
Ask HN: Android vs. iOS security? - humility
Which one is recommended for better security and why?
======
viraptor
As the other comment mentioned, "Android" is not one thing the same way iOS
is. But a reasonable simplification here is:

\- google phones (pixel line) is the baseline - you'll get there what you'd
expect from the upstream docs

\- copperhead
([https://copperhead.co/android/](https://copperhead.co/android/)) is going
way ahead of that with actual work at kernel level, extended selinux profiles,
and more - but you lose the default app market by default (that's ok if you do
want to have your own managed device)

\- every other OEM (whatever you can buy from the local provider) - they're
going to be behind by design - they do custom addons on google releases, but
no system-level development, so they can be at best as good as google devices
(usually worse)

So when comparing, decide which level of Android support are you really after.
Then there's the threat model: are you worried about random apps that you're
going to try, or are you going to use a minimal selection from known companies
and you mainly want to stop remote driveby exploitation via ads? Or are you
looking for something that will be well protected from seizure and physical
access?

------
cerberusss
The Android world is extremely divided, and it very much depends on which
phone you buy. There's this story recently:
[https://www.wired.com/story/android-phones-hide-missed-
secur...](https://www.wired.com/story/android-phones-hide-missed-security-
updates-from-you/)

But there have been other problems in the past, for example that most Android
phones are not encrypted by default.

------
itamarst
iOS. E.g.
[https://techsolidarity.org/resources/basic_security.htm](https://techsolidarity.org/resources/basic_security.htm)

