Author Topic: Risks of using an unsupported phone. Educate me about this.  (Read 324 times)

fruitcake

  • some kind of fruitcake
    • Bailey
Risks of using an unsupported phone. Educate me about this.
« on: August 03, 2019, 06:40:53 pm »
I'm trying to get some clear info on the types of risks associated with using an old smartphone whose OS is no longer supported. The phone would be used for calls, SMS and for reading emails received at a paid-for email account (to be accessed via the phone's email client with IMAP). Those emails would be received via 3G and via wi-fi at a workplace. (EDIT to add: Email hygiene rules would apply on this device, i.e. ignoring attachments, ignoring links, ignoring unknown senders.) No other functionality of the device would be used. No web browsing.

I've heard various opinions. Some say 'it's OK as long as you don't use the web browser', others say 'it's unsafe to use an out of date phone'. I've found it difficult to find info on exactly what the risks are for this use case. The candidate phone is a Samsung Galaxy Ace (running Android), but I would value generic advice since other handsets are potential candidates (and I assume each of these is no longer getting OS updates).

I understand that a smartphone is a computer and that any computer is vulnerable to viruses and spyware after the OS has reached end-of-life. Is this mitigated by not using the web browser? Does the use case outlined above (calls, SMS, email client) mitigate the risks? Or is there more to it that this?
 

Re: Risks of using an unsupported phone. Educate me about this.
« Reply #1 on: August 03, 2019, 09:05:48 pm »
Quote
...any computer is vulnerable to viruses and spyware after the OS has reached end-of-life.

It would be more accurate to say that an os that is out of support won't get any patches for newly discovered vulnerabilities. Any OS is vulnerable to viruses and spyware at any time.

I still sometimes use laptops running Win XP or Ubuntu 12.04 (from 2010 I think) and it doesn't bother me the slightest.

I've got a Samsung Galaxy S (the first one, 2009 I think) but the browsers on it hardly work now. So I also carry a Motorola E3 (2016) as a mini computer but not for calls, the phone is on a factory reset with no OS updates.

No web browsing would lessen the risks but emails can install malware.

fruitcake

  • some kind of fruitcake
    • Bailey
Re: Risks of using an unsupported phone. Educate me about this.
« Reply #2 on: August 04, 2019, 09:12:50 am »
...an os that is out of support won't get any patches for newly discovered vulnerabilities. Any OS is vulnerable to viruses and spyware at any time.
Yep. Good clarification.

...emails can install malware.
Good point. 'Email hygiene rules' would apply in this case. (i.e. not opening messages from unknown senders, not opening attachments, not following links.)