Why Google's Big 'Four Year' Android Update Promise Is a Little Misleading

An anonymous reader quotes a report from Android Police: Today, Google and Qualcomm announced what seemed like a big improvement to updates for Android smartphones. The headlines (ours included! We were confused, too) largely read as though Android phones with Qualcomm chipsets would now receive "four years" of Android updates, an additional year on top of what manufacturers like Google and now Samsung have offered on their top-tier smartphones. Except, that's not actually what it said. After confirming with both Google and Qualcomm (and chatting with AP alumnus Ron Amadeo), I received confirmation of what I suspected was the point of confusion about today's news, and that, in fact, very little is changing if you have a Google Pixel or high-end Samsung smartphone. Currently, Google and Samsung both offer three major OS updates on their well-known smartphones. Today's announcement from Google and Qualcomm does not add to that figure. Instead, the announcement merely makes policy what has long been an optional extra for smartphone OEMs who work with Qualcomm, and does not actually "extend" the lifespan of Qualcomm's highest-end chipsets in a meaningful way.

If you're confused, I empathize. But Qualcomm and Google kind of hid the ball on this one in a way that was really, really easy to miss, and which most people (including me) didn't spot at first glance. Here's what's actually changing:

— Qualcomm will support three major Android OS updates for its entire portfolio of smartphone chips going forward, starting with the Snapdragon 888
— Smartphone OEMs will likely be able to now offer four full years of Android security updates going forward (based on our reading of the announcement)

That's it! So, where does all that "four years" and "four Android OS versions" business come from? It's really just a very generous marketing explanation of what was already the policy for Google's Pixel phones (and, again, now many of Samsung's), and it's a tad misleading. Right now, Google's Pixel phones get three years of Android OS and security updates from the time they are released. That means around 36 months of security patches and three major platform updates. Under the new system from Qualcomm, that could be extended to 48 months of security patches, but it would still be just three major platform updates. Neither Google nor Qualcomm is promising more major platform updates for high-end Android smartphones, they're only saying that all Android smartphones with Qualcomm's chips from the newly-announced Snapdragon 888 forward will be eligible for three major platform updates and, as far as we can tell, four years of security updates. As for the four versions business, Google's own slide from today's announcement makes clear that this includes the version of Android the phone shipped with. As in, your phone will, over its lifetime, run four versions of Android: the one it came with, and three subsequent platform updates.

Fuck them anyway.

[jddj]

My Nexus 7 2013 was plenty fast enough when they walked away. Won't ever invest in an Android tablet or a Google product again.

Re:Fuck them anyway.

[theshowmecanuck]

I agree. I really don't like Apple, but considering they provide security updates to their iPhones for more than twice as long, I will probably bit the bullet and buy one when I retire my Pixel 2. I don't really care if Android doesn't provide new features for the Pixel 2, but it pisses me off that they don't provide security updates. So, I second the motion, fuck them, anyway.

Re: Fuck them anyway.

[BarbaraHudson]

Bought an Android Motorola the week it came out in 2015. Barely 2 years support. The iPhone 6 I'm posting with came out more than 6 years ago, got another update a few weeks ago.

Wouldn't be surprised if it makes it to 10 years:

Re:

[drinkypoo]

If your 2015 Moto device is unlocked, then you can unlock the bootloader, and probably run Android 10 on it in the form of Lineage OS, Pixel Experience, or another popular and well-supported ROM. When Apple discontinues support for your iDevice, nobody else will be able to support it for you.

Re: Fuck them anyway.

[drinkypoo]

Oh look, downmodded for facts as usual. Triggered, iFanboy?

Re: Fuck them anyway.

[drinkypoo]

CyanogenMod became LineageOS, with superior management. So if you want CM, get Lineage. If you want root, also install Magisk.

Re:

[sg_oneill]

This also is much much nicer as a developer

Apple tends to allow upgrades as long as feesibly possible (notwithstanding shenanigans of underclocking older phones to preserve battery or whatever the excuse is). That means its a lot safer to use fancy new APIs because most people will be able to use apps that rely on those APIs from very early in the cycle.

Google have done some good work backporting stuff, but it really is a messy situation that ends up with devs having to code for the lowest common denominato

Re:

[antdude]

I was surprised to see Apple still providing security updates for old iPhone 6+, iPad air, etc. with Monday's v12.5. I wonder how much longer will Apple provide updates for them.

Re:

[ctilsie242]

I'm surprised as well. Even an old iPod Touch I bought in 2015 received a security update.

This is where Android devices makers need to take note. If they can make a phone and guarantee at least 5 years of updates, it would be something that people would use as a factor to buy. The iPhone 6S I bought in 2015 still runs iOS 14, and even when it won't get a new major version update, there will be a year or so where security and other fixes will be pushed. I don't see any phone in the Android ecosystem even

Re:

[MeanE]

The iPhone 6s Plus has outlasted it's contemporary the Nexus 6P, it's successor the Pixel and now just recently the Pixel 2. It will be interesting to see if it's still getting updates, even if just security, when the Pixel 3 hit's its EOS date of October 2021.

Mainline kernel

[DrYak]

I really don't like Apple, but considering they provide security updates to their iPhones for more than twice as long,

If those phone could rely on vanilla mainline kernel, you could get a pretty good life-time out of some GNU/Linux distro.

Case in point:
- despite needing a libhybris monstrosity to ingest android drivers, and thus being stuck on ancient kernels, Jolla (the team of engineers formerly doing Linux stuff Nokia before the whole Stephen Elop happened upon them) still release Sailffish OS updates even for their first phone 7 years later.

I am really interested into seeing what happens with modern smartphone

Re:

[theshowmecanuck]

The problem with custom ROMs is that they are only supported by people who are interested in supporting them, usually because they are doing a build for their own phone. And they aren't super diligent about addressing issues because it is normally a side gig or hobby. I used Cyanogenmod on my LG phone that I got in 2011 because LG decided they would release and abandon it in the same year. It was OK, but was very spotty for security and stability updates. And then the guys who originally developed it for th

Mainline kernel+GNU/Linux => larger communinty

[DrYak]

The problem with custom ROMs is that they are only supported by people who are interested in supporting them, usually because they are doing a build for their own phone.

My *whole-point* of using main-line kernel and GNU/Linux is that

what was:

- support for "hardware XyZ" is one guy doing a specific build for this specific phone (but is nice enough to share it on XDA-Dev forum), because that's what they currently have as a daily driver. (And because of their technically skill, they're working a nicely paid jobs and in 6 months they'll switcher to a newer/better toy)

becomes:

- Manjaro ARM / Ubuntu Touch / etc. : includes out-of-the box support for lot of ARM de

extreme example: x86 hardware

[DrYak]

Taken to the extreme, this where x86 is already (thanks to heavy standardisation of the platform).

Bar for rare occurence of weird custom hardware, you don't rely on images released by some guy on some forum who just happens to have the exact same laptop model as you.

You just download a linux distro image and write it to a USB or CD (and thanks to even more standardisation, the only bootloader stuff you need to take into account is UEFI vs legacy BIOS on vintage hardware).
And stick it into a computer. And th

Re:

[AmiMoJo]

You do get security updates, what you don't get are feature updates.

The security side is handled by Google Play Services which can and does patch and mitigate security flaws on your phone. However the OS and the kernel won't be updated, meaning no new features (except for ones provided by apps of course) and potentially security issues at very low level, but those only tend to be an issue for attackers with local access since anything else can be mitigated at higher levels.

The Apple system isn't all that wo

Re:

[theshowmecanuck]

From Android Authority:

• * In December, Google will issue the last of the Google Pixel 2 updates.
• * After that update, the phone will no longer receive security patches or new Android versions.
• * The Pixel 2 will still work without updates, but it won’t be as secure.

Here is the link: https://www.androidauthority.c... [androidauthority.com]

Re:

[AmiMoJo]

That is incorrect, it will still get security updates via Google Play Services. That can update components of the OS, just not the kernel or drivers.

Re:

[theshowmecanuck]

Further, updates from the play store may still happen. But those are only for apps running on the phone. They are not security patches for the OS that actually runs the phone.

Re:

[drinkypoo]

FWIW the community for the N7 2nd is very strong. Before mine died this last time (I've done two battery replacements, I think this time it's USB) I was running Android 10 on it, and it was very smooth and stable. If yours is still working, maybe just needs a new battery, it's totally worth rooting and upgrading.

Re:

[ThurstonMoore]

I had an Asus flagship android tablet when they first came out that got no updates and quit working with apps within a year.

Re:

[thegarbz]

I'm curious as to what you think you're missing? Is it all the fancy new features that no one cares about or the security risks that don't seem to materialise?

Last time I got excited about an Android OS release was 2012 with Android 4, everything past that has not changed my life one bit.

Re: Fuck them anyway.

[jddj]

1. Security updates. I don't know what you mean by 'never materialize'. I see them reported all the time.

2. Apps often require current OSes to run (I suppose through linkage to shared resources). No apps, no point.

I don't really care about OS features, provided a certain minimal feature set works. If it worked in 2013, it was good enough then and is now.

Not quite

[whoever57]

As in, your phone will, over its lifetime, run four versions of Android: the one it came with, and three subsequent platform updates.

Only four if you buy it close to initial release: before the first update.

Re:

[SeaFox]

Nah. They don't redo the factory image. Even if you buy your phone long after new Android versions are out it will still come with the same version it shipped with when it was launched. You'll just get the spend the first 30-45 minutes after you turn it on for the first time watching a progress bar on an updater.

Re:

[ctilsie242]

At beast I've seen phones go up one, maybe two Android versions before the smartphone maker just does minor upgrades, and eventually stop. Oftentimes, the version of Android you get might be updated for six months... then, that's that. If lucky, you can unlock the bootloader and move to LineageOS. If unlucky, where using it as a backup authentication device is too risky, security-wise, the phone gets retired to the dead cellphone drawer for good.

I just don't understand why more Android makers allow for v

Re:

[AleRunner]

At beast I've seen phones go up one, maybe two Android versions before the smartphone maker just does minor upgrades, and eventually stop. Oftentimes, the version of Android you get might be updated for six months... then, that's that. If lucky, you can unlock the bootloader and move to LineageOS. If unlucky, where using it as a backup authentication device is too risky, security-wise, the phone gets retired to the dead cellphone drawer for good.

The thing to do is to not just be lucky. Go to the LineagOS devices page [lineageos.org] and there are normally several fully up to date devices supported. It should be the first place to check when deciding which new device to buy. Even if you don't switch over immediately it gives you backup.

once you've done that check which of the models you like allow unlocking the bootloader without voiding the warranty at least OnePlus [oneplus.com], Pixel and I believe Xaiomi. Do not buy Samsung!.

I just don't understand why more Android makers allow for version "n" phones to run "n+2", at minimum, or perhaps "n+4" versions of Android. It would be a selling point, because Apple pretty much guarantees a device made recently will run the latest iOS, even if it doesn't have the latest poop animations. If one Android phone maker did this, people definitely would choose them over the competition for longevity's sake.

Apple continues to extract money from people w

Re:

[ath1901]

I'm still using my LG G2 Mini from 2014 as my one and only phone thanks to LineageOS. It was a budget phone back then so the fact that it has lasted this long is really amazing. (Sadly, now even LineageOS has dropped support for it though)

I do find the short term support of android devices to be appalling. People are expected to use phones for more and more important stuff like banking and doing so from a device with NO security updates is just incredibly stupid. It is equally idiotic to expect people to bu

Re: Not quite

[fbobraga]

lineages.org (my S5 orinaly was fabricated to run Android 4: now it runs Android 10...)

Antenna Limits...

[The New Guy 2.0]

Part of the reason we have to turn in our old phones is that the antenna fails/burns out after a few years of normal use. That used to be two years per candybar phone, now it seems our smartphones last for four years.

Enough already

[WaffleMonster]

I can't believe the world continues to tolerate this insanity where every vendor bakes a custom rom specific to each and every variant of every device only to promptly abandon all responsibility for it the second the next model rolls off the line.

Can you imagine what the world would be like if x86 hardware worked this way? There might have been a credible technical excuse for this behavior decades ago due to hardware limitations. In 2020 this is utterly ridiculous.

Re:

[Anonymous Coward]

There might have been a credible technical excuse for this behavior decades ago

There might have been , but there wasn't. This is deliberate abuse of the customer with malice aforethought.

I can't wait for class action which makes some disgusting bunch of lawyers rich beyond their wildest dreams. I would hope the EU would see the potential that, since devices with a potential useful life of over 10 years (demonstrated by the fact that a lot of them go to (eg Africa) and get used for a life of 10 years) bu

Re:

[bill_mcgonigle]

Android's HAL project was working pretty well as of Android 9 and 10. The vendors don't have to do too much except package the drivers. A few of them will ship Android one or some AOSP variant, but most of them are incredibly greedy and load up their phone with all kinds of shitwear for cash. Its that level of customization that makes updates more difficult. So yes, many types of greed are causing problems for regular people.

Re:

[AmiMoJo]

That's exactly how x86 hardware worked for decades. How quickly people forget.

Back in the DOS and 95 and XP days your branded PC came with a bunch of drivers installed, and a restore CD that was basically an image of the hard drive. One day Microsoft would issue some security patch that broke one of your drivers and the manufacturer would tell you the solution was to uninstall the patch. Even things like Service Packs were often unsupported.

Remember that there were only a few years between versions back the

Re:

[drinkypoo]

Since the internets have been a thing it has been SOP to provide driver downloads. Some rare PCs I've had to bake the drivers into a Windows install CD, even manually ("slipstreaming") but never have I ever been stuck with the manufacturer's install CD. With DOS this was even less of an issue. Any PC would boot bog-standard DOS because DOS only depends on BIOS.

Re:

[AmiMoJo]

Back in the day it was often very hard to find drivers, and when you did you found that they only worked on some specific version of Windows. They used to do things like change the vendor ID so you had to use their driver, presumably for support reasons, but of course that meant you were always on ancient versions and they didn't care about security. At least you could edit the .ini file before driver signing became a requirement.

Re:

[WaffleMonster]

That's exactly how x86 hardware worked for decades. How quickly people forget.

No, it's never worked that way. The things you are bringing up are orthogonal to the issue at hand.

Back in the DOS and 95 and XP days your branded PC came with a bunch of drivers installed, and a restore CD that was basically an image of the hard drive. One day Microsoft would issue some security patch that broke one of your drivers and the manufacturer would tell you the solution was to uninstall the patch. Even things like Service Packs were often unsupported.

The problem with comparing Windows OEM is that you can go to the store and buy a normal ggeneric non OEM Windows from your neighborhood computer store and that same software would install on the branded computer the same as any other non-branded one so long as the computer met system requirements. It might really suck. You might have to hop on a BBS and download a driver or go back to the store and buy a ne

Re:

[thegarbz]

I can't believe the world continues to tolerate this insanity where every vendor bakes a custom rom specific to each and every variant of every device only to promptly abandon all responsibility for it the second the next model rolls off the line.

Allow me to pose a question, the answer of which may prompt you to understand why this is tollerated:
What are you missing? What amazing new feature are you pissed off you're not getting? Even security updates have been borderline irrelevant in the mobile world. So again, why would I not tolerate something I don't care about. Android 4 was the last OS update that actually brought exciting new features to the OS. The 8 years since then have been rearranging the deck chairs. Not getting updates doesn't seem to

#AppleSux

[fbobraga]

Negative slashvertisement? Again?

Environmentally Reprehensible Behavior by Big Tech

[neonman]

Google loves to pat itself on the back for supposedly having some of the worlds the greenest data centers, but apparently thinks it's perfectly fine to generate a mountain of e-waste by forcing its users to throw away perfectly functional hardware after 2-4 years. If pressed for an explanation, they'll try to blame Qualcomm for proprietary BSP issues, but does anyone with a brain believe that a company with as much buying power as Google has to put up with such BS from a chip vendor?

The latest Linux kernel can still be run on hardware from the early 90s.

What's in an OS update anymore at this point?

[Voyager529]

Google seems to be putting more and more of the stuff you'd actually want to be updated into apps and services. New user facing features seem to be added more to the Gmail app or the Google Assistant, maybe Lens or Phone or Messages. If they decide not to backport all that stuff to Oreo, so be it, but none of those things require OS updates.

New API versions for apps have been part of the Play Services for so long, that behavior goes back to Gingerbread.

I'm not necessarily saying the OS is done, pack it in,

Re:

[bemymonkey]

My girlfriend spent the last few years with a Nexus 5 running Marshmallow. Only just upgraded to a Pixel 4a a few days ago.

Honestly, it ran everything just fine if you could live without the warm fuzzy feeling of security updates. She's still complaining that I made her upgrade.

Re:

[fph il quozientatore]

That's a strange way to put it. Do you also think you can drive without the warm fuzzy feeling of seatbelts and airbags?

Re:

[drinkypoo]

Do you also think you can drive without the warm fuzzy feeling of seatbelts and airbags?

Many people do, and most of them don't die.

I wear my belt, but I can do without airbags. I don't disable them when present, but I don't worry myself about not having them.

I wouldn't run an unpatched device, though, especially since Nexus devices are bootloader unlockable and you can install an updated Android from XDA-Devs.

Re:

[Voyager529]

That's a strange way to put it. Do you also think you can drive without the warm fuzzy feeling of seatbelts and airbags?

Well, being as my last "Security Update" was done without my consent, only to have its installation break my ability to turn on my Wi-Fi and cause my LTE data to disconnect constantly (causing far more dropped calls until I disable LTE data so the phone doesn't use VoLTE)...I'm curious what 'vulnerabilities' were patched that, if exploited, would have been worse than the result of that update.

I find myself more and more comfortable rolling the dice with the hackers. They cause me fewer problems than most OS

Could support meaningful change, but won't

[mikeebbbd]

Pixels and flagship phones may get 4 years of patches and 3 system upgrades. Also note the qualification in the summary: "Qualcomm will support three major Android OS updates for its entire portfolio of smartphone chips going forward, starting with the Snapdragon 888." So this won't help any existing phones. And for non-flagships you'll still be SOL. There's nothing in the new "policy" that prevents OEMs from offering shorter support periods or simply none. Nokia, for instance, offers 3 years of updates an

How about this instead

[Waffle Iron]

I'd prefer to get *zero* platform upgrades, but receive at least 7 years of security patches.

Is that asking too much?

Re:

[AmiMoJo]

LTS versions of the Linux kernel only get 6 years of support. 7 years of security patches is unrealistic I'm afraid.

Well, you could pay for it, but you won't like the price tag.

Re:

[drinkypoo]

Buy a Moto phone, Android One edition. They will probably give you zero OS updates (maybe one) and they will give you security updates for around five years.

I am personally bummed that my X4 didn't get an official Android 10 ROM, but I'm now running Lineage 17.1 unofficial and I get weekly OTAs so I can live with that. At least unlocking still works with Moto.

Until they commit to OS updates, I'm only buying them used from now on, because I do want OS updates. But they still seem like the least of evils when

Re:

[thegarbz]

Android security is already decoupled from the OS. The overwhelming majority of net facing components are also not tied to the OS, they made that change some 6 years ago. A large portion of security fixes are delivered through the Play Store silently to even woefully outdated smartphones.

Here's my 4 year old phone:
Android version 8.0.0 (5 API releases behind the current model).
Android Security Patch Level: 1 Sep 2020
And that's before you consider software that actually poses a security threat which is alway