Android is an operating system around which a lot of stereotypes have developed that are weakly correlated with reality. For example, in certain circles it is generally accepted that Android, in principle, cannot function normally out of the box and it must be set up, configured and finished in every possible way. Or, let's say that Android is such a heavy platform that smartphones even with 6 GB of RAM can barely pull it out, not to mention weaker models. However, there are also such stereotypes that are really based on the real features of the OS.
Updates are more important than you think
Of course, I'm talking about updates that are very rare for Android. No, of course, Google diligently releases one security patch every month, but they only reach two out of ten smartphones at best. Moreover, this is not my opinion, but the balanced position of experts in the field of information security of the Center for Internet Security company. They conducted an independent study and found that due to the lack of clear regulation in the distribution of updates, most of the smartphones that are now in their hands were susceptible to hacking and hacker takeover.
Security Updates Android
If you did not receive the update among the first, then most likely you will not receive it already.
Imagine, the May security update that Google released this week fixes a whopping 39 vulnerabilities. Among them there are several critical gaps, exploiting which, in fact, hackers can remotely seize control of a vulnerable device and become its actual owner. It would seem, what difference does it make how many vulnerabilities the update has fixed if it has already been released? However, the problem is that so far only Galaxy S20 smartphones, all Google Pixel and Galaxy Fold devices have received it. All.
All other devices, even flagship ones, will either receive the May update with a delay, or, like my Honor View 20, will not receive it at all. Because the manufacturer believes that releasing monthly security updates every three months (!) Is the norm. As a result, if you start counting, it turns out that in the most optimistic scenario, the number of vulnerable smartphones will clearly equal or even exceed 80% of the total mass. This is a colossal figure, considering that most devices do not receive patches at all.
How to improve Android
In Android 11 the situation should change for the better, but again, there are no guarantees
Is it possible to solve this problem somehow? Of course, it is useless to appeal to the manufacturers who are responsible for the non-release, or rather non-adaptation of security updates. We have already seen this during the existence of such a phenomenon as security updates. So Google has to do something on its own. Yes, the search giant has plans to launch a modular Project Mainline architecture that will allow patches to be distributed to all devices via Google Play, but I would not have hoped for it too much. There are several reasons for this:
- First, it was planned to launch Project Mainline a year ago, but something went wrong and Google postponed this initiative until the release of Android 11.
- Secondly, Project Mainline will be distributed as a constituent element Android 11, which means it will not appear on devices that do not receive this update.
- Third, Project Mainline, like Project Treble, will require optimization on the part of smartphone manufacturers, who, in their usual manner, can simply ignore this aspect.
So something else is needed. Despite the fact that manufacturers seem to operate independently of Google, the search giant still has power over them, which stems from the licensing of Google Play services. Therefore, if I were Google, I would take advantage of this and oblige manufacturers to release security updates for all smartphones within three years, and not just recommend. If they disobeyed, the search giant could revoke brands' licenses for their services, which would quickly change their attitude towards software support for their devices.