this post was submitted on 05 Jul 2023
33 points (94.6% liked)

Android

28183 readers
285 users here now

DROID DOES

Welcome to the droidymcdroidface-iest, Lemmyest (Lemmiest), test, bestest, phoniest, pluckiest, snarkiest, and spiciest Android community on Lemmy (Do not respond)! Here you can participate in amazing discussions and events relating to all things Android.

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules


1. All posts must be relevant to Android devices/operating system.


2. Posts cannot be illegal or NSFW material.


3. No spam, self promotion, or upvote farming. Sources engaging in these behavior will be added to the Blacklist.


4. Non-whitelisted bots will be banned.


5. Engage respectfully: Harassment, flamebaiting, bad faith engagement, or agenda posting will result in your posts being removed. Excessive violations will result in temporary or permanent ban, depending on severity.


6. Memes are not allowed to be posts, but are allowed in the comments.


7. Posts from clickbait sources are heavily discouraged. Please de-clickbait titles if it needs to be submitted.


8. Submission statements of any length composed of your own thoughts inside the post text field are mandatory for any microblog posts, and are optional but recommended for article/image/video posts.


Community Resources:


We are Android girls*,

In our Lemmy.world.

The back is plastic,

It's fantastic.

*Well, not just girls: people of all gender identities are welcomed here.


Our Partner Communities:

!android@lemmy.ml


founded 2 years ago
MODERATORS
 

Hey guys, I'm looking into buying a refurbished Google Pixel 5 (I have couple of options between amazon and other stores), however I'm not entirely sure about the longevity of a refurbished phone.

Positive reviews are often left by people who just bought the phone, but most of the negative reviews I found were from people who used it for more than couple of months and it concerns me.

Price is good, I'm looking specifically into a Pixel 5 because of the size which is much smaller than my Galaxy Note 9 that I find really uncomfortable to use.

Thank you!

you are viewing a single comment's thread
view the rest of the comments
[–] cozza55@lemmy.world 9 points 1 year ago (1 children)

I haven't done much reading into it, but something to consider is there was a post just recently that I saw someone mentioning that their pixel 4a was becoming unsupported very shortly. You may want to see when the scheduled EOL for the 5 is as that might influence your decision if that is sooner than you'd be hoping for.

[–] Mr_Blott@lemmy.world 4 points 1 year ago (3 children)

Am I naïve for thinking that manufacturers stopping support for devices, then claiming it affects your safety, is just to sell more phones?

I always buy refurbished, currently running an S9 and I'm not even sure if it's still supported. Recently retired a Nexus 10 from 2012 and had zero security issues in a dozen years

[–] andreluis034@lm.put.tf 12 points 1 year ago* (last edited 1 year ago) (1 children)

Am I naïve for thinking that manufacturers stopping support for devices, then claiming it affects your safety, is just to sell more phones?

Yes you are.

Vulnerabilities are constantly being found in the software stack used by Android, if you are running vulnerable software you're increasing the likelihood of some malicious app (or website, file, etc...) taking advantage of the vulnerability. The consequences of vulnerability vary from being able to fingerprint your device when it's not supposed, to escalateling privileges to root or even kernel mode. Although the later are significantly rarer.

and had zero security issues in a dozen years

That you know of... If the vulnerability is successfully exploited, the likelihood of you noticing are close to zero.

You could always flash a custom ROM to install the latest security patches, but you would still be missing the security updates for all the closed source components (such as the bootloader, device drivers, etc...). Not to mention all the security implications (good or bad) that comes with installing custom ROMs.

[–] Mr_Blott@lemmy.world 5 points 1 year ago (2 children)

The consequences of vulnerability vary from being able to fingerprint your device when it's not supposed, to escalateling privileges to root or even kernel mode

I'll not pretend I understand the consequences 😂

What does that mean for the average user?

[–] seang96@spgrn.com 3 points 1 year ago (1 children)

From tracking your to full access of your phone and capable of doing anything without you knowing it or lifting a finger.

[–] Mr_Blott@lemmy.world 1 points 1 year ago (3 children)

Tracking me happens all the time. Also I'm old but tech savvy so I'd know if someone had any access to my phone.

I'm still not sure what I should worry about?

[–] andreluis034@lm.put.tf 4 points 1 year ago

I’d know if someone had any access to my phone

This is really a bold claim. How or why makes you so sure of that?

If the attacker/app manages to get some application running in the background as root, how would you know that they had access to your phone?

[–] cozza55@lemmy.world 3 points 1 year ago

To expand on the points mentioned above as well, although you may not be concerned by someone tracking your phone, something like root access is a concern. When the other commenter mentioned someone having access to your phone, it doesn't mean unlocking the screen and moving it around, it means they have the ability to run commands at the highest privilege level at which point, an attacker can do basically anything.

Find ways to export biometrics? Idk, probably, set it up to forward all requests to a man in the middle server? Almost certainly.

To say "if I can't see it, it can't be compromised" is definitely a naïve stance in my opinion. Whether this is being done intentionally by companies to sell more phones? Well.. I don't think many people would argue the contrary

[–] seang96@spgrn.com 1 points 1 year ago

A good example though for iphones is an sma that triggers an exploit that escalates access and allows the entity to install their software that monitors and controls your phone is possible. It even deletes the test. So the end user does not know. It's used and purchased by governments. I'm sure there are 0 days on Android that would do similarly.

[–] Someology@lemmy.world 2 points 1 year ago* (last edited 1 year ago)

They could steal all of your logins. This includes things like bank accounts. Your phone could be used as part of a botnet to commit criminal acts. They could shorten your battery life and use up your data plan by mining crypto in the background. You know, just like any other compromised computer.

[–] EddieTee77@lemmy.world 1 points 1 year ago

I personally think they do it to sell more phones. They could support their phones for much longer as evidenced by Lineage

[–] HidingCat@kbin.social 1 points 1 year ago

I don't know about selling more phones, but it's definitely a profit angle. I'm not sure if using a phone without security updates for that long is a good idea. It's one of those it works until it doesn't, and you'll be regretting it very much when it doesn't.