Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I feel this is misleading as most iPhone users are totally aware that iPhone Models not running iOS 17 are not being actively updated.

The list is widely published: https://support.apple.com/guide/iphone/models-compatible-wit...

Any model more than 5 years old (Xr and Xs) are essentially not being updated and not secure. So an iPhone 1, 3, 5, 6, 7, 8 and X are all not secure and most people who use the iPhone are totally aware of this.

It's like writing an article that Windows 7 is insecure and Microsoft isn't patching it. This is essentially their policy in most cases.




This is about the browser, not the OS. The unique thing about apple is that they tie the browser to the OS. So you won't even get application updates, which is quite surprising for anyone that has ever touched a computer.

That is some Windows 98 nonsense right there.


I understand your point, but I just think the headline.... "No new iPhone? No secure iOS" is misleading, because iPhone xR and xS, iPhone 11, iPhone 12, iPhone 13 and iPhone 14 models are all not new iPhones, but they receive secure iOS updates. The headline suggests only brand new iPhones are secure, but when you click they are talking about deprecated devices more than 5 years old that most users know do not receive updates just like Microsoft/Android or any other vendor, Apple explicitly stated they won't update these devices and most users are aware of this fact.


IIRC the browser is a part of the system because the engine is used everywhere in the system. For a long time in iOS it was WebKit that rendered attributed strings for instance.


FYI that is exactly what Microsoft proclaimed back in the day.

Doesn't sound better today does it?

At least on Windows they didn't prevent you from installing a different browser.


Windows and Android both come with a "built-in" browser:

Windows still ships Internet Explorer for rendering some old components, although I think they are moving to Edge (chromium) based web view. I can't find a better source right now, but something to start with: https://www.reddit.com/r/Windows11/comments/11n79xc/why_does...

Android has a chromium based WebView that ships with the system and is updated via Play Store: https://www.techtarget.com/searchsecurity/definition/Android...


... yes, but they are decoupled from the actual browser. Which makes all the difference.

My 10 year old android phone still runs the latest versions of both Chrome and Firefox.

Androids WebView being on the play store even allows that part of the system to be updated independently of the OS.


I have been a developer and nerd since 25 years, and I always expected that Apple also patches some previous versions. E.g. around a week ago they released both iOS 17.2.1 and iOS 16.7.4: https://support.apple.com/en-us/HT201222

So why should I assume that latest iOS 16 isn't completely patched? I think it's a shame to say at least that Apple has no public policy of how which OS versions are supported and which are not, it's just guesswork. Whereas I definitely know how long Microsoft supports Windows versions, e.g. Windows 10 until October 14th, 2025: https://learn.microsoft.com/en-us/lifecycle/products/windows...


It's not completely patched. Stop assuming. I've always assumed that Apple or Google or Microsoft consider three factors for deprecated devices or software: 1. Severity of Issue, 2. Expected work required to fix issue, 3. Number of users involved

I think if something is a relatively easy fix and high severity that they will fix it. I don't think they view security updates as a tool to force people to buy new products. The low hanging fruit for large numbers of users gets fixed. The underlying software however, should not be trusted or viewed as secure.

Even though these applications are bundled with the operating system, they are probably separate code bases and if they believe the patch can be accomplished across the versions with minimal work like fixing the same line of code in the old version it probably goes out. If they have to do a major overhall of the old operating system and port the new browser version to the old software, it probably doesn't.


I’m pretty sure most iPhone users are unaware of which version of iOS they run.


Exactly my thought as well


This is addressed in the second paragraph of the article. The iPhone 6S had an OS update in October 2023 (iOS 15.8) which included a security fix for a different issue. The Chromium security issue was fixed in June 2023.


According to the link Xs is supported.


The parent comment says this - anything _older_ than XR or XS is no longer supported


> Any model more than 5 years old (Xr and Xs) are essentially not being updated and not secure. So an iPhone 1, 3, 5, 6, 7, 8 and X are all not secure and most people who use the iPhone are totally aware of this.

That reads very much like X's are not supported. The 2nd sentence even says it explicitly.


That was about the literal iPhone X (the letter X). The iPhone Xr and Xs (roman numeral 10) are still supported.


It’s made more confusing by the fact that the comment omits all the S models from the list of unsupported models (along with the iPhone 4 for some reason).

So at a glance one could assume that the XS is lumped in with the X just like the 6S is lumped in with the 6.


Sorry for my poor drafting. I agree with your comment.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: