I often hear, “You should never cheap out on a good office chair, shoes, underpants, backpack etc…” but what are some items that you would feel OK to cheap out on?
This can by anything from items such as: expensive clothing brands to general groceries.
Yes and no. For apple you can use their phones for quite a long time securely. For Android that is a very different story. As far as I know only Google with their new pixel phones and Samsung have offered more than 2 years of updates. After that time your phone becomes a security risk. So make sure your devices receives updates or can be used with a custom ROM (though that can be insecure as well).
It’s 2 years of FEATURE updates, usually longer for security.
Sometimes. It depends on the manufacturer. Some do more some don’t promise anything. You have to know what you have. Also the support time starts usually at the start of sale not at the time of purchase. That means if you buy a new phone that was released a year ago on clearance or something you might have only half the time.
What a load of crap. My phone is 5 years old and the only security risk is me blindly installing questionable APKs off the Internet or clicking pop-up ads or something. It’s not like I’m walking around with a time bomb or anything when all I do is browse a few apps and text and call.
Also the new pixel 8 supposedly is supposed to come with 7 years of updates. It’s entirely possible Google abandons that plan though, given their track record.
There have been a few bugs in the past years that let you take over a phone without user interaction. There was one where you only need to receive an SMS (it was invisible even) and your phone is infected. Another one was a vulnerability in wifi calling and voice over lte.
A phone is not a passive device that only gets something when you request it. You take also it with you to public places, use it in open wifi networks and you get calls. All that while being used for security critical stuff like 2FA, banking and payment.
You shouldn’t use a phone without current security updates for much more than calling. It is a time bomb. If you want to educate yourself further you should look at “zero click vulnerabilities”.
And if you happen to be in Vegas during Def con you should probably just turn off your phone and leave it in the room.