Updated Android contract reportedly requires phone makers to roll out regular security...

P

Polycount

Posts: 3,017   +590
Staff
In brief: Google has struggled with Android update fragmentatio5n for years, and it's finally addressing the security side of the issue now. According to reports, a new Android contract requires phone makers who use the OS to roll out regular security updates for at least the first two years of a popular phone's lifespan.

Android is a pretty popular mobile operating system, but Google always struggles to get the latest versions of the OS to its partner's devices in a timely manner. Samsung, for example, often takes months to release the newest Android updates to its users.

Android's smaller security updates are in a similar boat, but according to The Verge, that may change soon. The outlet obtained a contract that reportedly requires Google's Android device partners to provide "at least four" security updates within one year of a popular phone's launch. That criteria covers any device launched after January 31, 2018 with more than 100,000 customers.

In other words, most modern Android smartphones launched this year will be subject to Google's new security update rules. This is excellent news for consumers, as it should better protect them against the newest flaws, bugs, and exploits, but it will likely be quite a headache for device makers who are generally quite slow about pushing security updates out.

At any rate, for now, these requirements apparently only apply to 75 percent of a company's "security mandatory models." However, beginning on January 31 next year, The Verge says all security mandatory phones will have to follow these rules.

Google's new requirements don't stop there, though. If the company identifies a mobile security flaw, the new Android licensing agreement requires device makers to patch it within 90 days.

So, what happens if a company fails to follow Google's rules? In short, nothing good. The Verge claims Google can withhold Android approval for said company's new phones, which would be a pretty major problem for some of the bigger phone manufacturers out there.

It's worth noting that these rules don't apply in perpetuity; security updates are only mandatory for two years. That's still a fairly long time, but it lets manufacturers off the hook for particularly old devices.

Only time will tell if Google's latest anti-fragmentation steps will work, but it definitely seems like the tech giant is taking the issue more seriously than it has in the past.

Permalink to story.

https://www.techspot.com/news/77108-updated-android-contract-reportedly-requires-phone-makers-roll.html

 
Meh! Better than nothing I guess, but IMHO they should have requested for 2 years AFTER the official end of sales date for any given device. My last Samsung got during it's entire lifetime in my possession (bought new device when it was still in production) for like 3 years, exactly ZERO software updates/patches. Never bought a Samsung again.
 
  • Like
Reactions: IAMTHESTIG
deemon said:
Meh! Better than nothing I guess, but IMHO they should have requested for 2 years AFTER the official end of sales date for any given device. My last Samsung got during it's entire lifetime in my possession (bought new device when it was still in production) for like 3 years, exactly ZERO software updates/patches. Never bought a Samsung again.
Click to expand...
I don't think my S7 Edge ever even got Oreo. :(
 
The last two posts are prime examples of why I left Android for iOS. I remember the few updates I got for my flagship Samsung S phones, and then tried another manufacturer to see the same lack of updates. I tried some third party images to get updated Android, but they didn't get updates either and weren't always reliable. I love the idea of open source software but Android is just too open.

The interesting thing about iOS is you can get pretty much all your favorite Google apps for it and use them as your default. My iPhone is setup with my contacts syncing to my Google account, I'm using Google Calendar as default because I prefer it over the iOS calendar app, and I'm using Google keyboard, Chrome, and Maps... all of which are better than the iOS apps in my opinion. So with that in mind there was really no reason for me to stay on Android.
 
IAMTHESTIG said:
I love the idea of open source software but Android is just too open.
Click to expand...
As do I, I love open source but unfortunately um... how do I put this? Everyone thinks that open source is some kind of magical thing that will fix everything, make everyone play nice with one another. Sadly, that's not the case especially in the corporate world where proprietary stuff and patents exist as well as the ever present need to make money.

Android would be great if it wasn't for the OEMs completely mucking things up in the process, things like adding their own crap on top of Android further complicating the process of updating stuff. Then you have the proprietary stuff like the Broadcom and Qualcomm stuff that further complicates things.

IAMTHESTIG said:
I tried some third party images to get updated Android, but they didn't get updates either and weren't always reliable.
Click to expand...
You can thank the likes of Broadcom and Qualcomm for that, a lot of their proprietary kernel modules don't like to play nice with new stuff unless you have intimate knowledge of how that proprietary stuff works but because it's closed source well... you can't do that.

And then you have the Google stuff that makes things even more interesting. By the time Android gets onto your device from the OEM it's clear and far away from being the clean idealistic and open source version of Android, so much so that you might as well say that it's locked down just as badly as iOS is.
 
I have a Samsung Galaxy 8+ and it still has android 7 on it and no updates available. I think this is a really good idea from Google.
 
And the same reason many say they moved to iOS is why my only valid catalogue is the Android One's. No future smartphone of mine will be outside of this program, no matter the specs. iOS is not an financial option for me: 3-4 full months of salary vs. 1/4-1/2 a month salary for the options I look at from the Android One catalogue; and they're pretty good price-performance wise by the way.
 
  • Like
Reactions: misor
trparky said:
IAMTHESTIG said:
I love the idea of open source software but Android is just too open.
Click to expand...
As do I, I love open source but unfortunately um... how do I put this? Everyone thinks that open source is some kind of magical thing that will fix everything, make everyone play nice with one another. Sadly, that's not the case especially in the corporate world where proprietary stuff and patents exist as well as the ever present need to make money.

Android would be great if it wasn't for the OEMs completely mucking things up in the process, things like adding their own crap on top of Android further complicating the process of updating stuff. Then you have the proprietary stuff like the Broadcom and Qualcomm stuff that further complicates things.

IAMTHESTIG said:
I tried some third party images to get updated Android, but they didn't get updates either and weren't always reliable.
Click to expand...
You can thank the likes of Broadcom and Qualcomm for that, a lot of their proprietary kernel modules don't like to play nice with new stuff unless you have intimate knowledge of how that proprietary stuff works but because it's closed source well... you can't do that.

And then you have the Google stuff that makes things even more interesting. By the time Android gets onto your device from the OEM it's clear and far away from being the clean idealistic and open source version of Android, so much so that you might as well say that it's locked down just as badly as iOS is.
Click to expand...

I wouldn't say that is entirely true.
Parts of Android have been influenced by those adjustments others have made to their own versions.
No doubt that with freedom does come a lot of horrible implementations, but sometimes something good can come out of it.

Though if they do want the benefit that comes from the Google Ecosystem, they absolutely should be on the hook for providing as secure an experience as they can do.
I would hope that discourages the more awkward UI overhauls with get in the way of security updates though, and encourages more modularity of such dramatic changes.
 
Polycount said:
deemon said:
Meh! Better than nothing I guess, but IMHO they should have requested for 2 years AFTER the official end of sales date for any given device. My last Samsung got during it's entire lifetime in my possession (bought new device when it was still in production) for like 3 years, exactly ZERO software updates/patches. Never bought a Samsung again.
Click to expand...
I don't think my S7 Edge ever even got Oreo. :(
Click to expand...
my own experience: 2017 Samsung Galaxy A5, bought with 'Nougat' received one update for that, then was updated to 'Oreo' and when I check the phone it says "Android Security Patch Level, Sept 1, 2018"
 
You must log in or register to reply here.

Similar threads

midian182
Google CEO Sundar Pichai confirms more job cuts for 2024 as company invests in "big priorities"
Replies
11
Views
364
Stan1ey
S
Cal Jeffrey
You can now use your Android device as a webcam in Windows 11
Replies
3
Views
213
Cal Jeffrey
Cal Jeffrey
D
Microsoft reveals how much Windows 10 Extended Security Updates will cost
Replies
16
Views
238
Gezzer
G

Latest posts

Back