Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5 | 6
karit

84 posts

Master Geek


  #686544 15-Sep-2012 21:32
Send private message

You buy the phone and nowhere does it say they promise to update it for you, When was the last time you got an update on a Nokia 5110?


Yeah but we are in 2012 and phones are running much heavier OS and have internet connections so security and the security updates are far more important now. We have banks now rolling out apps to use on phones to do banking.

With a Nokia 5110 could you identify a defect in the OS? With my phone I can clearly say that it has CVE-2011-3874 and Google does have a fix for it https://code.google.com/p/android/issues/detail?id=21681. so some researchers have found the issue and done a CVE and Google has acknowledge the defect and created a patch for it.

Affiliate link
 
 
 

Affiliate link: Trend Micro provides enhanced protection against viruses, malware, ransomware and spyware and more for your connected devices.
joutei
307 posts

Ultimate Geek


  #686547 15-Sep-2012 22:03
Send private message

A Phone can stop receiving updates and patches at anytime.

If the phone you have received is in working order, then that is their job done.

Unless it is major threat to the user, then alot of end users will bring that to the manufacturers attention.

Just be patient and it will come out once it is ready.




iMac 27 2014
Macbook Pro Retina 2013
iPhone 6s
iPad Air 2

VDSL Sync @ 69Mbps Down / 29Mbps Up


karit

84 posts

Master Geek


  #686551 15-Sep-2012 22:10
Send private message

joutei:
Just be patient and it will come out once it is ready.


Google release the patch for CVE-2011-3874 on 9 Nov 2011 https://code.google.com/p/android/issues/detail?id=21681

So what part needs to be ready? Google has acknowledged it as a high defect and they have written the patch (which is attached to the defect report). All the bits are there.



joutei
307 posts

Ultimate Geek


  #686554 15-Sep-2012 22:30
Send private message

The carriers need to test it.





iMac 27 2014
Macbook Pro Retina 2013
iPhone 6s
iPad Air 2

VDSL Sync @ 69Mbps Down / 29Mbps Up


CYaBro
3826 posts

Uber Geek

ID Verified
Subscriber

  #686582 16-Sep-2012 01:44
Send private message

A security hole in the software is not a defect, the Phone still works as intended so not covered by the cga.

NonprayingMantis
6434 posts

Uber Geek


  #686583 16-Sep-2012 02:22
Send private message

I understand that criminals can break into cars using only a brick through the window.

I demand that Holden replace my 2 year old Commodore with a brand new model that has unbreakable windows. I claim this under the CGA.

I can do that... right?

sbiddle
30853 posts

Uber Geek

Retired Mod
Trusted
Biddle Corp
Lifetime subscriber

  #686588 16-Sep-2012 07:20
Send private message

Going right back to the start I posted about software and the CGA - something many people are overlooking.

Software is covered by the CGA, an inclusion that was added in 2002. There is case law regarding claims, but they're not going to side with the OP. If he wants to push the claim I'm sure you'll be able to get some good legal advice, however it's certainly going to cost you more than a new phone.




gregmcc
2031 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #686593 16-Sep-2012 07:50
Send private message

Software is software, if it's in a cellphone, computer, coffee maker, or car, makes no difference. Imagine if there was a bug in the software of the ABS computer of your car and under certain conditions the brakes would not function at all, no imagine if the car maker said "tough luck, we will get around to issuing a patch and releasing it when we feel like it, good luck".

so the cell phone software crashing isn't as bad as the ABS computer in a car failing, but the CGA does quite clearly say software must be free from defects


CYaBro
3826 posts

Uber Geek

ID Verified
Subscriber

  #686599 16-Sep-2012 08:29
Send private message

Except the op didn't say that the phone is crashing, they said there are security vulnerabilities and these don't affect the functionality of the phone. The phone is doing everything that it is intended to do.

I would say that some responsibility of the security of your device falls on the owner, just like with a computer.
If you don't run antivirus software on your computer then really it's your own fault if you get infected or hacked via a security vulnerability.
There is antivirus software available for android devices so I'd say if you aren't using that then you're not taking the security of your device seriously so you can't blame the manufacturer for that, jus like with a pc.

gregmcc
2031 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #686601 16-Sep-2012 09:04
Send private message

CYaBro: Except the op didn't say that the phone is crashing, they said there are security vulnerabilities and these don't affect the functionality of the phone. The phone is doing everything that it is intended to do.


I pretty sure that "security vulnerabilities" were not an advertised feature of the phone at time of purchase that been the case it is a software problem and under the CGA the manafacture is obligated to fix it

joutei
307 posts

Ultimate Geek


  #686704 16-Sep-2012 15:54
Send private message

A car is a totally different story.

A phone is not going to kill you nor injure you if it doesnt have its updates.




iMac 27 2014
Macbook Pro Retina 2013
iPhone 6s
iPad Air 2

VDSL Sync @ 69Mbps Down / 29Mbps Up


karit

84 posts

Master Geek


  #686708 16-Sep-2012 16:07
Send private message

joutei: A car is a totally different story.

A phone is not going to kill you nor injure you if it doesnt have its updates.


Safe is mentioned in the CGA though there is no definition of what safe means. And I assume the bar for safe is less than life critical.

Safe in regards to firmware could be applied to life critical but safe in firmware and software could also be applied to safe from the installation of the a trojan that could steal all you money given that most of the major banks have banking apps now.

I have no expectation that they will ship a product with zero defects but all I am asking for it to be provided with the security updates. XP was last sold via OEMs in 2010 (2008 for last off the shelf sales) and will receive security updates until 2014. So MS have a way every patch Tuesday of finding defects and releasing fixes to defects, which would mean they are making an effort to meet their CGA obligations around fixing defects in their product (sure CGA wouldn't have been a consideration but yeah).



richms
25269 posts

Uber Geek

Trusted
Subscriber

  #686709 16-Sep-2012 16:08
Send private message

Well, at least if this was to happen then I could use the CGA against samsung for the aweful software on my "smart" tv that is anything but. And as that has usability issues etc it would be a much more fair case for being somthing that the CGA would cover, but it isnt so I cant do anything about it.




Richard rich.ms

karit

84 posts

Master Geek


  #686710 16-Sep-2012 16:10
Send private message

CYaBro: A security hole in the software is not a defect, the Phone still works as intended so not covered by the cga.


So why has Google accepted it in their Defect tracking system and produced a patch for it if it wasn't a defect? https://code.google.com/p/android/issues/detail?id=21681

sbiddle
30853 posts

Uber Geek

Retired Mod
Trusted
Biddle Corp
Lifetime subscriber

  #686711 16-Sep-2012 16:19
Send private message

karit:
joutei: A car is a totally different story.

A phone is not going to kill you nor injure you if it doesnt have its updates.


Safe is mentioned in the CGA though there is no definition of what safe means. And I assume the bar for safe is less than life critical.

Safe in regards to firmware could be applied to life critical but safe in firmware and software could also be applied to safe from the installation of the a trojan that could steal all you money given that most of the major banks have banking apps now.

I have no expectation that they will ship a product with zero defects but all I am asking for it to be provided with the security updates. XP was last sold via OEMs in 2010 (2008 for last off the shelf sales) and will receive security updates until 2014. So MS have a way every patch Tuesday of finding defects and releasing fixes to defects, which would mean they are making an effort to meet their CGA obligations around fixing defects in their product (sure CGA wouldn't have been a consideration but yeah).




If you're so convinced you're right the best thing you can do is call a lawyer. It'll probably cost you a few $k however.

Since nobody else has mentioned it it's worth noting that software licences aren't necessarily covered by the law, and the OS on your phone is a licence, you do not own the software. You'll getting some more good case law even if it might cost you waaaaaay more than the cost of a new phone..


1 | 2 | 3 | 4 | 5 | 6
View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

Samsung Introducing Galaxy Z Flip4 and Galaxy Z Fold4
Posted 11-Aug-2022 01:00


Samsung Health Innovations with Galaxy Watch5 and Galaxy Watch5 Pro
Posted 11-Aug-2022 01:00


Google Bringing First Cloud Region to Aotearoa New Zealand
Posted 10-Aug-2022 08:51


ANZ To Move to FIS Modern Banking Platform
Posted 10-Aug-2022 08:28


GoPro Hero10 Black Review
Posted 8-Aug-2022 17:41


Amazon to Acquire iRobot
Posted 6-Aug-2022 11:41


Samsung x LIFE Picture Collection Brings Iconic Moments in History to The Frame
Posted 4-Aug-2022 17:04


Norton Consumer Cyber Safety Pulse Report: Phishing for New Bait on Social Media
Posted 4-Aug-2022 16:50


Microsoft Announces New Solutions for Threat Intelligence and Attack Surface Management
Posted 3-Aug-2022 21:54


Seagate Addresses Hyperscale Workloads with Enterprise-Class Nytro SSDs
Posted 3-Aug-2022 21:50


Visa Launching Eco-friendly Payment Solutions in New Zealand
Posted 3-Aug-2022 21:48


NCR Delivers Services to Run Bank of New Zealand ATM Network
Posted 30-Jul-2022 11:06


New HP Portfolio Supports New Era of Hybrid Work
Posted 28-Jul-2022 17:14


Harman Kardon Launches Citation MultiBeam 1100 Soundbar
Posted 28-Jul-2022 17:10


Nanogirl Labs Launches Creator Project
Posted 28-Jul-2022 17:05









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.







Backblaze unlimited backup