Google Search

Custom Search

Thursday, 6 August 2015

Android's monthly security update but only Samsung & Nexus device for now

With the latest security flaw found on Android and how major it is, Google will have a schedule monthly security update for all android version but as of now only Google (Nexus) and Samsung will apply it. Late last month, a huge security flaw was published to the general public that show how a hacker can have access to any Android device just by sending a MMS with malicious payload. The flaw isn't something on apps but on the Android system itself that make patching it not easy because Google don't have control over Android distribution except Nexus.

Acknowledging that it is serious, Google would embark to something that would be unthinkable, a monthly security patch / update. The issue with Android is that it is an open source system thus anyone can actually download the AOSP package and use it on any phone without any of Google control and the only way Google can help with the update is the single Google Playstore system that would only assist on patching / updating apps. Even playstore are not spared since almost all of Chinese manufacturer have created their own Store to replace Google's Playstore.

All Nexus device would be covered for 18 months after end of sale.

The same cannot be said about iOS, Windows or Blackberry, where any system update will be handled directly by the owner of the system respectively that helps with security flaw and patches. The patches for iOS is well managed as such with the case of the "text" flaw earlier this year was patched in the latest ios 8.4.

With devices running Android are in the millions with hundreds maybe thousands of AOSP distributors, patching any Android system flaw is not up to Google even if they already release the patch to the masses. We should be expecting very bad to even no security patches from these smaller distributors and the real loser in this is the consumers.

We as consumer should be making the right decision on the security of our devices as most user tend to store everything on their phone and losing control of those data might be detrimental to some. Imagine your banking data (login and password), your control over application (hacker could call , text or capture image) without user knowledge or even taking over your cyber identity where most of user ask device to store these password anyway.
Samsung S6 might be the first to receive the updates
This is a very good move from Google and Samsung and something that we hope that more would follow but until then we are sticking with our nexus and would consider only well supported devices manufacturer in the future. We hope our readers also would take this important milestone very seriuosly unless you don't care about your security.

No comments:

Post a Comment