Submitted by TeaTime7079 t3_yi2tqx in explainlikeimfive
Comments
frakc t1_iugy0yf wrote
Computers has much more legacy code to support and that create a lot of vulnerabilities.
Also computers have to support much more protocols, which also create some vulnerabilities
Android and ios uses linux cores, which are more localized and have less attackable structure. But most importanly linux problems are much less known, because it became popular relatively recently and some thing maynot be found yet.
IronCraftMan t1_iuh1ovt wrote
Almost none of that is true.
> Computers has much more legacy code to support and that create a lot of vulnerabilities.
Not necessarily.
> Also computers have to support much more protocols, which also create some vulnerabilities
What protocols do computers support that your phone doesn't? On the other hand, phones support many protocols related to cellular connections, texting, calling, nearby communications, etc.
> ios uses linux cores
Nope.
> which are more localized and have less attackable structure.
The Linux kernel is anything but localized, it supports many more architectures than Windows.
> But most importanly linux problems are much less known, because it became popular relatively recently and some thing maynot be found yet.
You say that as if you need 10 years to develop an exploit. Not even close, many exploits are found due to new features with poor implementations. In any case, I'm not sure how true the claim that Linux has only recently became popular.
The real answer is defense in depth. App Stores provide a much higher barrier to entry, you can't just build an app and release it, you must sign up to a developer program and sign your program (even then, there's no guarantee that your app won't be immediately blacklisted after being found to be malicious). Even on Android, users need to explicitly allow apps from outside of the Play store. In addition, every app is sandboxed and has limited to access to files as well as hardware and software resources. Pair that with an immutable, signed system volume along with signing and verifying every program that runs and it becomes extremely difficult to attack.
All of these tactics could be applied to PCs, it's just that some of them significantly limit the user's control of the PC (and thus the usability), while phones have never really had that freedom in the first place.
frakc t1_iuh28js wrote
Ios is based on mac os, which is linux bsd operation system.
Linux F1 exploit was around at least 20 years, but was discovered around 5 years ago
Lunux is more localized not in terms of supporting less, but in terms of access. Eg on windows application is spread to many different places, which has different access levels
Have you seen phone which supports floppy disk? There are so many more protocols which computers support. Especially on system level.
Writerro t1_iuh0z6f wrote
> linux problems are much less known, because it became popular relatively recently and some thing maynot be found yet.
Not true. Linux was very populary for a loooong long time. But not on a customer devices but on routers, servers et cetera where often it is much more popular than Windows. So there was an incentive to find bugs and exploits in linux/unix operating systems for a long time. And I would argue that it's easier to find them in linux because it is open source.
frakc t1_iuh13p0 wrote
Where it was mostly in embeded forms, with greatly reduced features, which hackers could exploit.
Writerro t1_iuh4dt5 wrote
Linux on servers is not in embedded form, but fully functional, with every feature that regular desktop PC can have, if not more :)
It is the other way if anything - linux on android phones have reduced features available to user, because of permissions et cetera. That's why it's harder to hack android phone, because people there are not installing packages, but using Google play, people there have no root access et cetera.
[deleted] t1_iugxf0a wrote
[removed]
[deleted] t1_iugxot4 wrote
[deleted]
dmullaney t1_iugzb9j wrote
Imagine an old house, with timber frame windows, no locks just casement stays. Night latch, single cylinder door locks. Single bolted basement hatch.
Most PCs are that house, which someone has tried to make secure by adding more locks to the places they know are weakly secured.
Phones are a modern house with triple glazed PVC multi-point locking windows and steel frame multi rod security doors.
When you take something big and complicated that was never designed to deal with modern threats and you try to secure it, you can make it pretty good, but there is always the risk of gaps. When you design something to be secure from the start it's easier to ensure no gaps... But of course neither is perfectly secure.