Saturday, April 14, 2018

Many Android Vendors are Lying about Security Updates

One of the issues of Android's openness principle is fragmentation, which is a different standard on each device. Fragmentation is not only in terms of application performance, but also security.
Some Android vendors have high security standards with regular software updates, some are reluctant. Worse, not a few vendors who lie to users about security updates.
According to a recent study from a German security firm, "Security Research Labs," some Android vendors told users that their device has been inserted the latest patch, though not yet.
The research team, Karsten Nohl and Jakob Lell, analyzed 1,200 Android devices for two years, to come to this conclusion. They named the "patch gap" as a technical term from Android vendor lies against users.
The patch gap is a condition in which device software claims to have made an update, but the code being checked shows many patches passed. Ironically, patch gaps become a fair practice among vendors, large and small.
Smartphones made by Samsung, Sony, Xiaomi, OnePlus, Nokia, HTC, Huawei, LG, ZTE, did not escape from this lie. More details, Sony and Samsung are said to average just skip one patch update.
Google-made smartphones do not miss a single security update. According to the research team, the patches that could be missed could also be due to chipset errors. Smartphones that use Samsung chipsets rarely miss patches than MediaTek. This could be due to a bug in the chipset and affect the operating system. According to Google, patches that can be passed can also be because certain devices are not certified, so the security standards are different.
Another possibility, certain smartphones do not have features that need to be patched, so the patch is passed. Google's passage is certainly acceptable. Vendors may skip patches due to various factors. However, the device software claims that the patch has been updated has not turned out to be a public lie.