[headmelted]

That's comparing apples to oranges.

One is replacing signed system components, the other is volunteering to share whereabouts with a third party.

The biggest concern with this is that Google has the resources (and pressure) to get something so central to the security model correct. I've no inside information on how Google develops Play Services, but I imagine they have quite stringent policies with regards to testing and peer review.

The actual functionality of Play Services is only one part of the work that goes into delivering it to your phone, and it's a lot of trust to place in anyone to get something like that right (considering the personal, security-sensitive information we keep on our phones now).

My point was that the FAQ was a big red flag for me in thinking that the developers grasp this aspect of what they're proposing here.

[lucideer]

Your comment about the petulant FAQ item was on point: it's possible to develop an alternative fork without taking such a childish attitude toward discourse with the original project.

On the other hand, I think your implicit trust in internal Play Services policies may be a little over-egged. Google definitely has some great security teams (Chrome/Chromium's security team have made some good contribs to the web, Project Zero is also cool, if a little externally-focused) but this is by no means universal. Android's been a bit of a sore spot in this regard generally (particularly in comparison to Apple).

[UncleMeat]

Is this actually still true? If you look at the public patch notes for ios and android, the number of platform bugs is similar.

[lucideer]

I'm more thinking of architectural decisions rather than outright bugs, but yes it is improving - e.g. with projects like Treble.

[ehsankia]

How is comparing the security of Android, which is a far more open and diverse platform, to Apple, a walled garden, fair at all? And let's not forget about how Apple happily gives backdoor access to apps like Uber.

[lucideer]

I'm not sure what "fairness" has to do with it.

Sure, Apple makes their own life easier in terms of security by applying draconian restrictions on the freedoms of their own users. But this and the fact that things are not as easy for Google to do effective security doesn't make it any less true that they aren't doing it.

Again, Apple's Uber backdoor isn't really relevant - I never implied Apple were benign, just that Google's security record is imperfect, and compares poorly.

The openness and diversity of Android's platform isn't a wholesale excuse for not securing users.

[s73ver_]

They're both smartphone platforms. Of course they're going to be compared to one another.

[eptcyka]

You can't use the remote APIs you need to deliver the same local APIs that are required to run modern apps without spoofing the signatures of applications - otherwise google's remote APIs would forbid access. This is where security measures are also inherently DRM-ish, and to deliver the experience typical end users expect using free software (free-er than stock android) it's necessary to circumvent it. One could argue that such circumvention is illegal. I hope no one deems it to be so.

[chasil]

What makes you think that Play Services is well-designed?

Google also designed the media system, and that leads the security patches every month - what would have rehabilitated them?

https://interviews.slashdot.org/story/16/08/26/1338246/the-s...

"Don't start me on Stagefright and Mediaserver, I could rant for 2 or 3 hours non-stop! Seriously, the code over there is crap, and has insane concepts, like aborting the whole mediaserver (and all related media decoding of all other applications running at the same time), when it parses a file with attributes it does not know, instead of skipping the file. We discovered some issues in Stagefright (busy loops, device reboots, mediaserver crashes) quite early, but we never thought about submitting them."