- Apr 12, 2012
- 3,059
- 58
- 48
Android's Real Security Problem is the Manufacturers
- Thread starter TraderGary
- Start date
Mike Dee
Ambassador
- May 14, 2014
- 23,439
- 294
- 83
Yet some will argue that timely updates aren't important.....usually those with brands that can't get them.
You're right. That or sometimes they'll lay blame on Google even though it's their OEM not taking action.
- Feb 6, 2017
- 96,844
- 12,664
- 113
My Samsung and 1+6 devices are right now January security patch , so they usually about couple weeks behind my pixels in that regard .
Being ok your OEM's failure to deliver timely security updates is like being ok with an accountant fail to take new tax laws into account when they're preparing your taxes. You might not be affected, but you really, really don't want to deal with the implications if you are.
- Nov 16, 2010
- 17,654
- 215
- 0
I don't mind not being on the exact month patch. It's going to take a real exploit for me to care as much as the article author.
I mean obviously, I'm not likely to use a phone as my daily driver that's a year out of date when it comes to security patch level. But I'm content with my Motorola Moto Z2 Play (a June 2017 device), sitting on the Dec 2018 patch level while today is February 13, 2019.
Google's got a program and list of recommended devices for Enterprise-Level (which, let's be honest, is usually "tougher" than "consumer-level").
https://forums.androidcentral.com/g...terprise-recommended-devices.html#post6272262
In my household, we've got three active Android devices: Google Pixel 2 XL, Motorola Moto Z2 Play (Verizon), and an Nvidia SHIELD TV.
Pixel 2 XL: Feb 2019
Moto Z2 Play: Dec 2018
SHIELD TV: Nov 2018
To me, this is OK.
I mean obviously, I'm not likely to use a phone as my daily driver that's a year out of date when it comes to security patch level. But I'm content with my Motorola Moto Z2 Play (a June 2017 device), sitting on the Dec 2018 patch level while today is February 13, 2019.
Google's got a program and list of recommended devices for Enterprise-Level (which, let's be honest, is usually "tougher" than "consumer-level").
https://forums.androidcentral.com/g...terprise-recommended-devices.html#post6272262
In my household, we've got three active Android devices: Google Pixel 2 XL, Motorola Moto Z2 Play (Verizon), and an Nvidia SHIELD TV.
Pixel 2 XL: Feb 2019
Moto Z2 Play: Dec 2018
SHIELD TV: Nov 2018
To me, this is OK.
- Nov 16, 2010
- 17,654
- 215
- 0
Blame Google for recommending being only behind by 90 days for the enterprise-level and not making monthly a requirement to use Play Services.
Last edited:
Based on the reading I've done, I thought that the real problem was the individual user. Malware and viruses would access the phone via a download or clicking a weblink. Also, if Google Play has been activated, then it will scan the aps for viruses.
While I agree that the manufacturers need to do a better job with keeping their phones up-to-date, my impression was that the weakest link is the user with respect as to what is downloaded, and from where (i.e. outside the Google Play store).
Someone please educate me if I'm mis-informed.
Mike Dee
Ambassador
- May 14, 2014
- 23,439
- 294
- 83
I wouldn't always blame the user because there are things that are unavoidable. Even the Play Store can be risky.
- Feb 6, 2017
- 96,844
- 12,664
- 113
- Feb 6, 2017
- 96,844
- 12,664
- 113
Google phones yeah, but their software and play store policy need to be more strict with manufacturers
Why is that? Google releases the code on time and every month. It's there for every OEM to get. Now, the way I'm reading that is Google has done all it can do, it's up to the OEM to take some initiative and take care of their customers at that point.
- Nov 16, 2010
- 17,654
- 215
- 0
Google isn’t mandating that all phones (with Play Services) require monthly support for security patches. That’s on Google. If an OEM didn’t want to do monthly, they don’t have to. They already have the customer’s money.
From Google, 90 days (essentially quarterly) is one of the requirements for “good enough for enterprise”.
If you want OEMs to change, speak with your wallet and lobby Google to make monthly required.
My point is that Google is not mandating any security updates. If monthly updates are high on your list, then buy a phone that offers that service. Personally, if Google says 90 days is what’s needed to be “enterprise-ready”, then 90 days is OK to me even if the patches are released monthly.
Okay. i get that. I guess my point is the minimum is just that... the minimum. Google doesn't have to force Essential to keep their devices up to date. Essential proactively chooses to do that for their customers. If they can do it then, IMO, OEM's are choosing the minimum path and that's on them.
Google has puts the code out. OEM's can either choose to update OR let that pass. It's like putting food on the table. You can't decide to not eat, with food in front of you, and then say it's the kitchen's fault that you're hungry.
Last edited:
- Feb 6, 2017
- 96,844
- 12,664
- 113
Google is the software provider to android manufacturers, it sets rules how they can code them but not how to protect users and their data,privacy , they should be strict on manufacturers security patches . I blame both manufacturers and Google for this
If Essential can do it, why can't they all? I don't see how Google can be held responsible. They've done all the work and put the code out. IMO, OEM's are the ones at fault for not protecting their customers. The code is there, go get it!
- Feb 6, 2017
- 96,844
- 12,664
- 113
Because we still using Google software and services they should protect us even if manufacturers dont want to in timely manner. They have the leverage .
Similar threads
Trending Posts
-
-
-
-
-
How to easily transfer files wirelessly between a Mac and a Samsung?- Started by pennybak
- Replies: 1
Facebook
Twitter
Instagram