1000$ phone - no security updates

[Lobwedgephil]

Re: I luv my note 8... But for a $1000 phone August 1 security updates is totally unacceptable

They claim to be committed to monthly security updates, apparently soon we will be receiving the October Update, in middle of November. Maybe.

 

[chanchan05]

Re: I luv my note 8... But for a $1000 phone August 1 security updates is totally unacceptable

They say that they will provide the updates, but not how often or how late. Typically they provide the update approximately 4 to 8 weeks behind schedule, IE the October update is issued between November week 2 and December week 1. Occasionally they do beat that but it's not often. It's also well known that the international unlocked is one of the slowest devices to receive updates, and in some cases it receives 1 update every 2 to 3 months.

That's more dependent on your carrier. In my experience I get updates 2-3 weeks after Google releases them except for about 3mos before major updates. Was like this last year on my S7. Bought it April, monthly update til Oct then slowed down to just one update for 3mos til Jan, got the Nougat, then monthly again. Now the S7 is stuck on Aug.

But reports are coming in of various variants of S7, S8, and Note 8 getting a 477mb update to october patch.

 

[Almeuit]

Re: I luv my note 8... But for a $1000 phone August 1 security updates is totally unacceptable

My last security update is August 1... Come on Samsung you can make all the commercials you want knocking ios but you fail big time in this area. I know there's not we can do... I'm just saying... How do you feel? And any ideas?

Merged your thread with the existing one.

 

[magichoward]

Yes sorry I wrote this within minutes of the other thread both threads launched within a minute of each other.. Great minds think alike

 

[magichoward]

Also, like many thousands if not millions of people I paid full price. No carrier. Unlocked.. Samsung please start to look after existing customers.. Also whilst at it Oreo not even this year... It's a $1000 yes a $1000 phone...

 

[Aquila]

Yes it's a $1000 phone, but everyone who bought it either already knew or had the information available to them to find out that updates, both monthly and major updates, are not a priority for Samsung. That's not really their thing and that's not likely to change rapidly.

 

[default_generic_android]

I just received an update for my AT&T Note 8. With Oct 1 security patch.

 

[strikeIII]

Yup. I'm on AT&T and downloading the update as I type this. It's 377.75MB so quiet a big update.

 

[convergent]

Same here with update on AT&T. 7.1.1 with Oct security patch.

I would really rather the updates be less frequent... and well tested and will work... then winning the "I got it first" race and have problems. I don't recall hearing of any hacks into Android because of slow updates. I do recall hearing of problems when things weren't well tested.

 

[Gayle Lynn]

Android vs iOS vs Windows: Which suffers most infections? Nokia reveals all
Nokia says third-party Android app stores need to raise their game to improve overall Android security. Phishing, trojanized apps, banking, man in the middle. No one wants to take chances though, not really.
Android vs iOS vs Windows: Which suffers most infections? Nokia reveals all | ZDNet

 

[Sam_Gs7]

Hey! GayleLynn: Opened the link it call the attention that
Snapshot where -Android get 68% : Windows Phone 27%
iPhone 3.54% of infections: How come iPhone get
that % does related to its earnings-$ : Don't
see new updates can Keep us safe
better use good Web practices.?

 

[j_hansen]

NOKIA reveals all..... PMSL
WTF do Nokia know about mobile devices these days... Please.. The 80s called and want their joke back....

 

[strikeIII]

Well, don't use 3rd party app stores.

And in case people were wondering what's included in AT&T latest update this was posted in another thread.



From the AT&T Note8 update site:

The updates

What's changing: Network performance enhancements, stability improvements, other various updates and fixes, and Android device security updates, including KRACK Wi-Fi vulnerability fix and BlueBorne fix (on SPLs September 1 or later)

Release date: November 14, 2017

Android version: 7.1.1

Security patch level (SPL): October 1, 2017

Baseband version: N950USQU2BQJA

Kernel version: 4.4.21-12461033

Build number: NMF26X.N950USQU2BQJA

Build fingerprint: 7.1.1/NMF26X/N950USQU2BQJA

Previous versions required: N950USQU1AQH7 or N950USQU1AQIA

 

[reinbeau]

Well, don't use 3rd party app stores.

And in case people were wondering what's included in AT&T latest update this was posted in another thread.



From the AT&T Note8 update site:

The updates

What's changing: Network performance enhancements, stability improvements, other various updates and fixes, and Android device security updates, including KRACK Wi-Fi vulnerability fix and BlueBorne fix (on SPLs September 1 or later)

Release date: November 14, 2017

Android version: 7.1.1

Security patch level (SPL): October 1, 2017

Baseband version: N950USQU2BQJA

Kernel version: 4.4.21-12461033

Build number: NMF26X.N950USQU2BQJA

Build fingerprint: 7.1.1/NMF26X/N950USQU2BQJA

Previous versions required: N950USQU1AQH7 or N950USQU1AQIA

Security patch is dated October 1, 2017.

 

[anon(5630457)]

This is the main reason why I don’t use a Note 8 anymore. For a device that costs ten Benjamins, the security should be updated in a timely manner. It’s inexcusable that Samsung devices don’t get updated sooner. I see the October 1 security patch was just made available, but it’s November 15 now. It’s already six weeks behind.

 

[Gary02468]

This is the main reason why I don’t use a Note 8 anymore. For a device that costs ten Benjamins, the security should be updated in a timely manner.

I too would much prefer quicker security updates.

On the other hand, as far as I'm aware, there are zero known instances of a Note 8 being breached due to Samsung delaying a patch. So even though it's a valid concern, I'm not going to avoid the phone for that reason.

 

[torbach1]

I too would much prefer quicker security updates.

On the other hand, as far as I'm aware, there are zero known instances of a Note 8 being breached due to Samsung delaying a patch. So even though it's a valid concern, I'm not going to avoid the phone for that reason.

I'm with you on that, but the vulnerabilities that are now cropping up are different because they're attacking WiFi (KRACK) and Bluetooth (Blueborne), both of which can be used with zero action on your part. The scope of these is still limited because a perpetrator would have to be within 30 feet of you or so. But opportunistic hackers could sit in public places and try their best.

I was fine with things when infection of my device required me to do something careless. I'm less ok with it when I don't have control. I'm not moving away from the Note 8 because of this. Just stating that things are changing and hackers are unfortunately getting more and more crafty, with help from security companies who look for and then expose major vulnerabilities.

 

[chanchan05]

I'm with you on that, but the vulnerabilities that are now cropping up are different because they're attacking WiFi (KRACK) and Bluetooth (Blueborne), both of which can be used with zero action on your part. The scope of these is still limited because a perpetrator would have to be within 30 feet of you or so. But opportunistic hackers could sit in public places and try their best.

I was fine with things when infection of my device required me to do something careless. I'm less ok with it when I don't have control. I'm not moving away from the Note 8 because of this. Just stating that things are changing and hackers are unfortunately getting more and more crafty, with help from security companies who look for and then expose major vulnerabilities.

I was reading an article on KRACK and it seems it's not really patchable from phone side because it's a vulnerability on the router. I may be wrong if course, as I'm did not major in that field, but that simply means don't use public wifi, and set your home wifi to invisible and change its SSID.

 

[Gary02468]

I'm with you on that, but the vulnerabilities that are now cropping up are different because they're attacking WiFi (KRACK) and Bluetooth (Blueborne), both of which can be used with zero action on your part.

Yup, that does elevate the seriousness. Even the physical-proximity requirement doesn't help much once malware exploiting these flaws starts spreading.

However, Samsung seems to have patched Blueborne in its AQI5 update in September, even though it's only at the August 1 Android patch level. The Armis Labs app confirmed that my Note8 was no longer vulnerable.

I run through my own VPN server when my phone is on WiFi, so I'm not as worried about KRACK as I might otherwise be.

 

[torbach1]

I was reading an article on KRACK and it seems it's not really patchable from phone side because it's a vulnerability on the router. I may be wrong if course, as I'm did not major in that field, but that simply means don't use public wifi, and set your home wifi to invisible and change its SSID.

I think it depends on the power of the device's wifi transmission. But using a VPN app can be good enough. Blueborne is a bit scarier than that. But I don't know of any use of Blueborne yet. Still, I'm in Cyber-Security, and I'm seeing a trend where these folks are becoming more and more sophisticated, and these things will show up more and more often. So the monthly security updates will become more and more important.