[lclarkmichalek]

I think he's more saying that Nexus 5 is not secure going forwards because the firmware for the hardware is not getting updates. I can't see any reference to specific vulnerabilities, but when a platform is complex they're bound to exist. When you combine that with not getting updates, you have an insecure platform.

[ghusbands]

The firmware for the Nexus 5 wifi chip has well-known remotely-exploitable code-execution vulnerabilities [1] that were never patched. Nearly all modern devices have a full software stack inside the wifi (and other radio) chips and they all have plenty of security flaws and they're all proprietary and unaffected by the OS.

So it's not just about it not being secure going forwards. It and most other similar age handsets are insecure because a fix has never been released for the older chips.

[1] https://googleprojectzero.blogspot.com/2017/04/over-air-expl...