I’ve just read the latest attack vector on IPhones. If you set the date back to January 1, 1970 and restart your phone then congratulations; you just bricked your precious phone. From a programmer’s point of view, it is likely an interesting bug; from a user’s perspective it’s an evidence that this system is a crap.
Alas, the other side isn’t better. Most of the Android firms doesn’t care about keeping the software up-to-date on already sold phones, making them vulnerable to all sorts of nasty bugs. Just a few months ago the Stagefright bug surfaced, and I bet most of the active devices are still vulnerable.
The burgeon of smartphones started a new era of software security. These devices are full featured computers that are always on and have advanced sensors to pick up the surrounding world, such as cameras and microphones. These make them highly valued targets to black hat hackers. Getting full remote control of such devices not only hurt privacy; they can also be used to steal accounts and do other harm.
Despite these, the manufacturers do not take software updates seriously. Most of the phones are never updated from the factory firmware, albeit the known vulnerabilities. IPhones have a definitive advantage here. Having a single company that designs, develops, and sells them, they receive timely updates.
Android has only a handful of competitors. The most prominent I know of is CyanogenMod. I’ve heard good things about it, but unfortunately it does not support the MTK processor that most cheap chinese manufacturers are putting into their phones. It’s not the developers’ fault. The processor is closed source and the maker does not allow others to write drivers for it. This decision makes these budget phones quite vulnerable; and their accessibility only exacerbates it.
Seems like smartphones need more time to became at least acceptably secure.