Rumor: Google shames partners into updating Android

It's no secret that non-Nexus Android phones have a reputation for receiving OS updates late, if at all. Failing to address this issue has left a large portion of the Android user base using versions of the OS that are outdated and potentially insecure. According to Bloomberg, Google is adding a new tool to get manufacturers to update—shame. The company is apparently making a list of vendors' update record and using the threat of making it public to convince the companies to release Android patches.

In July of last year, the Stagefright bug shone the spotlight directly on the issue of Android OS fragmentation. The bug allowed remote code execution on the majority of Android devices through an exploit in the libstagefright component baked into the OS. Google quickly patched the affected software, but not all Android device makers were so quick to act. Since then, Google started releasing monthly security updates for the OS, but most OEMs have been slow to deploy them. Bloomberg reports that the cost of testing updates is the biggest reason for the delay and that Google is trying to persuade companies to do reduced testing on the monthly update packs to reduce cost.

Comments closed
    • Pettytheft
    • 3 years ago

    Precisely why I ditched Verizon and buy nothing but Nexus devices now. They were even worse. You had to wait for the manufacturer update then for Verizon to add their crapware on the phone as well.

    • novv
    • 3 years ago

    So it’s time for Blackberry to shine a little. They have only one phone with Android OS, the Priv, but they are patching the OS monthly, even before Google own devices. That means customer care!

    • odizzido
    • 3 years ago

    I wish smartphones were more like desktops. Drivers and OS available online and you’re free to install the latest android/drivers yourself.

      • boing
      • 3 years ago

      Not all of them are, but most Android phones are capable of having CyanogenMod or some other AOSP fork installed on them.

    • kamikaziechameleon
    • 3 years ago

    Its cause of all the stinking boat ware they have to test, lol.

      • tipoo
      • 3 years ago

      Like life jackets, paddles, etc?

    • ronch
    • 3 years ago

    Given the thin margins in the Android gadget business, wouldn’t this move force companies to push prices up or lead to many players dropping out? Or am i missing something here?

    • rechicero
    • 3 years ago

    They seem to take more seriously locking the bootloader than updating the OS… It’s funny because with an unlocked bootloader, we would be able to update the OS without depending on the manufacturer.

    • DragonDaddyBear
    • 3 years ago

    The most commonly exploited vulnerabilities are YEARS old because, well, it works. As the PC becomes less relevant and our mobile devices take the place of more the world’s primary computing device they will certainly increase the target value for hackers. That chapter is just beginning now, folks. Apple is not a great target because their stuff is updated. Android, however, is so fragmented there are still a lot of phones running 2.X and 4.X!

    I currently own a Moto X Gen2 and I hate I don’t get the same updates my wife gets on her Nexus phone. If it were not for the Nexus updates and phone I would sell my soul and go Apple.

    • watzupken
    • 3 years ago

    I am not sure if it is sufficient to force their partners to provide timely updates. Last I recall that some of these vendors have signed up to providing monthly updates, but I barely see any update in like a few months now. I believe I am not the only one experiencing the same thing.

    • Bigbloke
    • 3 years ago

    Why are they being shamed to drop an ‘R’? 🙂

    Hint: read title closely.

    More seriously: why isn’t Android deployed like windows? Changes to the OS should be sent out and managed by Google and the abstraction layers/drivers by the hardware manufacturers. They could even have WQHL or whatever it’s called and have driver level patches sent out by google.

      • morphine
      • 3 years ago

      Hodo! Hodo!

      … thanks for the heads-up about the headline. Fixed.

      • derFunkenstein
      • 3 years ago

      That’s not something even Microsoft has figured out how to do on phones – for the WP10 insider program, you still have to make sure your particular phone has an image available for download, at least initially (not sure if each device got its own image later on). It’s probably very difficult given the locked-down nature of mobile operating systems. Apple releases monolithic, device-specific images, too. they just do it all at once since they control the whole stack.

        • Bigbloke
        • 3 years ago

        Oh it’s certainly easier to do monolithic updates, especially for poor or lazy programmers. And yes I count Apple in that slur, just look at their recent iPad bricking incident.

        A properly designed system should be able to manage it. Even Microsoft can do it (on the desktop, and I bet there are way more PC configurations than phone variants), so it can’t be as hard as landing a rocket on a barge!

        A phone shouldn’t need to be any more locked down than any PC. I want, no I demand that both are secure and work as well as they can. And that means if a bug/vulnerability is found they are required to fix it.

        • sweatshopking
        • 3 years ago

        any lumia phone with more than 4GB of internal space can install windows 10. It was never restricted by carrier, and they’ve only added other manufacturers, such as blu to the program. firmware wasn’t included until very recently in the program.

          • derFunkenstein
          • 3 years ago

          That’s my point, and Bigbloke’s for that matter. If the OS vendor has to “add other manufacturers” on a one-by-one basis, then there’s no “standard” and therefore not at all like desktop Windows when it comes to upgrades.

            • sweatshopking
            • 3 years ago

            Sure. you COULD install it on other devices though, it just wasn’t approved.

      • slowriot
      • 3 years ago

      People seem to forget Android is open source.

        • Bigbloke
        • 3 years ago

        Condescending or what?

        So I can just compile my own update then?

        Things can/could be open source and still secure.

        That doesn’t change the fundamental problem here, and it’s one we are going to see with all these cars with internet functions coming along. It is ridiculous to expect every hardware company to become an operating system company too.

          • slowriot
          • 3 years ago

          [quote<] why isn't Android deployed like windows?[/quote<] Android isn't Windows, on technical and legal basis. The market is filled with varying levels of divergence from some devices with just 3rd party apps, to ones with significant UI and OS changes, to complete forks of Android. So we have a mix of situations. Google could not bug test for all the variability, potential impact of a bad fix could be huge. And in some cases they just couldn't do it at all (i.e. devices using forks, much more common outside NA/EU). [quote<]Changes to the OS should be sent out and managed by Google and the abstraction layers/drivers by the hardware manufacturers. They could even have WQHL or whatever it's called and have driver level patches sent out by google.[/quote<] So you either end up with the Windows problem of having to forever maintain backwards compatibility with the abstraction layers you've made in order not potential break millions of devices; inheriting much of Windows issues (which I've heard has a tremendous security record). Or, you end up in the same situation now where OS fixes are available but manufacturers/carriers haven't done their end. Security on Android is a serious issue. I just haven't seen a suggestion yet I think is workable. And we really haven't touched the business politics of all this. A company like Samsung is just looking for a reason to fork Android and replace Google Play Services.

            • Bigbloke
            • 3 years ago

            Thank you for expanding your first response. We aren’t all elite coders and sometimes we need things explaining.

            I agree that it is probably too late, but there is no reason, technically at least, why Android couldn’t evolve into a “pure” Google developed OS that is used as is on phones/tablets/cars whatever. Sure if you want to significantly modify and “own” a significant fork from this then the open source-ness allows it to happen. But if Samsung or whoever goes down that route they must be forced (as part of the deal) to support updates to the core OS on all devices for a significant time period. Companies shouldn’t be able to walk away from perfectly working products (in all aspects apart from the new vulnerability). Maybe it needs a law change. We would be screaming if our TVs or fridges had to be discarded after 18 months.

            To me, a casual occasional hobbyist programmer, letting an open source OS into the wild is akin to putting all the components of a bomb in a kids playground and saying to the kids feel free to play with it! The model is broken and there seems to be no attempt to fix it.

        • strangerguy
        • 3 years ago

        Yeah if you mean the open source OS that is virtually worthless by itself in a smartphone without all the wonderfully closed sourced Gapps that forms the actual software ecosystem. Ask yourself whether that arrangement can be called altruistic.

        “Open Source” is a copout for Google to deflect responsibility from supporting Android.

          • slowriot
          • 3 years ago

          Android without Google Play Services is totally functional. You would likely be surprised how much of the world is using Android without Play Services perfectly fine. I would gander that much of the reason Google hasn’t tried to use Play Services as a forceful method of controlling manufacturers is because… it wouldn’t be effective and could do even more to fracture the Android ecosystem.

          Open source isn’t a copout. It makes the situation more complicated. Its also why Android has been so successful. Its a double edged sword and all you’ve done is make suggestion akin to falling on said sword.

      • deruberhanyok
      • 3 years ago

      I was just wondering this. People aren’t waiting for HP or Dell do test every Windows Update that comes out before it is deployed – after all of this time, why haven’t cell phones reached this point?

    • Omniman
    • 3 years ago

    Hopefully it gives them all a kick. At least give even a 1 year OS support structure!

    • bittermann
    • 3 years ago

    Good…AT&T is one of the worst offenders.

      • phileasfogg
      • 3 years ago

      I have an HTC OneX+ from circa Jan 2013 and it hasn’t received a single firmware/OS update since I got it. Shame on HTC and their ilk. But, I’ll give Google this – they haven’t rendered any of my apps obsolete (yet). If I’d still been using an iPhone from that era, I”m sure >50% of my apps would have stopped working by now.

    • Chrispy_
    • 3 years ago

    I just don’t understand why hardware vendors feel compelled to lock their customers into their bespoke firmware, inflicting TouchWiz, Sense, EmotionUI or other stupid reinvention of the wheel onto you instead of the Android AOSP firmware.

    I get that there are hardware differences that need apps/drivers for things like different cameras, CPU/GPUs and hardware buttons – but rather than embed all that and tie it into the firmware, why not just sell the phones with a Nexus-like AOSP operating system and add those features unique to your brand as an [b<]optional[/b<] pre-installed app or launcher. Once you've made the sale there's no point locking the customer into your choices. If they don't like your choices, they're forced to buy from a competitor next time. At least if you give them the choice they could stick with you for their next purchase. I know plenty of ex-HTC and Samsung owners who liked the phone but switched because the software experience was, and I quote, "a buggy mess", "crashtastic", "f***ing slow", "designed by retards" to name just a few....

      • Deanjo
      • 3 years ago

      Why? Because they already got all the money that they are going to get when you purchased your Android device. They do not continue making revenue on that device after it has been sold. No revenue, no real incentive to spend funds in continued support. As far as they are concerned, an outdated OS is just another reason for people to perpetually upgrade.

        • w76
        • 3 years ago

        Businesses are more mature than that. Support costs are built in up front and accounted for. Non-recurring revenue has absolutely nothing to do with it. What matters is that consumers vote with their dollars, and they’ve crowned Samsung the best selling Android handset maker for years. Nexus as far as I’m aware is no sales king. Even enthusiast sites tend to gush over LG and other’s latest non-Nexus devices. The message consumers send to manufacturers is plain as day: they don’t care a whole lot, and/or don’t fully understand the issue. Probably a mix of the two. And when consumers don’t reward devices with great OS upgrade support like Nexus, why should they set aside more money for it? Markets are like politics: participants get what they deserve, and get it good and hard.

        That said, your other post is right, Google could force an improvement … maybe. The EU is already upset over how much control Google exerts.

        • sweatshopking
        • 3 years ago

        you’re absolutely right here. why bother if nobody else is?

        • Chrispy_
        • 3 years ago

        [quote<]If they don't like your choices, they're forced to buy from a competitor next time[/quote<] Because repeat business is good. Upsetting people with slow updates and an OS that is locked in a way they don't necessarily likes drives people to switch to competitor products, which is bad.

          • sweatshopking
          • 3 years ago

          If what you were saying was true, we wouldn’t have the situation we do.

            • Chrispy_
            • 3 years ago

            We have the situation we do because most people choosing a phone are idiots and choose it because it comes in blue or pink rather than black.

            They hate their phone but they don’t know why they hate it and they don’t know that other phones are better because all their other colour-choice driven friends also have stupid phones, or Apples.

            IMO the user experience is Nexus > Apple > everything else android > Phones without an app ecosystem. Most people just want Google search/maps/mail services and a phone that works.

            • blastdoor
            • 3 years ago

            In some ways it’s hard to disagree that people are idiots, but I think it’s also the case that there are plenty of smart people who just have a lot going on in their lives, and becoming technology experts is not how they want to (or even can) spend their time. Similarly, there are plenty of smart people who are not particularly well informed about cars, dishwashers, headphones, laptops, medical doctors, or political candidates, yet they often must make choices regarding all of these things.

            For people who are constrained by time and information (that would be everyone), something has to give. Nobody can be an expert about every product or service they buy. We all must rely on things like brand reputation or the opinion of trusted friends / reviewers. So, people buy a product because it’s from a trusted brand like Apple or BMW, they vote for a candidate because they have a D or R next to their name, and they go to the dentist who the guy down the hall with the good smile recommends. This isn’t stupid.

    • Ninjitsu
    • 3 years ago

    This is good.

      • Deanjo
      • 3 years ago

      Token move by Google at best. If Google really wanted to change things, they would continued timely updates for a minimum of three years a requirement for Android Alliance partners.

        • sweatshopking
        • 3 years ago

        Yeah, this will accomplish nothing, just like the last 10 things they did.

        • Ninjitsu
        • 3 years ago

        Something is better than nothing, I would say. Hopefully people vote with their wallets and vanilla Android, Nexus, and other phones with manufacturers who provide timely updates see more sales.

        But yeah, this two year software update cycle sucks. Should be 3-5 years at the minimum, especially since “affordable” smartphones have reached the good enough stage.

    • Firestarter
    • 3 years ago

    I don’t think Samsung can really be shamed into doing anything that reduces their short term profit

      • tipoo
      • 3 years ago

      “Hey Samsung, it probably isn’t a good idea to convert all your currency to dogecoin”
      Samsung: “Don’t tell me what to do!”

        • sweatshopking
        • 3 years ago

        I have SO MUCH DOGECOIN.

          • tipoo
          • 3 years ago

          Me too. If it ever hits a dollar each, I’m rich!

          So never.

            • Firestarter
            • 3 years ago

            I’m going all in on DAO, I’m going to be SO RICH

Pin It on Pinterest

Share This