Shortly after Google announced plans to issue monthly security updates for Nexus Phones, tablets, and other devices, two of the top makers of Android devices announced they’ll also be rolling out updates on a regular basis.
Samsung says updates for its devices will roll out about once a month. And LG tells Wired it will do the same.
These announcements come on the heels of the revelation that the Stagefright media engine for millions of Android devices has a security flaw that could allow someone to access your device simply by sending a text message.
While Google is already rolling out a security fix for Nexus devices, the maker of the Android operating system has limited control over the software running on the vast majority of smartphones around the world. That’s because Google basically provides the operating system to device makers who can then modify it according to their own need or those of wireless carriers. When users of those devices receive operating system updates, they’re typically delivered by the phone maker or wireless company… if they’re delivered at all.
Google has been taking back a bit of control in recent years by pushing many updates through Google Play Services and by decoupling some core parts of the operating system. Recent Android phone ship with Gmail, Maps, Chrome web browser, and other apps that are updated through the Google Play Store. That means you don’t need to wait for your phone carrier to approve an update.
But Android isn’t designed to let Google deliver key security updates affecting the core operating system the way that other operating systems are.
Apple can push iOS updates to all of its users because the company controls both the hardware and the software for its devices. Microsoft can deliver some OS updates directly to PC users through the Windows Update process because, although Windows is designed to run across a wide range of devices, there are limits to what PC makers can do to customize the OS before shipping their products to consumers. But the Android model is different, and while it’s great to see some of the biggest players in the space promising to release regular updates, odds are that they’ll only be available for recent model phones and tablets.
So if you’ve got a device that’s more than a few years old, this might be a good time to start looking for custom ROMs.
For now, if you want to know whether your devices is affected by the Stagefright vulnerability, you might want to run Zimperium’s free Stagefright Detector app or the one from Lookout Mobile Security. And if there’s no official fix for your device yet, you might want to try installing a third-party SMS client like Textra or Chomp that attempts to offer some protection for now.
It always takes something like Stagefright before we see any kind of action related to security. Before Stagefright all these companies bs’d about taking security seriously. They’re still bs’ing about taking your privacy seriously. The whole industry is a joke (on us).
Sounds like a lot of PR talk until I see it in action.
Well all my family uses textra so there’s that protecting somewhat.
My oneplus one on cm nightlies is secure and ain’t vulnerable.
My mom’s and aunt’s oneplus one should be getting the cyanogen os 12.1 update which will patch this.
My sister’s alcatel idol 3 will get an update too.
Now how long will it take huawei to update the p8 lite considering it is still on kitkat?
Also have 2 moto x (2013 and 2014) to worry about.
Looks like nexus phones are probably the most secure android phones besides blackphone
Comments are closed.