According to a novel study, most Android vendors accept been lying to users close safety updates together with telling customers that their smartphones are running the latest updates.
In other words, most smartphone manufacturers including big players similar Samsung, Xiaomi, OnePlus, Sony, HTC, LG, together with Huawei are non delivering you lot every critical safety land they're supposed to, a study past times Karsten Nohl together with Jakob Lell of High German safety theater Security Research Labs (SRL) revealed.
Nohl together with Lell examined the firmware of 1,200 smartphones from over a dozen vendors, for every Android land released final year, together with flora that many devices accept a "patch gap," leaving parts of the Android ecosystem exposed to hackers.
"Sometimes these guys simply alter the appointment without installing whatever patches. Probably for marketing reasons, they simply laid the land degree to almost an arbitrary date, whatever looks best," Nohl says inwards an interview amongst Wired.Google releases safety patches every calendar month to proceed its Android ecosystem rubber together with secure from the underlying risks, but since every manufacturer together with mobile carrier modify the operating arrangement to brand their smartphone unique, they ofttimes neglect to apply all those patches inwards time.
SRL researchers investigated smartphones that had supposedly received together with installed the latest Android updates together with released the next breakdown of their findings:
- 0-1 missed patches—Google, Sony, Samsung, Wiko Mobile
- 1-3 missed patches—Xiaomi, OnePlus, Nokia
- 3-4 missed patches—HTC, Huawei, LG, Motorola
- 4+ missed patches—TCL, ZTE
As shown above, Google, Samsung, Wiko Mobile together with Sony are withal doing groovy inwards installing patches, but others, specifically Chinese vendors similar Xiaomi together with OnePlus are worse inwards protecting their customers against latest safety flaws.
In lodge to address the land gap issue, Google has already launched a project, dubbed Treble, nether which the companionship brought unopen to pregnant changes to the Android arrangement architecture final yr to gain to a greater extent than command over the update process.
However, fifty-fifty if your Android device runs Oreo 8.0 operating system, it's non necessary that it supports Treble project, equally it's withal upward to the device manufacturer to include it. For example, Oreo firmware update for OnePlus devices don't back upward Treble yet.
But novel devices volition live on required to back upward Treble moving forward.
