Study: Android Phone Makers Skip Google Security Updates without Telling Users

Megalith

Megalith

24-bit/48kHz
Staff member
Joined
Aug 20, 2006
Messages
13,000
Germany’s Security Research Labs (SRL) has revealed that some Android smartphone manufacturers are intentionally misleading users into thinking that their devices have the latest security patches, even when some of them fail to install. Worse, some vendors have exercised “deliberate deception” by moving patch dates forward instead of providing any actual updates.

In the findings due to be presented at the Hack in the Box security conference in Amsterdam on Friday, the researchers said of the 1,200 smartphones tested, some manufacturers may miss one or two patches from the monthly security updates, but others may miss many more. Failing to update their smartphones with the latest security updates is one thing, but SRL found that some simply lie about installing any patches at all.
 
I'm running crDroid on my Nexus 6p, and it's been updated 3 times already this month.
 
jfreund said:
I'm running crDroid on my Nexus 6p, and it's been updated 3 times already this month.
Click to expand...

Yeah, but in some cases they are saying that updates are being sent out, but they are skipping one or more of the security patches. So, you get an update, but you don't get the security patch as part of that update :(

I'm not familiar with crDroid though. IN general I'd imagine this applies more to OEM images.
 
All this while AT&T rolls out non-security updates that do nothing but break already-working apps...
 
I have 2 Pixel 2 phones, one on Project Fi for my personal phone and one on Verizon for my work phone. My work phone has been updated once in the last 3 months, while my personal phone has updated 4 times in 2 and a half months. I think Verizon is holding back updates.
 
dgingeri said:
I have 2 Pixel 2 phones, one on Project Fi for my personal phone and one on Verizon for my work phone. My work phone has been updated once in the last 3 months, while my personal phone has updated 4 times in 2 and a half months. I think Verizon is holding back updates.
Click to expand...
It's the only way Verizon has to brick your phone & force you into a new one.
 
I've given up caring if honest. I buy a phone, use it for three years and get another one. Never install masses of apps, always restrict the permissions to the minimum and never had an issue.
 
Well, if they are at least looking into the update and checking pros cons in their hardware, not to terrible I think, kind of delaying Ms update for severs I guess.
 
Last edited:
katanaD said:
imagine, if you will, a device that didnt NEED constant security updates..
Click to expand...
That's easy, because I had one. ;)
celly.gif
 
You must log in or register to reply here.
Back
Top