've given up on 'smart' phones, I don't like the potential for tracking
and the likes of Google et al knowing where I am 24/7, nor having to
charge it every day at minimum. I still use the one I have (Samsung S5
mini) as a portable data terminal for things like 2-factor authorisation
etc. but there isn't a SIM in it any more and it never leaves the house.
In 'flight' mode the battery lasts almost a week, good enough for me.

As for phones, the Nokia 6310i reigns supreme..! I also recently
unearthed my old Nokia 6150, which still works on its 18yr old battery,
which although it uses the battery faster than the 6310i, still lasts a
week on standby.



Whereas I’m the opposite end of the phone user spectrum, I rarely use my
phone for voice calls (I have done more often in the past week or so
arranging car servicing etc however) or SMS (most of my contacts prefer
WhatsApp), but I use my phone for everything I used to use a computer for;
my laptop gets used once a month if that.


Anna Noyd-Dryver

In message , at 16:15:25 on
Wed, 17 Jul 2019, David Walters remarked:

I just went to Amazon to look, for my LG phone. A choice of 13 products,
every single one "Currently unavailable".

Presumably because your phone is ancient? The assumption is that people
buy accessories when they first buy a phone, not when they unearth one in
an archaeological dig.

Ooh, that's a bit strong..! What's wrong with old phones, anyway..?

For a 'dumbphone', not a lot.

Using a smartphone once it no longer receives security patches isn't
something I would do personally.

What's the main threat you are trying to avoid?
--
Roland Perry

On Wed, 17 Jul 2019 19:03:26 +0100, Roland Perry wrote:
In message , at 16:15:25 on
Wed, 17 Jul 2019, David Walters remarked:
Ooh, that's a bit strong..! What's wrong with old phones, anyway..?

For a 'dumbphone', not a lot.

Using a smartphone once it no longer receives security patches isn't
something I would do personally.

What's the main threat you are trying to avoid?

Mostly some malware getting installed via a remote or drive-by
vulnerability. There are undoubtedly other unpatched vulnerabilities in
my smartphone but I'd rather have protection from the known ones. I also
don't run Windows Vista anymore.

In message , at 11:07:01 on
Thu, 18 Jul 2019, David Walters remarked:
On Wed, 17 Jul 2019 19:03:26 +0100, Roland Perry wrote:
In message , at 16:15:25 on
Wed, 17 Jul 2019, David Walters remarked:
Ooh, that's a bit strong..! What's wrong with old phones, anyway..?

For a 'dumbphone', not a lot.

Using a smartphone once it no longer receives security patches isn't
something I would do personally.

What's the main threat you are trying to avoid?

Mostly some malware getting installed via a remote or drive-by
vulnerability.

What kinds of drive-by malware has been known to be delivered via apps
like Facebook and Twitter? What is the malware trying to achieve.

There are undoubtedly other unpatched vulnerabilities in my smartphone
but I'd rather have protection from the known ones. I also don't run
Windows Vista anymore.

A Windows PC is a completely different environment. Even though it's
also more likely to be running anti-malware than a typical phone.
--
Roland Perry

On Thu, 18 Jul 2019 13:32:23 +0100, Roland Perry wrote:
In message , at 11:07:01 on
Thu, 18 Jul 2019, David Walters remarked:
On Wed, 17 Jul 2019 19:03:26 +0100, Roland Perry wrote:
In message , at 16:15:25 on
Wed, 17 Jul 2019, David Walters remarked:
Ooh, that's a bit strong..! What's wrong with old phones, anyway..?

For a 'dumbphone', not a lot.

Using a smartphone once it no longer receives security patches isn't
something I would do personally.

What's the main threat you are trying to avoid?

Mostly some malware getting installed via a remote or drive-by
vulnerability.

What kinds of drive-by malware has been known to be delivered via apps
like Facebook and Twitter?

I'm not aware of any but I use many other apps on my smartphone such
as Chrome which has had bugs exploited in the past. One example is at
https://www.helpnetsecurity.com/2016...droid-malware/.
That still requires an extra step but a similar bug might not.

What is the malware trying to achieve.

Perhaps it will be combined with some kind of permissions exploit that
means it can harvest data from other apps which in my case would include
my banking details/tokens. I could not have banking apps on my smartphone
but I choose to for the convenience and balance some of the risk by
having an up to date OS. Your choice might be different.

In message , at 14:36:40 on
Thu, 18 Jul 2019, David Walters remarked:
On Thu, 18 Jul 2019 13:32:23 +0100, Roland Perry wrote:
In message , at 11:07:01 on
Thu, 18 Jul 2019, David Walters remarked:
On Wed, 17 Jul 2019 19:03:26 +0100, Roland Perry wrote:
In message , at 16:15:25 on
Wed, 17 Jul 2019, David Walters remarked:
Ooh, that's a bit strong..! What's wrong with old phones, anyway..?

For a 'dumbphone', not a lot.

Using a smartphone once it no longer receives security patches isn't
something I would do personally.

What's the main threat you are trying to avoid?

Mostly some malware getting installed via a remote or drive-by
vulnerability.

What kinds of drive-by malware has been known to be delivered via apps
like Facebook and Twitter?

I'm not aware of any but I use many other apps on my smartphone such
as Chrome which has had bugs exploited in the past. One example is at
https://www.helpnetsecurity.com/2016...droid-malware/.
That still requires an extra step but a similar bug might not.

That's fixed by an upgrade to the browser app, which I don't regard as
coming into the category of "software patches [that one might no longer
be getting].

My phone which isn't getting *Android* updates, has still managed to
automatically update itself to Chrome dated 4th June 2019. Which is the
latest release version.

What is the malware trying to achieve.

Perhaps it will be combined with some kind of permissions exploit that
means it can harvest data from other apps which in my case would include
my banking details/tokens. I could not have banking apps on my smartphone
but I choose to for the convenience and balance some of the risk by
having an up to date OS. Your choice might be different.

Indeed. I would never have a banking app on my phone unless it was of
very little importance. Although like Chrome, I'd hope to be getting
updates to the *app* which in turn had countermeasures for know exploits
within *Android*.
--
Roland Perry

On Fri, 19 Jul 2019 21:32:17 +0100, Roland Perry wrote:
In message , at 14:36:40 on
Thu, 18 Jul 2019, David Walters remarked:
On Thu, 18 Jul 2019 13:32:23 +0100, Roland Perry wrote:
In message , at 11:07:01 on
Thu, 18 Jul 2019, David Walters remarked:
On Wed, 17 Jul 2019 19:03:26 +0100, Roland Perry wrote:
In message , at 16:15:25 on
Wed, 17 Jul 2019, David Walters remarked:
Ooh, that's a bit strong..! What's wrong with old phones, anyway..?

For a 'dumbphone', not a lot.

Using a smartphone once it no longer receives security patches isn't
something I would do personally.

What's the main threat you are trying to avoid?

Mostly some malware getting installed via a remote or drive-by
vulnerability.

What kinds of drive-by malware has been known to be delivered via apps
like Facebook and Twitter?

I'm not aware of any but I use many other apps on my smartphone such
as Chrome which has had bugs exploited in the past. One example is at
https://www.helpnetsecurity.com/2016...droid-malware/.
That still requires an extra step but a similar bug might not.

That's fixed by an upgrade to the browser app, which I don't regard as
coming into the category of "software patches [that one might no longer
be getting].

My phone which isn't getting *Android* updates, has still managed to
automatically update itself to Chrome dated 4th June 2019. Which is the
latest release version.

There is a list of 5 remote code execution
bugs in Android that have been patched this month at
https://source.android.com/security/bulletin/2019-07-01. It's a similar
list for June, May, April etc.

What is the malware trying to achieve.

Perhaps it will be combined with some kind of permissions exploit that
means it can harvest data from other apps which in my case would include
my banking details/tokens. I could not have banking apps on my smartphone
but I choose to for the convenience and balance some of the risk by
having an up to date OS. Your choice might be different.

Indeed. I would never have a banking app on my phone unless it was of
very little importance. Although like Chrome, I'd hope to be getting
updates to the *app* which in turn had countermeasures for know exploits
within *Android*.

If someone has root on the device I don't think any individual app can
keep itself secure anymore. Many apps will try and detect a jailbroken
device and disable themselves but it isn't clear to me that that detection
is infallible. Better to take reasonable steps to secure the device
which includes security patches IMHO.

On 18/07/2019 13:32, Roland Perry wrote:

What kinds of drive-by malware has been known to be delivered via apps
like Facebook and Twitter?

Brexit and Trump?



--
Arthur Figgis Surrey, UK