Please don't twist my words. I never said anything about recommending such a lifestyle to people. All I said was, using older devices without SW support, is the reality for a lot of people if you care to leave the tech bubble and see what devices people actually use, especially the not well off ones. Yes, a lot of people keep using their older device and they haven't got hacked. How do you get them to stop using their older devices, if they're happy with them and see no obvious threat and don't want to buy a new one?
Here's a though exercise: Most people use their device for browsing the web and messaging people, right? So as long as you keep your Play Services, browser and messenger apps up to date, how will malware get to the outdated layers of your OS to PWN you? Especially that modern web browsers and Andorid use sandboxing for apps and web tabs. I'm talking about realistic documented scenarios from the wild that have happened and are likely to repeat again, not state actors or scenarios from research labs where they hack you through the firmware vulns of the baseband modem.
Like I said, I'm not recommending you still use unpatched devices, but the realistic risk from using an Andorid device that stopped getting updates a year or so is relatively minimal in practice, otherwise there would be mass hacks and credential thefts left and right on a daily basis considering how many unpatched Android phones are out there.
Not when you can load an OS like Calyx [0], GrapheneOS [1] or LineageOS [2]. In this context the iPhone ends up the true "hope for the best" option. The original Pixel / Pixel XL (2016.10.04) can still run the latest LineageOS with current patches [3].
I was responding to the parent who recommended using unpatched, out of support Android.
People who’re comfortable (or can be bothered) installing alternative OSes on their phones have an entirely different view on device obsolescence. Statistically they’re also a rounding error in the total mobile-using population.
> Statistically they’re also a rounding error in the total mobile-using population.
Understood, but that has no bearing on the point being argued. You have no control over Apple IOS hardware after Apple stops supporting it. The fact that there is that "rounding error" is good for everyone as it is a force against closing that ecosystem which currently exists. It matters.
That’s a “hope for the best” approach to security, for me it’d be irresponsible to recommend it to even friends and family.
But if you want to do it with knowledge of the potential problems — go for it. It’s your phone and your data.