74 Vulnerabilities In Android Patched

H

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
Google announced earlier this week that it has released patches for a total of seventy four vulnerabilities, eleven of which were critical. The company says that it had no reports of active exploitation or abuse of these newly reported issues.

Partners were notified of the issues described in the bulletin on November 07, 2016 or earlier. Source code patches for these issues have been released to the Android Open Source Project (AOSP) repository and linked from this bulletin. This bulletin also includes links to patches outside of AOSP. The most severe of these issues are Critical security vulnerabilities in device-specific code that could enable arbitrary code execution within the context of the kernel, leading to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device.
 
Good news for anyone using no-brand chinese phones. Anyone using branded 'expensive' models? WIth luck you may get an update sometime.
 
arnemetis said:
Seriously google needs to push some kind of update through the play store framework or something that fully enables them to push bug patches regardless of the oem or provider's locked down status.
Click to expand...
Well in the early days Google were nieve in thinking the OEM's would push out updates relatively quickly... how wrong were they. They have been tweaking stuff, making more things available via the play store for EXACTLY this reason
 
Wait, this is the November 7th patch? What about the December 5th patch that came out this week?
 
Mr. Perfect said:
Wait, this is the November 7th patch? What about the December 5th patch that came out this week?
Click to expand...

This is the December patch. They just told their partners about them on November 7ish to give them a month to patch it.
 
arnemetis said:
Seriously google needs to push some kind of update through the play store framework or something that fully enables them to push bug patches regardless of the oem or provider's locked down status.
Click to expand...
No, what they need to to is start playing hardball with the OEM partners. Withhold the permission to include the non-open source components that make up Android (namely the Google Experience Pack which includes the Google Play Store, GMail, etc.) until the OEMs start agreeing to a monthly patch schedule. This will of course prevent the OEMs from releasing new devices since the OEM must be given permission to include Google Experience Pack on the device. Not only that but if the OEMs go back on their promise include a kill switch into the Google Play Services to revoke device access if the device has not been updated in more than three months.

Now this is how you play hardball! You hit them where it really hurts... their wallets, their quarterly numbers, and stock price! Money is all the OEMs understand, if they can't sell a new device because Google hasn't given them permission to include the almighty Google Experience Pack then you can watch their stock price take a major shit.
 
Google is not going to do that though, because the openness of the product is a key feature that got Android's user base. You play hardball with companies like Samsung, and it will come back to hurt them. Yes, Android is a complete mess when it comes to standards and patches, but that's something you clean up later.
 
Nytegard said:
Google is not going to do that though, because the openness of the product is a key feature that got Android's user base. You play hardball with companies like Samsung, and it will come back to hurt them. Yes, Android is a complete mess when it comes to standards and patches, but that's something you clean up later.
Click to expand...
Then the Android ecosystem will continue being the massive clusterfuck that it is when it comes to standards and patches.

I always did say that Google made one massive and fatal mistake when they gave away Android, they gave it away along with the keys to the kingdom. Future companies should learn from Google's mistake... never allow your partners to control your destiny, always keep a reign on your partners so you can yank them back to give them a good lashing.
 
Since Android doesn't have a "Windows Update" style updater nobody will actually get these patches. Even Windows 95 had an updater. Get with the program Google.
 
trparky said:
No, what they need to to is start playing hardball with the OEM partners. Withhold the permission to include the non-open source components that make up Android (namely the Google Experience Pack which includes the Google Play Store, GMail, etc.) until the OEMs start agreeing to a monthly patch schedule. This will of course prevent the OEMs from releasing new devices since the OEM must be given permission to include Google Experience Pack on the device. Not only that but if the OEMs go back on their promise include a kill switch into the Google Play Services to revoke device access if the device has not been updated in more than three months.

Now this is how you play hardball! You hit them where it really hurts... their wallets, their quarterly numbers, and stock price! Money is all the OEMs understand, if they can't sell a new device because Google hasn't given them permission to include the almighty Google Experience Pack then you can watch their stock price take a major shit.
Click to expand...

Google wants to make sure Android can be implemented by shitty carriers so they keep getting ad revenue and people's information from the phones.
 
niconx said:
Since Android doesn't have a "Windows Update" style updater nobody will actually get these patches. Even Windows 95 had an updater. Get with the program Google.
Click to expand...
That's never going to happen because of the Faustian bargain that Google made with their OEM partners to get a leg up on the iPhone back when Android first came on the scene. Because Google gave away the keys to the kingdom they're now paying dearly for that mistake.

Yes, Android is open and open is great but as we have seen the OEMs are running roughshod over Google and there's not a damn thing Google can do about it. All they can do is sit back and watch their OEM partners ruin what should have been a great platform. Open is great; geeks love it, I love it. But geeks seem to have one major flaw and that is that we seem to be overly idealistic of what our open platforms will become. Open platforms are great until companies that care only about money take control and that's when open platforms begin to fail and fall apart. Android's undoing will be the very openness that the community loves because the OEMs will continue to rape it over and over without even an ounce of lube.
 
I bought an iPhone and I'm very tech savvy. I build my own computers, I do some programming on the side yet I still bought an iPhone. Why is that? Because I know my device will be supported and updated properly unlike that clusterfuck that is Android.
 
trparky said:
Then the Android ecosystem will continue being the massive clusterfuck that it is when it comes to standards and patches.

I always did say that Google made one massive and fatal mistake when they gave away Android, they gave it away along with the keys to the kingdom. Future companies should learn from Google's mistake... never allow your partners to control your destiny, always keep a reign on your partners so you can yank them back to give them a good lashing.
Click to expand...

trparky said:
That's never going to happen because of the Faustian bargain that Google made with their OEM partners to get a leg up on the iPhone back when Android first came on the scene. Because Google gave away the keys to the kingdom they're now paying dearly for that mistake.

Yes, Android is open and open is great but as we have seen the OEMs are running roughshod over Google and there's not a damn thing Google can do about it. All they can do is sit back and watch their OEM partners ruin what should have been a great platform. Open is great; geeks love it, I love it. But geeks seem to have one major flaw and that is that we seem to be overly idealistic of what our open platforms will become. Open platforms are great until companies that care only about money take control and that's when open platforms begin to fail and fall apart. Android's undoing will be the very openness that the community loves because the OEMs will continue to rape it over and over without even an ounce of lube.
Click to expand...

It's a flaw with their culture. Yes, Google (or Alphabet now) hire from the best schools and people with great resumes, but that blinds them from outside thinking. It's a very "We're successful, so obviously we know what we're doing" mentality. And it's a big echo chamber. And guess what? Those developers who work there are those geeks who happen to love open platforms.

I wouldn't say it's as much of a Faustian deal though, nor is it viewed as a mistake. Rather, it had more to do with hubris on their end, and the flaws are not their flaws, but the OEMs and user flaws.
 
trparky said:
I bought an iPhone and I'm very tech savvy. I build my own computers, I do some programming on the side yet I still bought an iPhone. Why is that? Because I know my device will be supported and updated properly unlike that clusterfuck that is Android.
Click to expand...

Never have much understood the idea that people that buy Apple products aren't tech savvy. The Apple guys around here seem to know a lot. I think a place like this has a lot "brand identity". Yeah, I'm a Windows guy. Not a tech genius but I've been dealing with tech forever and that's like how I make a living. Ultimately is just different flavors of ice cream and people, even tech savvy ones, have preferences and like to stick with a certain flavor. It's a lot more that than some political-religious-morality drama that so many like to make it out to be.
 
trparky said:
that clusterfuck that is Android.
Click to expand...

44VNN19.jpg
 
B00nie said:
More like it's superior ...
Click to expand...

That's a personal opinion and irrelevant.

... and everyone that can't afford it owns android.
Click to expand...

That's a personal opinion based on assumptions and also irrelevant. Calling everyone poor just because they choose not to get locked into the walled garden known as iOS or pay out the ass for hardware with a 200% markup for the privilege of doing so is actually a pretty smart decision.
 
heatlesssun said:
But a lot of folks with Android phones got them with their contracts.
Click to expand...
I got mine under the Apple Upgrade Program, in a year I'll go back and get the new one and just extend my lease on the device.

No offense to the people who like Android, I just like iOS more. I used to be an Android person and was one for nearly four years; I had several Android devices over the period of those four years and I liked each of those devices. I just got sick and tired of pining over new versions of Android being released by Google at the time, reading about how the latest version of Android had this feature or that feature and there I was sitting with a device that hadn't seen any updates in more than six months. I would be on forums asking when the hell the next update was due and nobody knew the answer. Then I looked over at various iPhone forums and all the people were talking about how they all got the latest iOS update and the fact that just two months prior to that they received another update. There I was wondering when the hell my device would get updated to patch known vulnerabilities and that's when I had my "Fuck this shit!" moment and switched platforms.

So far I've had an iPhone 6 Plus and now the iPhone 7 Plus. I had the iPhone 6 Plus for nearly two years and I just got the iPhone 7 Plus. Maybe things have gotten better in the Android camp as of late but from the threads I often read in Android forums make me think otherwise.
 
Last edited:
I can be updated to the latest patch and Android OS on my Moto X Pure Edition if I liked too.

Google [ROM][OFFICIAL] CyanogenMod 14.1 Nightlies for the Moto X Pure 2015 (clark) to get the details.

Reason I don't is that xposed is not supported under 7.1.1 yet and there is battery issue atm for the rom.
 
trparky said:
I got mine under the Apple Upgrade Program, in a year I'll go back and get the new one and just extend my lease on the device.

No offense to the people who like Android, I just like iOS more. I used to be an Android person and was one for nearly four years; I had several Android devices over the period of those four years and I liked each of those devices. I just got sick and tired of pining over new versions of Android being released by Google at the time, reading about how the latest version of Android had this feature or that feature and there I was sitting with a device that hadn't seen any updates in more than six months. I would be on forums asking when the hell the next update was due and nobody knew the answer. Then I looked over at various iPhone forums and all the people were talking about how they all got the latest iOS update and the fact that just two months prior to that they received another update. There I was wondering when the hell my device would get updated to patch known vulnerabilities and that's when I had my "Fuck this shit!" moment and switched platforms.

So far I've had an iPhone 6 Plus and now the iPhone 7 Plus. I had the iPhone 6 Plus for nearly two years and I just got the iPhone 7 Plus. Maybe things have gotten better in the Android camp as of late but from the threads I often read in Android forums make me think otherwise.
Click to expand...

I feel your pain on this. I used to have a Samsung s4 and I don't think I ever got an update over two years. Now my wife has a Samsung s6 edge and still hasn't seen 7.0 while I'm over here on my Nexus 6p already getting 7.1.1. I am pretty sure I had Android 7 back in September, to put that garbage in perspective.
 
B00nie said:
You do realize that you're then paying the same for an inferior product, correct?
Click to expand...

Inferior is subjective. I have used both iOS and Android phones. Both have their place but you don't see me over here bashing either. After that Linux handjob thread we saw a while back I'm not even slightly surprised you are elbow deep in Apple.
 
auntjemima said:
Inferior is subjective. I have used both iOS and Android phones. Both have their place but you don't see me over here bashing either. After that Linux handjob thread we saw a while back I'm not even slightly surprised you are elbow deep in Apple.
Click to expand...

iOS just happens to be the only even remotely secure mobile OS on the market so it's a no brainer to use it. A mobile phone is one of the most dangerous technical devices a modern person owns. It can be used from anything of hijacking your bank account or identity theft to silently calling Ugandan paid numbers.
 
B00nie said:
iOS just happens to be the only even remotely secure mobile OS on the market so it's a no brainer to use it. A mobile phone is one of the most dangerous technical devices a modern person owns. It can be used from anything of hijacking your bank account or identity theft to silently calling Ugandan paid numbers.
Click to expand...

I can't fault you there. iOS is definitely locked down.
 
like, you get that 90's feel when you stare at that ips display, its a hipster thing, what else can it be
 
I have no problem with the screen of the iPhone. So it's not Ultra HD, I don't give a damn. I don't need it!
 
I'd rather have a little less in the hardware department and get guaranteed software updates for up to four years than to have a device that has the latest and greatest stuff in it only to have it be abandoned by the manufacturer six months later because they want me to buy a new device instead. Look at it this way, Windows 7 was released when? October 22, 2009. That makes Windows 7 nearly 7 years old and Microsoft is still supporting Windows 7 with active software and security patches through a guaranteed software update platform (Windows Update). The way that the Android OEMs act would be like Microsoft telling you "Well sorry, your computer is one year old. Buy a new computer!" That's exactly what the OEMs are doing, they don't care. And the fact that we keep falling for it hook, line, and sinker just keeps telling the Android OEMs that the idea of premature device abandonment is just fine in our books. That's basically the equivalent of rewarding failure. I have news for you... I don't reward failure! I take my money elsewhere.

Now, I'm not saying that Apple is a bunch of saints; no sir. Apple has done some really boneheaded moves lately but when it comes to device software update support compared to that of the Android OEMs they look like saints comparatively speaking.
 
auntjemima said:
Inferior is subjective. I have used both iOS and Android phones. Both have their place but you don't see me over here bashing either. After that Linux handjob thread we saw a while back I'm not even slightly surprised you are elbow deep in Apple.
Click to expand...

Hey, I have a Microsoft Lumia 950 that I paid $298 and works great. Then I bought a Microsoft Lumia 650 for $79 yesterday as a backup phone which also works great. (The 650 also feels good in the hand and plays games well enough.) Both have removable batteries and storage expansion capabilities. Point is, none of these OS's are inferior as long as you have the hardware and internal storage to run them properly.
 
You must log in or register to reply here.
Back
Top