Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Android Google Security

Google Now Requires Partner OEMs To Offer Two Years of Security Updates To Popular Phones (theverge.com) 74

Confidential contracts obtained by news outlet The Verge show many Android smartphone vendors now have explicit obligations to keep their phones updated. From the report: A contract obtained by The Verge requires Android device makers to regularly install updates for any popular phone or tablet for at least two years. Google's contract with Android partners stipulates that they must provide "at least four security updates" within one year of the phone's launch. Security updates are mandated within the second year as well, though without a specified minimum number of releases.

David Kleidermacher, Google's head of Android security, referred to these terms earlier this year during a talk at Google I/O. Kleidermacher said that Google had added a provision into its agreements with partners to roll out "regular" security updates. But it wasn't clear which devices those would apply to, how often those updates would come, or for how long. The terms cover any device launched after January 31st, 2018 that's been activated by more than 100,000 users. Starting July 31st, the patching requirements were applied to 75 percent of a manufacturer's "security mandatory models." Starting on January 31st, 2019, Google will require that all security mandatory devices receive these updates.

This discussion has been archived. No new comments can be posted.

Google Now Requires Partner OEMs To Offer Two Years of Security Updates To Popular Phones

Comments Filter:
  • Not long enough (Score:4, Insightful)

    by Anonymous Coward on Wednesday October 24, 2018 @02:33PM (#57531183)

    It's a step in the right direction, but not long enough. Many people use the same phone for more than two years. Buying a new phone is expensive. It's wasteful to throw out older devices that are still more than capable of meeting the needs of their users. This should be more like five years rather than two.

    • by LostOne ( 51301 )

      True, that. But maybe, just maybe, this can be the camel's nose.

    • by bobbied ( 2522392 ) on Wednesday October 24, 2018 @02:45PM (#57531265)

      It's a step in the right direction, but not long enough. Many people use the same phone for more than two years. Buying a new phone is expensive. It's wasteful to throw out older devices that are still more than capable of meeting the needs of their users. This should be more like five years rather than two.

      I fully agree, plus they need to make vendors support user's right to repair by providing commonly used replacement parts such as screens, buttons, batteries and instructions to replace these things. I suppose an open boot loader is a bit much, but that would be a nice option too.

      If Google wants to help device users, let's help them.

      Personally, I'd shell out quite a bit of extra dough on a phone if I knew I could count of having repair options for longer than the warranty gives me.

      • by aitikin ( 909209 )
        Go buy some Motorolas. That's probably the manufacturer of my next phone: https://www.engadget.com/2018/... [engadget.com]
      • by The_Noid ( 28819 )

        Personally, I'd shell out quite a bit of extra dough on a phone if I knew I could count of having repair options for longer than the warranty gives me.

        Get a FairPhone. They sell replacement parts right on their website: https://www.fairphone.com/en/ [fairphone.com]

        • by afidel ( 530433 )

          You have to be kidding, an SD801 and they're still trying to get it running Nougat in Q4 2018, yeah, no thanks.

          • by The_Noid ( 28819 )

            If you always want the latest and greatest, then why are you complaining about the support not being long enough? You'll be buying a new phone every other year any way.

    • Mod parent comment up!

      The "2 years" Google is now giving is what has been already established. Everyone is expected to spend $700 to $1100 every 2 years on a new cell phone.

      There is NO REASON for Google to be abusive. A mid-level Google manager told me years ago that Google is making more money than it knows how to spend.

      Google has moved from "Do no evil" to "Let's be destructive to others if that will make money". One article: Google Removes 'Don't Be Evil' Clause From Its Code of Conduct [gizmodo.com] (May 18,
    • by jjbenz ( 581536 )
      I was thinking 3 years would be pretty good.
  • by ArhcAngel ( 247594 ) on Wednesday October 24, 2018 @02:45PM (#57531263)
    So the OEM will just say "Sorry, that phone is not popular."
    • The summary specifically states that popular = 100,000 activations. So regardless of what the OEM says, that 100,001th phone triggers this clause.

    • by fermion ( 181285 )
      In fact any OEM that is not Samsung could, deepening on how device is defined, roll out different models, for example, to different carriers to keep the sales to below 100K. It seems electric appliance manafucterers do this regularly, making slight modifications and changes in model number, I assume to minimize the effect of low price guarantees and the like.

      The cheap cell phone model depends on the ability to use whatever parts fall off the truck. This is similar to the cheap PC model from 25 years ago,

  • Two whole years!

    • Two whole years!

      That's kinda how I thought, too.

      Meanwhile, iOS 12 supports phones back to the 5s, which was released almost exactly 5 years ago.

      Oh, and iOS 12 actually IMPROVES performance on that old hardware, too, as well as provides the latest security updates...

      Google should be ashamed of itself.

      • Meanwhile Apple just got fined $10 million for degrading the performance of old devices with software updates. Along with $5 million for Samsung.

        • Meanwhile Apple just got fined $10 million for degrading the performance of old devices with software updates. Along with $5 million for Samsung.

          Yeah, by the same courts that fined Seismologists for an earthquake. And convicted a second person for a murder after they had already convicted a different one.

          • Italy are just the first ones to finish their case.
            There's similar cases ongoing in France and USA.

            • Italy are just the first ones to finish their case.
              There's similar cases ongoing in France and USA.

              Doesn't mean they'll have the same result.

  • Half-assed (Score:5, Insightful)

    by ilsaloving ( 1534307 ) on Wednesday October 24, 2018 @02:50PM (#57531299)

    2 years for popular phones? What defines a "popular" phone?

    How about 3 years for ALL phones? You want to use android? Then provide f__king updates. Don't want to provide updates? Then GTFO.

    Oh who am I joking? The consumer is the product. They care more about looking like they're doing something useful than actually doing something useful.

    • Got that right (Score:2, Insightful)

      by Anonymous Coward

      And it sounds like 2 years from LAUNCH? That's seriously weak. How about 2 years from end of sales!? That would at least be a start, unless we're really OK with becoming a society that throws multi-hundred-dollar devices i the trash EVERY FRICKING YEAR!

    • iphone 5s, released in 2013, is still supported by IOS 12 in 2018. Even people who change phones every two years would prefer to be able to resell a functional device. A phone without updates is a brick to me.
    • If you get a flagship phone (e.g. latest Galaxy, LG G series, Pixel, etc) there's plenty of updates for well over 2 years anyway. This is addressing the cheaper, less flashy phones that might still get a lot of sales yet never see an update.

    • by Anonymous Coward

      I'd be good with three years of security updates from the manufacturer and then open source the firmware/bootloader and let the crowd take over. Then if an older device is popular, it can stay updated by those that use it and have the coding bug. Sure, there would probably be some painful transitions here or there, but it'd be better than however many years the supplier says and then fuck you.

  • I hate to be paranoid, but couldn't even something like this be considered anti-competitive by the EU if they wanted more money out of Google?
  • Meaningless (Score:2, Insightful)

    by Anonymous Coward

    It should be two years starting from the date that the last phone is sold. Otherwise this is meaningless.

  • by Blue Stone ( 582566 ) on Wednesday October 24, 2018 @03:36PM (#57531565) Homepage Journal

    So, a several-hundred dollar piece of consumer technology now has a lifespan cap of two years. Ridiculous.

    Sounds like planned obsolescence to me.

  • what about the phone carriers? ban there rom's or force some like samsung to give out an knox safe base rom file.

  • All this nonsense about fragmentation, etc... Google could have done this at anytime. They have finally taken responsibility for the wares they create. Quite happy to hear this. Two years is better than nothing. Would have been happier with three years. By the time people purchase these phones, a good 9 months could have passed. Means that end-users might only be receiving actual OTA updates for about a year.
  • If Google really wants Android to stop sucking, it's simpler than trying herd that particular batch of feral cats. They need to learn the lesson Apple learned when they made the mistake of partnering with Motorola on the ROKR... the same lesson Google themselves should have taken to heart years ago... and kick all these crap composite like Samsung, HTC, Xiaomi, and the aforementioned Motorola, revoke all their licenses, bring the hardware in-house along with the software, and do it all themselves. They al

  • Stop this nonsense and just make Android One the only valid certified Android.
    Updates come directly from google, how it should be.

  • The Nexus 6 (Motorola XT1103 Shamu) has better performance and features compared to many current phones but the last security update was October 2017 (7.1.1). It is just obsolete because of the lack of updates.

Some people manage by the book, even though they don't know who wrote the book or even what book.

Working...