Google, Apple, Microsoft and Adobe got raked over the coals this past week because their latest products were all hacked at Pwnfest 2016 in Seoul. Windows 10, Android 7.1 and MacOS Sierra all fell in just a matter of moments from browser-based exploits, giving members of China's Qihoo 360 team full access to all admin functions and a healthy bounty for being the folks who got in. And Flash, well it was just being Flash and got hacked faster than it can load itself on a web page.
Well of course they were. They almost always are. And they will almost always continue to be.
I was chatting with a friend about this. She is not a nerd and was surprised that this was able to happen. She was more surprised when she found out that these products get hacked every year. After all, these companies stand on a stage somewhere and tell you how much money and time they spend for this product to be the most secure version ever, so thinking that they are invulnerable makes sense. But no software is invulnerable because that's just not possible.
How fast it gets fixed — and not how fast it gets hacked — is what really matters.
Your phone running Android 7.1 (or your computer running Windows 10 or MacOS Sierra) is likely the most secure version of the operating system ever built. But it's only secure against things that the folks building it knew about, and against itself. People are already working on finding a bug or exploit in something else and seeing how they can use it to crash everything and burn it to the ground. Some of those people do it for the right reasons — a quarter million in cash for finding it and telling the companies involved is the best and most right reason of all time. Others are doing it in the hopes that they can get your credit card number. Both types of people will be successful, and everything you use will be hacked because it's riddled with bugs and holes.
Even my BlackBerry Priv, which some people think of as unhackable, is probably already hacked by someone, somewhere, who knows that "wasting" an exploit against a phone that hardly anyone uses is not the way to get a bunch of card numbers. Better to sit on it and hope you can find a better target because once found out it will be fixed. The first thing you do when you find a Linux exploit is to see how you can use it against a Windows computer, because the goal is to get it on as many machines as you can.
Your phone runs software that will be hacked. The people who write it have prepared for it.
Look at the phone in your hands. It has software on it that will be hacked. Know this. But also know that there are probably other factors in place that mitigate any potential harm and the company who wrote that software has a method where they can fix it and try to get it to you as fast as possible. That is the thing to take away from all this hacking news. What matters is how fast the bugs are fixed, because bugs are in every piece of software ever written. This is how software gets better each time it's updated.
It's always been this way and the only thing that has changed is how much attention it receives.
Reminder: Most people don't know or care what processor is in their phone
Every time there's a debate over which processor a phone has, I have to remind the smartphone enthusiasts that the average phone buyer has no idea what processor is in their phone — and that more of us should follow the same thought process.
Google accidentally leaked the Android 11 beta to some Pixel owners
Instead of getting the June 2020 security patch, some Pixel owners were treated to a leaked build of the Android 11 beta. Here's what it looks like.
Shadow of Death 2 is what a mobile 2D hack-and-slash should be
For this week, we're taking a look at the Early Access sequel to the popular Shadow of Death. This 2D hack-and-slash is tons of fun, easy to pick up and play, and just generally a great time killer.
Pixel Ripped 1995 brings classic pixel gaming to the Oculus Quest library
The Oculus Quest allows you to play VR games without requiring a PC, phone, or external sensors. Here's every game you can buy or download for free!su