[throwaway613834]

But the thing is, even if 100% of your apps are vulnerable, it doesn't mean anything unless the attacker can reach your phone somehow. That can only happen in 5 different ways: (1) Low-level Wi-Fi bug exploit, (2) SMS exploit, (3) Cellular exploit (like a Stingray), (4) Cellular internet connection (open ports, etc.), (5) App-level exploits.

I don't know of any critical examples of #1 that I would need to protect against where upgrading is my only solution (maybe I'll upgrade if I find one). #2 can be mitigated at the app level (see my reply to the other comment here) and probably faster so than the update you'd receive. #3 can't really be mitigated by phone updates. #4 is impractical since cells are behind carrier-grade NATs and don't have dedicated IP addresses to be reachable via the internet. And #5 just involves updating the app, not the OS or hardware.

If you can give me an example of an actual attack that cannot be prevented without upgrading the hardware or the OS, I would find that far more convincing than a hypothetical.

[veeti]

https://googleprojectzero.blogspot.com/2017/04/over-air-expl...

[throwaway613834]

Has this (a) been exploited in the wild, and more importantly, (b) even actually patched in more recent phones?

Otherwise, how is this a justification for upgrading your phone? It seems like you may have forgotten what the argument even was. I was arguing against routine 1-2-year upgrades, not against the entire concept of upgrading for something wiht a serious security vulnerability. If a serious exploit appears in the wild and your only solution is to upgrade -- by all means, go for it. But is that the case here? And this happened periodically every 1-2 years for you to justify upgrading equally often?

[veeti]

A) I don't know. How would you ever know? RCE can be silent.

B) Yes, in Android patch level July 2017 and iOS 10.3.3.