>Buying an iPhone and keeping it for 6 years is a great strategy and when amortising the cost of the phone over those 6 years, it's price competitive with Android.
What's stopping you from keeping your Android 6 years making it an event better value? Most people I know don't throw away their Androids after 3 years but keep them as long as iPhones. Basically until it breaks/dies. So far I don't know anyone who got hacked and suffered damages for using an Android that stopped getting updates.
Shorter patch cycles - at least historically, I haven't kept pace with the Android ecosystem. That said, with Android you can use a different OS and keep the device secured
Sure, but like I said, people don't throw away their phones once they get stop getting SW patches the same way they don't throw away their ancient Macbooks with glowing Apple logos just because Apple stopped pushing OS updates years ago, because most non-HN people have no idea what patches are and they keep their phone and laptop as long as it still works and the battery lasts.
Obsession with zero day patches and security hypochondria is mostly a HN/tech-workers thing as if they're under attack by state actors using Pegasus. The average joe doesn't care not is he very likely to be impacted, unless using Android Jellybean or something, since most malware in the wild out to get them is script kiddie level not state-actor level.
And anyway, someone correct me if I'm wrong, but from my knowledge and experience with Android security, most Android critical vulns that can impact the day to day security of the Average Joe are covered by updating Google Play services and Chrome or whatever browser you use as those are the main attack surfaces for (non state sponsored) malware based on what people do with their phones, and those services keep getting updates from Google long after the manufacturers stopped pushing OS updates.
Please don't twist my words. I never said anything about recommending such a lifestyle to people. All I said was, using older devices without SW support, is the reality for a lot of people if you care to leave the tech bubble and see what devices people actually use, especially the not well off ones. Yes, a lot of people keep using their older device and they haven't got hacked. How do you get them to stop using their older devices, if they're happy with them and see no obvious threat and don't want to buy a new one?
Here's a though exercise: Most people use their device for browsing the web and messaging people, right? So as long as you keep your Play Services, browser and messenger apps up to date, how will malware get to the outdated layers of your OS to PWN you? Especially that modern web browsers and Andorid use sandboxing for apps and web tabs. I'm talking about realistic documented scenarios from the wild that have happened and are likely to repeat again, not state actors or scenarios from research labs where they hack you through the firmware vulns of the baseband modem.
Like I said, I'm not recommending you still use unpatched devices, but the realistic risk from using an Andorid device that stopped getting updates a year or so is relatively minimal in practice, otherwise there would be mass hacks and credential thefts left and right on a daily basis considering how many unpatched Android phones are out there.
Not when you can load an OS like Calyx [0], GrapheneOS [1] or LineageOS [2]. In this context the iPhone ends up the true "hope for the best" option. The original Pixel / Pixel XL (2016.10.04) can still run the latest LineageOS with current patches [3].
I was responding to the parent who recommended using unpatched, out of support Android.
People who’re comfortable (or can be bothered) installing alternative OSes on their phones have an entirely different view on device obsolescence. Statistically they’re also a rounding error in the total mobile-using population.
> Statistically they’re also a rounding error in the total mobile-using population.
Understood, but that has no bearing on the point being argued. You have no control over Apple IOS hardware after Apple stops supporting it. The fact that there is that "rounding error" is good for everyone as it is a force against closing that ecosystem which currently exists. It matters.
Well android patching after 3 years is pretty new thing compared to Apple policy. Apple was and is keeping security updates for very long time with major updates on top of that for iOS.
Not knowing someone does not mean they will not be hacked or already has not been by downloading some app from the store.
What's stopping you from keeping your Android 6 years making it an event better value? Most people I know don't throw away their Androids after 3 years but keep them as long as iPhones. Basically until it breaks/dies. So far I don't know anyone who got hacked and suffered damages for using an Android that stopped getting updates.