* not that average Joe should be able to do it himself *
From the article: "This new law states, specifically, that users should be able to replace a battery in their phone without any special expertise or tools."
Wouldn't that mean that Average Joe should be able to do it? I would assume that I'd be able to buy a battery and replace it at home instead of shipping it off to some factory and being without a phone - or not actually have to take it to the nearest shop if I don't want to be without a phone for a while.
And from what I can find about Apple's battery replacement: They'll only do it IF you have apple care AND your battery has 80% capacity and your phone doesn't have issues such as a cracked screen. [1] This certainly doesn't sound like an easily replaceable battery.
I recently got the battery in my 6-year-old iPhone replaced by Apple for, as I recall, €55. Just brought it in and they did it, no applecare. Made the phone as good as new, I hope to use it until OS security updates stop, which should be at least another couple years.
And the "no cracked screens" provision is because access to the battery on most iPhones is from the top side, by lifting the display with a suction cup. If the glass is already cracked, lifting it is likely to cause further damage, and it may not go back in afterwards.
iPhones are the best value phone on the market today bar-none, people just tend to be short sighted with their understanding of "expensive".
You can buy a €400 used iPhone and get updates for longer than most brand new Android phones. And by the time that used iPhone stops getting updates, you'll still be able to sell it for some non-zero value, while that budget phone will be worthless and destined to be e-waste.
My phone was $150 brand new and still works acceptably over 3.5 years later. Software updates weekly thanks to LineageOS (firmware updates are another story).
Yeah, I'm probably one of the most uniquely qualified people to plug LineageOS as an engineer who's launched multiple AOSP based hardware products.
Comparing LineageOS to actual first party support when the SoC manufacturer has long forgotten your device exists isn't really realistic: you're getting updates in name only. The blobs that run the most important things are frozen in time.
-
Not to mention, if you're willing to put up with that level of limitation, you can get a brand new iPhone SE for $150 too. It'll be locked to a carrier, but that's a lot less limiting than "literally never going to have a meaningful update again"
I'm not going to argue that "use LineageOS" is viable advice for most users (it's not), but what do you mean "The blobs that run the most important things are frozen in time"? I suppose they're "the most important things" in that they're required for a usable device, but I wouldn't call them the most important things when it comes to updates.
If I'm running an outdated Android version, my threat model basically can't include any internet or cell connectivity, since an outdated media parser means a bad web page or media message and my phone is the attacker's playground. But an outdated baseband firmware means what, I have to watch out for ne'er-do-wells dodging the FCC with high powered SDRs in my neighborhood who know what model of phone I'm using? In a better world, Lineage could feasibly ship updates for every component, but as far as I can see, one of these is a lot more important than the other, and it's the one LineageOS does take care of.
The SoC has a lot more binary blobs than a baseband firmware. It's one thing if the alternative was living like a hermit, but no, the alternative is not supporting an ecosystem predicated on SoC vendors abandoning your advice because it's in their best interest for you to buy a new one.
Android for personal use is a complete non-starter for me today, it's a terrible ecosystem driven on waste with fundamental flaws that will never get fixed because of a misalignment of interests.
Again, not defending the Android ecosystem, but what is the threat model here? Poking through those, they all seem only locally exploitable by malicious apps, which yeah not great, and under just the right circumstances maybe chainable from a sandbox, but hardly the most important thing to be concerned about for most users compared to "your device still has stagefright vulns".
At the point where you're writing off local arbitrary reads from unprivileged apps as "hardly the most important thing", I'm wondering what threat model you're pushing since to most people in security that's a pretty plain threat.
Even if you arbitrarily decide only RCEs matter, there's again a lot of binary blobs in a modern device and more importantly they do a lot more than you seem to think.
I'm not sure why Stagefright is your synecdoche for RCE when just a few months ago we got a set of CVEs that made it look like child's play. It turns out your device being exploited via baseband doesn't take SDRs, your baseband today is involved in MMS too:
Arbitrary local reads from unprivileged apps is a "pretty plain threat" in terms of recent developments in security as a result of improvements to what we can secure. In a typical desktop OS, it's just the norm, but for mobile OSs we've moved the goal posts because we can. If we were talking about deploying a new OS or shipping new devices, then yes, it would be absolutely unacceptable, but we're talking about keeping smartphones past their support alive, so I think it's fair to say at that point we expect the user to only install a small set of critical applications on the device. If what the user wants is a mobile game console to mess around with while also functioning as secure storage for sensitive documents, then yes, the user might need to rethink what's acceptable risk.
>they do a lot more than you seem to think.
I do mobile security research, I am well aware of what these devices do. The reason I cite stagefright vulnerabilities as an example is because stagefright is a library that has continued to have vulnerabilities well past the original set you're probably thinking I'm referring to, and vulnerabilities that we have seen exploited in practice. Are there any known worms exploiting the project zero bug you've linked? Because at least from what I've come across, an updated LineageOS install only running apps from F-Droid would not be vulnerable to any non-targeted attack in the wild I've heard of. (Not a rhetorical question, to be clear, it's entirely possible I missed something, and I would love to know more if my understanding it out of date.)
From the article: "This new law states, specifically, that users should be able to replace a battery in their phone without any special expertise or tools."
Wouldn't that mean that Average Joe should be able to do it? I would assume that I'd be able to buy a battery and replace it at home instead of shipping it off to some factory and being without a phone - or not actually have to take it to the nearest shop if I don't want to be without a phone for a while.
And from what I can find about Apple's battery replacement: They'll only do it IF you have apple care AND your battery has 80% capacity and your phone doesn't have issues such as a cracked screen. [1] This certainly doesn't sound like an easily replaceable battery.
[1] https://support.apple.com/en-ie/iphone/repair/battery-replac...