mjcp
Well-Known Member
£900 odd and functionality seems to "need" the Core 2 to get the bells fully rung.
Tablet recommendation
- Thread starter Molteni
- Start date
lustyd
Well-Known Member
As said above though, if the Android has already been made obsolete before purchase, is it actually good value or just cheap? Usable life and resale value are considerably better with Apple so value would seem better there despite the higher buy in price.
ylop
Well-Known Member
They don’t run Navionics but have their own software which is quite impressive (you can access a free version on iOS/Android with much of the functionality). But I don’t think there’s any scope to make emergency phone calls, use for email, YouTube etc as the OP requested…
They are geared towards connecting to their box linked to an NMEA2K network - which adds cost. Without those AIS etc is limited.
ylop
Well-Known Member
I wonder what the stats are on sailors buying tablets of any flavour and reselling them? My guess is either they live “forever” because they only have one function no and keep doing it or they die because they get dropped / wet.
I’m an apple user, phone, laptop etc. there’s two iPads in the house but a ruggedised tablet was a fraction of the cost for better spec than an iPad.
lustyd
Well-Known Member
You can keep it forever, but without updates it’s unwise to connect it to the Internet. Kinda sucks the value right out if you can never connect it to get updates, weather etc.
If it gets taken by malware or hackers, it’s then a gateway onto your network allowing all sorts of trouble for your other devices. That’s assuming the old version even runs the app, often the store will refuse if you don’t meet minimum version. As I said above, I have direct experience of a new and current device that I bought running out of date Android with no updates possible.
If it gets taken by malware or hackers, it’s then a gateway onto your network allowing all sorts of trouble for your other devices. That’s assuming the old version even runs the app, often the store will refuse if you don’t meet minimum version. As I said above, I have direct experience of a new and current device that I bought running out of date Android with no updates possible.
PaulRainbow
Well-Known Member
With 10.4" Android tablets for £60 who cares if they don't get updated.
lustyd
Well-Known Member
Anyone that understands cybersecurity or wants to connect it to the Internet.
ylop
Well-Known Member
Android 13 onwards (latest is 16) is currently supported by Google. You are right to flag that some manufacturers are very poor at enabling OS updates whereas Apple are generally keen to automatically upgrade everyone.
There are about a billion devices in regular use which are no longer in googles supported OS versions, they mostly don’t seem to be an actual security vulnerability which is regularly exploited. If I was going to dodgy sites on them maybe I’d worry, or if I was a government official, I might even be careful putting my banking app on one - but sticking Navionics and Windy on there? Not sure there’s too much risk. Not long ago you were arguing we should trust yachtsmen to make up their own mind based on what’s been proven to work in practice rather than worrying about theoretical risks.
Garmin support Navionics on Android v10+ of course they are free to increase / change that anytime they want. Last time I checked Playstore was still working with Android 5.1+
I personally wouldn’t buy an Android device with a version on Android which is out of support - but they are widely available from reputable brands.
There are about a billion devices in regular use which are no longer in googles supported OS versions, they mostly don’t seem to be an actual security vulnerability which is regularly exploited. If I was going to dodgy sites on them maybe I’d worry, or if I was a government official, I might even be careful putting my banking app on one - but sticking Navionics and Windy on there? Not sure there’s too much risk. Not long ago you were arguing we should trust yachtsmen to make up their own mind based on what’s been proven to work in practice rather than worrying about theoretical risks.
Garmin support Navionics on Android v10+ of course they are free to increase / change that anytime they want. Last time I checked Playstore was still working with Android 5.1+
I personally wouldn’t buy an Android device with a version on Android which is out of support - but they are widely available from reputable brands.
toothless
Well-Known Member
yes. I do it on mine via waydroid. navionics works fine - as do most other tablet apps. Orca app doesnt though, for some reason that just will not play ball.
lustyd
Well-Known Member
They are absolutely a security risk. It’s not just using the device, it’s being on the same wifi as that device. If you use banking apps on your phone on the same wifi then that’s a risk. It also allows you to be a VPN endpoint for others doing bad things. Could you defend against a prosecution for illegal content that went through your tablet and adequately show it wasn’t you?
You don’t have to visit dodgy sites, the malware and hackers come to you.
As with anything on a boat your risk is your own, but as an expert in this field I can explain the risks so will contribute that knowledge.
ylop
Well-Known Member
Doesn't need to be on the same Wifi as any other device if that's what worries you.
Very unlikely - banking apps are usable on public Wifi connections which have no idea what other devices are connected. You may or may not have a VPN, but even without doing that actual risk seems to be tiny - in that virtually no fraud happens that way!
I'm quite confident nobody is going to be using my tablet as a VPN endpoint even if I invite them in - perhaps the speed of Starlink makes you a more attractive target ;-). I'm even more confident that if the only time my tablet is on the internet is to update Navionics maps and the weather that the risk you perceive is very low. There's literally millions of these devices being used in cafe's, pubs, aircraft, workplaces, marinas all around the country (and the rest of the world). The banks will even let you install their apps on them, google don't stop you using the play store or installing their apps, nor the government apps.
Which known vulnerabilities would allow say, an Android 10 running Navionics and Windy to access, say an up-to-date security patched iPhone either running on the same network OR acting as a hotspot for the Android device.
lustyd
Well-Known Member
You can Google the exploits quite easily, and there are a great number of remote code exploits for Android 10 which are not and never will be patched.
mjcp
Well-Known Member
Take your pick: Known vulnerabilities, Android 10.
And screen grab for those that don't click links in public posts!
Davy_S
Well-Known Member
My Doogee uses a C connector, but i simply either use a usb stick with a C connector on one end or i have a short connector with C on one end and a normal usb socket on the other end. i can simply plug a normal usb stick into it, it works ok.
ylop
Well-Known Member
But which of those allows an "insecure" Android device to access a "secure" device on the same network as claimed? I don't think any of them do. Few of them probably present any realistic risk of the android device itself being hijacked if all you use it for is Navionics and Windy, but that wasn't the claim - the claim was this would enable hackers to access the banking app on my iPhone on the same network - and I'm calling that out as unfounded.
mjcp
Well-Known Member
Stealing your bank data isn't the only reason to compromise your device. e.g. Denial of Service as a Service is a thing - Attacker uses your "weak" device as a robot to send traffic toward the victim. Millions of landfill android devices such as your unsupported Android device "harmlessly" spewing noise onto the internet. But its a very real issue and has significant costs for the victims and ultimately the legitimate customers, which could be you or your loved one.
Anyway, back to your "Secure" device on the same network - there's a Code execution weakness with known exploits (i.e. someone has done it in the wild) with iOS 26.2 and 200+ for 26.0 and younger - i.e. very recent. So, access via the weak device, move laterally to the "secure" device. Sure, your "secure" device is secure to the outside world, but lateral movement inside the local network is a factor easier and looking for lateral movement is part of the toolkit these days. (see the links to Metasploit - the attacker have toolkits to automate the attacks!)
Why bother with the risk? Patch and stay current.
M
PaulRainbow
Well-Known Member
You can be a complete arrogant......... hmm can't think of something to put here that won't get me a few days shore leave.
I have ample security, thanks.
Everything is still updating just fine on my low cost tablets after best part of two years. At £60 i could throw them over the side every two years and never spend as much as an expensive iPad. No need to spend silly money on tablets just for the boat, i have a high spec Windows PC for that.
lustyd
Well-Known Member
Expert is the word. And if you want to talk arrogant let’s discuss Tranona’s wiring again and see how you behave…again. Right now what you’re saying is much worse than “that doesn’t need clips”. Have some respect for expertise or STFU when others disagree with you.
Yes, some cheap tablets do get updates. Some do not. It’s on the buyer to learn, understand and determine what they’re buying. With Apple that’s not necessary because they all get the same. With Android it depends on the processor within the device which is what includes the licence for specific versions. This was said many times above and you could have chosen to read and understand it rather than being an arse…again.
lustyd
Well-Known Member
Well it’s complex. Part of the issue is the “remote” part of remote execution. Once your device is compromised, the attacker is local, not remote. They’re on your trusted network so the barrier is far lower to compromising other devices. Now they don’t need a critical security flaw they need an average bug that can be exploited more easily.
When I say they’re on your network, they can literally be using the tablet as a computer to attack your network. In many instances now, that could include spoofing NMEA via your plotter. This stuff is easy to do, kids can do it with a little Googling and they often do it for a laugh, let alone people genuinely attacking for criminal purposes.
