https://www.tomsguide.com/uk/news/mobile-auth-app-hack-rsa20
https://www.pcmag.com/news/android-malware-can-steal-2fa-codes-from-google-authenticator-app
Some interesting info about security problems with Android and Apple cell phones.
I don't understand the specific reference to Samsung phones. According to this article (https://www.tomsguide.com/uk/us/android-patch-gap,news-26970.html), which was referenced by one of the references in Bill's post, Samsung was one of the better manufacturers in terms of their security patches.
Quote from: fox on February 29, 2020, 08:24:26 AM
I don't understand the specific reference to Samsung phones. According to this article (https://www.tomsguide.com/uk/us/android-patch-gap,news-26970.html), which was referenced by one of the references in Bill's post, Samsung was one of the better manufacturers in terms of their security patches.
That article is from almost 2 years ago. It might have something to do with it. But like you, in the first article Bill referenced, I don't get the Samsung hate other than mentioning that they have faked updates. The same article said that others had, too. I might stay away from those phones simply because they're a bigger target (i.e. more people use them).
I just checked using SnoopSnitch any my 3-year old Sony phone has has 91 patches and 4 that came out since the last claimed patch level (May 5, 2019). Unless I look up each CVE, I don't how critical those patches are; maybe later, I'll look them up.
I downloaded and ran SnoopSnitch as well on my Galaxy S9. Result: 52 patches, none missing. Last claimed patch level: Jan. 1, 2020. So much for trashing Samsung. >:(
New phone? Like relatively new - last six months new?
I don't think they're bothering to patch my phone anymore although your article mentioned that Sony was one of the companies (in 2018, anyway) that was good with patching. But my phone is three years old. I doubt many phones are patched after that amount of time. Even Google only promises two years of patching for their phones.
I just re-read the article in the first link that ssfc mentioned and it refers to their slideshow (https://published-prd.lanyonevents.com/published/rsaus20/sessionsFiles/17914/2020_USA20_MBS1-W02_01_Mobile%20MFA%20Madness%20Mobile%20Device%20Hygiene%20and%20MFA%20Integrity%20Challenges.pdf). That's kind of cool. Maybe that will explain better why the one research doesn't recommend Samsung.
Quote from: Jason Wallwork on February 29, 2020, 01:15:07 PM
New phone? Like relatively new - last six months new?
....
New to me (I bought it secondhand a few months ago), but the Samsung Galaxy S9 came out in March 2018. So almost 2 years old.