It targets that because those old “insecure” SDKs allows people to use their system as something that isn’t a toy. Newer sdk versions refuse to run code that wasn’t included in the apk
Mobile platforms like android and iOS (more specifically GrapheneOS), are leagues ahead of desktop operating systems in terms of security because of these strict policies. and besides, you are treating untrusted code as untrusted code. I don’t see the flaw in that logic.
sure, they could use more apis for accessing system directories and stuff like that securely, but that’s not really in scope. this is for end users. not field deployment on an sbc for something.
Im gonna be honest i really don’t care about that. There is no sensitive data on my phone except maybe social media logins and i have a recent backup so🤷
that’s fair I suppose, I wasn’t saying not to use it, just that it is worth noting. these strict security policies are what makes mobile platforms much more secure than desktop platforms. I typically use my phone for security sensitive tasks because of this, so I tend to care a lot more about this stuff. if you have any banking info or password managers stored on the device, be careful.
I’ll admit, it is pretty unlikely anything to happen, though. always just better knowing.
termux targets an extremely out of date sdk and is therefore quite insecure.
It targets that because those old “insecure” SDKs allows people to use their system as something that isn’t a toy. Newer sdk versions refuse to run code that wasn’t included in the apk
Mobile platforms like android and iOS (more specifically GrapheneOS), are leagues ahead of desktop operating systems in terms of security because of these strict policies. and besides, you are treating untrusted code as untrusted code. I don’t see the flaw in that logic.
sure, they could use more apis for accessing system directories and stuff like that securely, but that’s not really in scope. this is for end users. not field deployment on an sbc for something.
Do newer SDK work on obsolete devices running Android 9/10?
Im gonna be honest i really don’t care about that. There is no sensitive data on my phone except maybe social media logins and i have a recent backup so🤷
that’s fair I suppose, I wasn’t saying not to use it, just that it is worth noting. these strict security policies are what makes mobile platforms much more secure than desktop platforms. I typically use my phone for security sensitive tasks because of this, so I tend to care a lot more about this stuff. if you have any banking info or password managers stored on the device, be careful.
I’ll admit, it is pretty unlikely anything to happen, though. always just better knowing.