The security situation on Android is, full-stop, a tire fire. Be it the existence (at all) of external storage that badly-considered applications happily write sensitive stuff to (and for a journalist, your photos are sensitive) to the general mess that is Android application permissions (even in newer versions) to the slapdash, inconsistent way that updates get pushed to devices. It's all bad, and if you care about security, you should not use Android, no exceptions.

As it happens, I use an Android phone as a daily driver. But I'm not a journalist and I'm not handling data that isn't sensitive to anyone but myself. I'm willing to take that risk (edit: and I'm able to, to a level I'm comfortable with, mitigate those risks, which a non-technical person probably can't evaluate safely, to say nothing of implement). But I'm not a journalist whose sources may depend on me.

I agree it's overly broad statement without justification, but it's not entirely unfounded either. iOS's extreme walled garden does protect you from many things that Android doesn't. As another commenter mentioned, security permissions are a mess, malware is a real thing, and the power and versatility of Android leaves you very vulnerable if you're in a high risk profession who must keep secrets safe.

Very few of the items in here have justifications listed, because that's not productive for the intended audience. They don't want to know "why" any more than most patients want to know "why" their doctor prescribes one antibiotic versus another.

Even if your intended audience doesn't care about the why, you must necessarily provide justification so that another audience, which would want to make sure that you're not selling snake oil, could verify your why. Knowledge sharing only really works when there's a vetting process on some level.

No, that's not how it works. The guide itself doesn't need to be bulletproofed against zany accusations that the authors are selling snake oil; there are other ways to accomplish that without crudding the recommendations themselves up with verbiage to placate angry nerds.

I didn't say anything about bulletproofed, just explained. Right now, there's no explanation, and I'm asking for some justification, how are you getting "bulletproofing" from that?

I didn't say the authors are selling snake oil. But if a person doesn't know much about a subject, they may not be able to tell, and they should be suspicious. They might want to see a review or criticism of it. They might want to verify that it's well intentioned, especially on a sensitive subject such as this. There's nothing zany about that, it's common sense.

If I find some information source that presents itself as an arbiter of truth, but has no justification for its points, I cannot in good faith recommend it to anyone.

The only angry one here seems to be you, with many unnecessarily rude responses that do not at all inspire confidence.

Again: the audience for these instructions isn't asking for explanations or justifications. If you have a concern with any of these instructions, write a comment detailing it, and someone will respond.

> you must necessarily provide justification so that another audience, which would want to make sure that you're not selling snake oil, could verify your why

Much of the audience that has the expertise to effectively verify the wisdom of the advice in such a document will have already encountered the views it contains and will be familiar with the reasoning behind those views already. None of the guidance in the article is likely to be something they're hearing for the first time. Even if they disagree with something in the article in whole or in part, they already know why the people who compiled the article likely believe it.

It is good for there to be more detailed explanations for interested non-experts, and there have been a number of more detailed explanations of many of these items elsewhere on the internet. But for most people it's more important to know that, for example, a recent iPhone is their best choice for a secure phone than it is to know the details of why experts on the topic have come to that conclusion, just like it's more important for most people to take a flu vaccine each year than it is for them to understand the process by which that vaccines was formulated.

I agree with you completely, I chose the wording I did to not further anger the Android faithful.