Compared to fishing through 400gb of source code, it sounds still easier to find security flaws by reversing apps on actual devices. There are surely some subtle backdoors but it's finding a needle in a haystack.
Is it just me or does anyone else think that all modules or drivers dealing with security or running privileged should be open-source? It would give higher confidence than this proprietary mess where every month or few months updates are pushed with the vague "stability improvements". There are some open source phones out there but none particularly mainstream. Right now it seems most phones can be trivially hacked with the right tools. Rest assured next month the old backdoors will be patched and replaced with a new different ones.
|