Every month, a security team at Google releases a new set of patches for Android – and every month, carriers and manufacturers struggle to get them installed on actual phones. It’s a complex, long-standing problem, but confidential contracts obtained by The Verge show many manufacturers now have explicit obligations about keeping their phones updated written into their contract with Google.
A contract obtained by The Verge requires Android device makers to regularly install updates for any popular phone or tablet for at least two years. Google’s contract with Android partners stipulates that they must provide “at least four security updates” within one year of the phone’s launch. Security updates are mandated within the second year as well, though without a specified minimum number of releases.
Be still my beating heart – four whole security updates in the first year, and “a” security update in the second year? How mightily generous.
Surprisingly enough, it seems that some OEMs are improving.
The Galaxy Note 4 was pretty much abandoned within a year. Thankfully, it was easy to root and install custom ROMs.
The Galaxy S6 received two major OS upgrades (from 5 to 7) with a rumour that it’ll receive 8 (but I doubt that). Our S6 should be back from the repair shop this week, so we’ll see if there’s an update waiting for it. Our SiL’s S6 Edge received a 2018 security update, although I don’t recall the month. This phone is over 3 years old.
The Galaxy S7 received two major OS upgrades (from 6 to 8), and just received the Sept 2018 security update. The monthly updates seem to lag about 6 weeks behind. This phone is 2.5 years old.
The Galaxy A8 (2018) has already received a monthly security update, and there’s an OS update waiting for it (we’ve only had it for 2 weeks), which should bring it from 7 to 8. This phone is less than a year old.
The LG V20 just received an update to Android 8 last week, and is running the Aug or Sep 2018 security update. This phone is just over 2 years old now. Unfortunately, the monthly updates seem to lag by 2-3 months.
So, while they aren’t perfect, and they aren’t as fast as they could be, it’s much better these days than it was in the past.
My LG Power X is stuck on Android 6.0 April 2018 security update, it got about 2 updates since I bought it two years ago.
As usual, the promise that it would be upgradable to 7.0 was quickly forgotten.
Given that my Lumias are still getting WP 10 updates, and both of them have gotten more updates than all my Android devices that I bought since Android 2.1 combined, this is a welcomed addition even if small.
Not everyone has budget to buy flagship devices on pre-paid prices or to tie ourselves to leeching contracts.
Not everyone buys flagship devices (or even upgrades their device every 2 years) the Play Store dashboard is pretty indicative of this.
Google will not care about security updates until the first Blaster-like exploit lands on the (largely unpatched and unpatchable) Android installed base. And this will be a “greenfield” area for hackers and it will tarnish Android’s name permanently…
At least now the “but it’s open sauce!!11” excuse Google likes to use is out of the window. Google can and will enforce security patches for any time duration it wants. The reason the duration is so small is pure greed on Google’s part.
Edited 2018-10-24 21:27 UTC
Here it is October, and my LG V30 has Android 8.0 and the August Security Update installed on it, so evidently LG is not bound by this new requirement. Or I suppose that either they or T-Mobile, or both, are “testing” the September and October updates. This is all laughable and ridiculous. If this wasn’t a work-provided phone I wouldn’t have a thing to do with Android. It’s just too dangerous.
Edited 2018-10-24 21:12 UTC
I might be tempted back into android at this rate. Maybe. They just need better silicon than qualacomm is giving out. Intel, where the hell are you to kick qualacomm in the rear? What the heck is the point of a 600 lbs gorilla if they just sit there?
Kudos to Google.
Maybe, at future, a stable or LongTerm, for the cheaps of the rest of the world.
I’ve got a S7 and I probably have one more year of updates. it will be probably 3,5 years of support from google and samsung. it’s not enough. phone is quite good and anfter another year it still probably will be good. but not supported. google and samsung support is a joke. recently apple released new ios and they still support it on a phone released 4,5 years ago. the only advantage of android phone over apple is that it’s cheapper.
The real problem is that it’s not cheaper. The high end phones are near the same price as iPhones. The low end devices stop getting patches and when you have to buy two of them to stay secure, you didn’t save any money. It’s only the people who love to run insecure, unpatched phones that get an advantage with android.
It is massively cheaper.
I have a Xiaomi Mi A1. It gets monthly security updates as it’s an Android One phone, and it cost me £140 brand new.
The cheapest iPhone is £449. I can replace the Mi A1 three times and still have £30 in my pocket.
Eh, just get for example a low end Nokia if you want updates on the cheap… (anyways, most of the world is quite happy with very much cheaper, even if often non-updated, Android handsets; typically iPhones are not even an option financially)
Apple may update longer, but older phones also slow down A LOT with each update. I’m not sure that’s better.
My Nexus 6P no longer receives the big updates, but I get a security update every month. Even my old Moto X got security updates for a long time. It’s not like this is a problem for every manufacturer.
Funny enough, my iPhone 6 (now a backup phone) is flying on iOS 12. I guess Apple took last year’s throttlegate (or whatever gate it’s being called) seriously.
It’s not always clearcut. Some iOS versions are simply less polished than others. Starting from the version the iPhone 6 shipped with;
iOS 8 – Buggy and stuttery.
iOS 9 – Better the 8 in almost every way.
iOS 10 – As smooth as 9, though some app launches were a few tenths slower.
iOS 11 – A complete dog. Worst iOS since 8
iOS 12 – Back to iOS 10 speeds.
gan17,
I’ve only witnessed this as an outside spectator, but I’m curious if you have any data that corroborates this?
When apple was proven guilty of slowing down old phones their PR defense was bad batteries. Did they really remove the throttling in the latest version? If so, that’s good, but it also undoes the validity of their defense.
At the time of throttlegate, I asked IOS users on osnews to measure if there was a performance difference when the phone was plugged in and fully charged so that battery wouldn’t be an issue, but nobody did.
The “Battery Health” display in Settings that was introduced earlier this year still exists in iOS 12, and you’ll eventually get the warning to replace your battery at an authorized Apple Extortion House when it goes below a certain threshold, along with a short paragraph telling you that performance has been throttled.
If your battery’s still good – mine’s currently rated at 88% after 4+ years – then you’ll simply get “Peak Performance” shown. Performance is the same plugged in. It only goes to shit once iOS thinks your battery is whack, plugged in or not.
Edited 2018-10-25 22:03 UTC
gan17,
Well that’s disappointing. It should not disregard power availability and throttle anyways just because the battery is old. Even an old battery, fully charged, produces more voltage than a new battery at half charge. The performance tuning should be based on the realtime conditions at any given moment. Being engineered this way suggests that planned obsolescence narrative was/is completely true.
Apple should give users a performance/battery life setting so the user can choose what’s best for them (like laptops have).
Oh well, file this under disappointing but not surprising.
Edited 2018-10-26 09:12 UTC
But an old battery discharges faster nonetheless(?)
zima,
That’s true, they hold less energy every discharge cycle, so they’ll discharge more rapidly from charged to discharged. Instead of 10 hours under a given load, the same battery might only get 8 hours after 1000 cycles. However in this comparison between old and new batteries, we’re not starting at the same starting line: the old battery at 100% charge can deliver more voltage and AH than a new battery at 30% charge, for example.
See graph of voltage decreasing as a battery becomes depleted.
https://electronics.stackexchange.com/questions/108002/standard-curr…
Throttling should only kick in when the power supply is too weak to deliver enough energy, but in apple’s case it sounds like they disregard how much energy is available (even when charged & plugged in) and just turn on throttling on older devices all the time. It doesn’t make sense to engineer it this way unless planned obsolescence was one of their goals.
Edited 2018-10-28 19:03 UTC
Hm, but the new battery will give its phone an overall longer time between charging, if the phone with old one isn’t throttled; that’s what this is presumably about in Apple’s eyes / what matters to users, not about prolonging agonal phase when battery is near empty. But yeah, still somewhat strange that it throttles also when plugged into the charger… (maybe the idea is to give consistent user experience)
That changed with iOS 12, which sped up all supported iPhones, some tremendously faster than they had ever been. https://bgr.com/2018/09/19/ios-12-speed-upgrade-old-iphone-ipad/
Hm I mustbe lucky then, still in the iphone6, an I’ve noticed no significant slow downs since I got it, battery stil at >95% capacity the again, I don’t game on my phone and generally turn if eye candy as I find it annoying,
bn-7bc,
Your experience fits the data. You can take a look at the geekbench benchmarks that initially revealed the performance loss.
https://www.geekbench.com/blog/2017/12/iphone-performance-and-batter…
Notice that various phones fit into various throttling “buckets”. The majority of phones experienced no throttling, but consecutive updates increased the chances of being throttled.
Though keep in mind that Apple still sold that old phone until quite recently… we should also look at time of support from the end of pushing a particular phone model on consumers.
“Be still my beating heart – four whole security updates in the first year, and “a” security update in the second year? How mightily generous.”
The average price of Android handsets is $200. Many are much, much cheaper. There is no margin for manufacturers to offer long term support on budget devices.
unclefester,
IMHO that would be a non-issue if we weren’t dependent upon the manufacturer for binary blobs in the first place. Consider that PCs are usable even a decade after the time of sale. This is not because PC manufacturers provide a decades worth of long term support, it’s because we’re free to install a newer modern OS whenever we want without the vendor’s help. It’s only because we’ve lost this control on mobile phones that we’re so reliant on vendors to provide operating system updates.
For this reason, I think the problem genuinely is solvable without long term commitment from the hardware vendors, but we as owners would need to explicitly be able to replace the bundled vendor supplied operating system. That’s how we can solve this without adding costs. Unfortunately I don’t think the will is there from manufacturers, they like planned obsolescence.
The phone vendor and carrier are both involved in providing updates. That is why Windows Phone and iPhones have never allowed any carrier modifications.
So on my unlocked KEY2 that I bought directly from BlackBerry themselves, I still have to wait for my carrier to approve it even though my carrier doesn’t even sell BlackBerry’s? Very strange… Or in other words: you’re wrong. Carriers are involved, but only if you got a phone on contract. If you have an unlocked phone, only the manufacturer is involved.
unclefester,
Providing application software wouldn’t be a problem, but what I’m saying is that we shouldn’t be dependent on the manufacturer or the carrier for OS updates. It’s just regrettable that we’ve ended up in this state of affairs allowing either of them to hold back our device operating systems. As long as this type of arrangement continues, I predict the update problems will continue as well. Carriers are just as guilty as manufacturers at encouraging us to buy new devices continuously.
Side note: I will never buy an overpriced locked device from a carrier again, you can typically get a similar model lock for cheaper elsewhere with none of that carrier lock-in BS!
is it not too late already?
They have built (google and other ads/hackers/NSA/FSB/MOSSAD) their massive database thanks the earliers ultra-permissive scheme and now that people just got “educated”(hem, used to it) in that direction, do you think they opt-out?
They should have done that the begining, asking for calendar and contact book for a game, that was already silly but yeah, Android had to gain traction fast on the market.
So each time i see such article, it makes smiles, the worm is already in the apple.
Edited 2018-10-25 09:21 UTC
My experiences with Samsung are quite poor. Orphaned devices and slow OS and security updates seem to be their norm. This makes business sense when you note the speed at which they roll out new devices but the consumers get shafted.
My Motorola devices get slow updates as well but at least they have rolled out every promised OS update, unlike Samsung. LG performs at about the same level for me.
I saw at least one earlier comment that hints Apple is somehow better in this department. The speed of updates is decent considering the controlled ecosystem but the security holes themselves are a plentiful bounty. A walled garden can’t keep all the rats out.
Yeaaaaa!
considering the biggest swell of purchasers of a “new” device are likely to be with 2-6 month period following it’s launch, not the first three months. Google could have done a bit better here, and mandate that the final (full) security update could be NO LESS than 30 months following release. That would have been “fair”, at least in my book.