[md_]

True. But Play Services is effectively a part of the OS (from Google's perspective).

As you say, in both cases (iOS and Play Services) it's a commercial closed-source bundle. shrug

I don't personally spend time worrying about that, given that Google and Apple's code is probably better reviewed than some random open source app, but some people like to nerd out about such things.

As you say, the FBI was eventually able to get access to the San Bernardino shooter's phone. But this isn't exclusive to the highest levels of government; it just depends on your budget: http://www.reuters.com/article/us-apple-encryption-fbi-idUSK.... It's not surprising the CIA would have a stockpile of unpatched 0days, found or bought.

I don't believe I'm worth $1m to anyone, so I feel pretty safe using both iOS and a recent, patched Android.

[crowbahr]

Totally agree with you. I like my Nexus 5x a lot. I figure that usually it's the highest levels of government who are actually willing to pay a sum like that though. I doubt the local PD is willing to dedicate 1mil to cracking a phone if you get arrested for possession of a controlled substance or something.

And it's kinda an unspoken goal of mine to, ya know, not end up on a CIA watch list. Now I know some of the concern goes around controlling so the Government doesn't get out of control but I think that we would expect a government's worth of resources able to do something as trivial as cracking a commercial phone.

[md_]

> And it's kinda an unspoken goal of mine to, ya know, not end up on a CIA watch list.

First rule of not being on the watch list is not to admit you don't want to be on the watch list.

What, do you have something to hide? Huh?

[crowbahr]

I invoke my 5th amendment right.