Don’t expose anything from your local network to the internet (unless you want multiple new sysadmins in your house). Try tailscale instead.

I don’t know why the author of the video didn’t mention it but LockDown mode is really useful.

At least for me the default is lockdown mode on and appropriate exceptions for websites I trust.

Perhaps images, video, font etc. rendering could be compromised?

Yes, it already happen in the past. Also the Wi-Fi and Bluetooth stack got exploited, like multiple kernel drivers.

But it shouldn’t be a matter of “in the past was X exploited?” but more on having a correct security posture.

Honestly if you are arguing about wasting a “perfectly working phone” you should blame it on the vendor, especially Android devices vendors have this let’s say “defect” of dropping the support after 4/5 years.

Also not going to talk about custom ROMs (with the super rare exclusion of some) managed by god knows who, without any security team behind.

Since even the NFC and Cellular Network stack got vulnerabilities the only way you would consider an old phone “safe” to use is just turning it into the equivalent of a local ARM server.

Also pretty fun seeing the replies in the original post talking about how Google Play store shouldn’t have malware on it.

I wonder if people when talking about AI just ignore the fact that it’s software and has the same issues and vulnerabilities related to that… recently I see a lot of posts talking about “AI security” and in the end are stuff known since 1995…