Android security paches

“Fragmentation”, This has been the main characteristic of Android devices’ security patches over the years. Google has had a problem of Fragmentation as far as the distribution of Android devices’ updates is concerned. Almost every month a dedicated security team at Google release a new set of patches for Android devices’. However, as OEMs say, it’s a hurdle to get these security patches to the actual phones or tablets, the process is meandering.

According to the contract obtained by The Verge, Google provides that OEMs will now be required to provide at least 4 security patches in the first 2 years of launching Android phone or tablet, starting from 31 January 2019. This will include all Android phones and tablets released after 31 January 2018. However, this contract may not affect all OEMs as Google will be mainly focusing on popular phones, termed as “security mandatory models“.

The contract also says the 4 patches will only apply to popular brands that would have been activated by at least 100 000 users.

This will mean popular brands will have to provide an update every three calendar months minimal.

This contract has since been applied to about 75% of Android phones, as of 31 July 2018. However, as from 31 January 2019, all Android Phones will have to comply with the direction. Any OEM that is going to work against the contract, then Google will not take it lightly, the search giant will not approve their phones and that will simply mean they will not be able to manufacture phones powered with the Android OS.

Google in recent years has tried it’s best to correct the problem of fragmentation by introducing things like Project Treble. The introduction of Project Treble was to curb the problem of slow distribution of Android security patches to Android phones. It came as part of Android Oreo (8.0) The introduction of Project Treble was not felt by many as its impact cannot immediately be felt by the end user, it works behind the scenes.

Early this year, May 2018, to be precise, Google revealed it would start requiring OEMs of popular brands of Android phones to provide regular Android security patches. This comes at the back of growing concern in the security of Android phones. As the importance of data and privacy continue to be a priority to many, Google has noticed that and is trying to do what it takes in order to address the issue.

These terms, according to The Verge, appeared in the latest Google’s licensing agreement for all Android phones and tablets to be distributed in Europe from early 2019. It is however not confirmed if the same terms will apply to other regions of the world, but as far as Google’s public comments indicate, the same may apply or with minor adjustments

Talking about how Android phones have been receiving updates in the past, the distribution has been pathetic especially in old phones and non-Google phones. The consumer would rarely receive updates as the device ages or when its use dwindles. If this newly contract address this issue, then, it will be a big plus to Android phones users especially when internet privacy controversy continues to unfold, like the one at Facebook recently

Conclusion

What do you think of Google’s move to improve the distribution of Android security patches? Will this prosper and how Android users may receive the news. We would like to hear your opinion on the topic, just hit the comment box below and share your mind.

Android phones are nowadays used to store very important data, photos, videos, which as an Android user, you may not prepared to lose. Read this article on how you can secure your Android phone.

Related; Google launches Android Pie

He likes to play with the latest phones, gaming consoles, PCs, laptops and when he gets some spare time he likes to do VFX stuff. You can always find him playing with tools like Photoshop, Lightroom, Premiere Pro, After Effects, etc. His current gear is Galaxy Note 9+

9 Replies to “Google now requires two years of regular security patches for popular Android devices”

  1. Okay, I like that Google is taking action on behalf of Android users. But for it to be put into place. there has to be at least over 100,000 users. Not too sure about, I think all android users should get the same service.

    It’s almost like people are going to be asked to upgrade just to use the service, most obviously people who will want this service are the new android users. 

    Not everyone pays attention to the news, so the people who have the older model may miss out on this. My daughter works in the cell phone industry, she hasn’t really mentioned this coming out.

    I have to say one thing though, I hate patches, it means something has to be fixed. Why not get it right in the first place?

  2. I have tried Android OS on Samsung Galaxy & Edge and Galaxy 8. Recently we have changed to Apple iPhone 8 Plus. I enjoy the versatility of the Android, but we enjoy the security that iPhones offer. Android is great for people who like to do almost everything with their phones and it is great that they are able to keep them updated and patched, but too bad that there seems to be a lot of restrictions and hurdles to get past in order to ensure that your phone stays up to date. 

  3. I have tried Android OS on Samsung Galaxy & Edge and Galaxy 8. Recently we have changed to Apple iPhone 8 Plus. I enjoy the versatility of the Android, but we enjoy the security that iPhones offer. Android is great for people who like to do almost everything with their phones and it is great that they are able to keep them updated and patched, but too bad that there seems to be a lot of restrictions and hurdles to get past in order to ensure that your phone stays up to date. 

  4. Hi Ngonidzshe. Thank you for your very informative article on system updates. I’m certainly not an expert in this field but, by the the way you have constructed this in depth blog it seems you certainly are. It’s obvious that security is a continuing issue not only for mobile phones but pc’s as well. It’s extremely important that the consumer can see advancements and results in the ‘patches’ that are constantly being sent out by Google. I only recently upgraded my mobile phone for the very reason you mentioned. It could no longer support these patches and I was having more and more issues with it. The mobile phone has come a long way over the years and my new one does so much more then my old one. I can now work on my web page while relaxing in my lounge chair rather then being constantly hidden away from my family. But it’s important that I can feel secure in knowing that Google are constantly updating any issues that might eventuate. I like to know that all my personal data is safe. Thanks JIM

    1. If Google is going to make sure all the OEMs abide by the contract, surely it is going to be good news to all Android users. Security have been of great concern in the Android ecosystem, being an Open Source, makes the Android OS quite vulnerable to malware and malicious attacks, so Google’s stance on making sure all Android manufacturers are providing timely security patches is a positive move. Hope Google is going to walk the talk.

  5. A few years ago a phone was just that.  It was a phone.  However these days the actual phone part I believe is the simplest.  Most of us at a touch of the screen have access to our bank accounts, credit cards, job information and personal stuff like pictures, emails and text messages.  I think the more security the better.  I never scoff at an update.  I may put it off until bedtime or something but I know that at the end of the day this service is working to help us as opposed to hindering us.  Great article, thank you.

    1. You are welcome Dale, its very true, smartphones have become great companions for many and many of them carry highly sensitive information and valuable data. Mobile phones has become mini-pocket computers, as such their security mustn’t be ignored 

  6. Thanks for sharing. I think it’s important that Google does whatever it can to make the security patches for Android regular and easily available. From a logistical standpoint, I’m sure it’s not easy, but with so much identity and info theft going on, it’s critical. It seems that mobile phone use has replaced laptop and PC use on a personal level. This adds to the urgency of the dilemma. 

    Everything that can be done, should be done.

    Thanks for the update on this universal topic!

Leave a Reply

Your email address will not be published. Required fields are marked *