Android update situation
by Volker Weber
#BBSIRT has released an advisory for our July #30dayPatchingSMR, read about it here https://t.co/I6go3N19aS pic.twitter.com/MwTgX2sPxc
— BlackBerry SIRT (@BBSIRT) July 5, 2017
Follow the link and you get to the July security bulletin:
BlackBerry has released a security update to address multiple vulnerabilities in BlackBerry powered by Android smartphones. We recommend users update to the latest available software build.
When BlackBerry says "release" it does not mean they also deliver. DTEK50 and DTEK60 received no update in all of June and are wating for the latest and greatest in July. PRIV received a 14 MB small update bringing the patch level to July 1 (not the full patch July 5). KEYone, which BlackBerry Mobile takes responsibility for is also waiting for AAM481 which is available in some regions but not here. That should take the phone to July 05.
To add some perspective, the Huawei P10 recently received an update, taking it to May 5, the same level as the DTEKs are sitting on.
Comments
Galaxy S7 (free device) still on May 01. Disappointing.
Maybe Samsung releases monthly security updates as advertised, but they don't deliver them.
Interesting. My Samsung Galaxy S6 (also non-branded) recently received a security patch for June 1st, after an upgrade to Android 7.0 a few weeks ago. Samsung seems to release (not exactly) quarterly security updates and I am happy that this two generations older model still receives security updates. Not as good as BlackBerry (was) with their update cycle, but notably better than other Android phone manufacturers.
Volker, doesn't that mean that if you really care about security as a consumer there is exactly one phone you can buy? Windows Phone dead, BlackBerry OS dying, Androids insecure and not even the BlackBerries on the latest patch level - there is only one left.
And the Pixel.
Right. Google and Apple. Thank God for the Duopoly. Imagine you could only buy Ford and Tesla cars in the world and each of them only had two or three models on offer. How crazy is that?
My personal problem with both the Pixel and the iPhone is that I do not like the hardware. Too much bezel and therefore too big and heavy for the display real estate, too much glass and therefore too slippery. Plus, the iPhone hardware has not changed since 2014.
I recommend the iPhone 7 Plus and a silicone case. Not slippery at all, and a great package. A few months from now I might recommend something else.
I have defended the Blackberry Androids for to long and the whole Android 7 debacle is the final straw. Now I have to bite "into the sour apple" :)
Let's wait a few months then, BB 10 still going strong ... :)
If that is a Passport, keep holding on to it for as long as you possibly can. This is one of the best mobile devices ever built.
Z30, second best ever :)
I don't miss (m)any apps, so BlackBerry 10 is still good enough for my needs. I do love the Hub, the multilingual keyboard, the combined calendars, etc. etc. Device looks almost new thanks to a BB leather case, so I will indeed hold on to it for the time being.
Fun fact: My wife's Huawei P8 lite (2015) received an update some days ago: patch level 1. June 2017.
Jochen, Volker, Samsung is currently patching the S8(+) every month, towards the middle of the month, with the current Android patchlevel. This might change, but ATM I am quite happy with their patching.
Nokia (the 'new' one) is saying that they want to patch quickly as well. We will see.
Overall, Google really should take care of that. But as long, as the majority of consumers does not care...
Hubert, isn't that exactly the problem that manufacturers use security patches as a marketing tool, i.e. only supporting the latest flagship devices and ceasing updates as soon as a new one comes out, in your case the S9 next spring?
Pixel has almost the same price tag as the iPhone.
And it has almost the same software support.
Looks like you get what you pay for.
You always get what you pay for. Unless you buy a Galaxy S8. Then you get a little extra called Bixby.
Jochen, if that is the case, absolutely. I am not sure how it is, but I think, Samsung is patching Flagships longer, but I can see your point. In reality, 'the market's does not seem to care about Android security patches. Android major versions - maybe. But security patches... Google should try harder here. But it is complicated, especially Google - Samsung.
Volker, Bixby does not make sense to me. This is, why I am disabling Bixb with e.g. Package disabler. I could also repurpose the key (yes, it is working ATM, even with the latest try and yes, this could change) to almost any action - I just leave it disabled.
Bixby only makes sense for Samsung. And they will force you.
They can and will try. Fortunately, there is more choice here, than where I was before. And others are also trying to force me use their crap. So what.
There's another school of thought here, if you're inferring that Apple products are more secure (disclosure: I would probably agree with you).
How many bugs are in the iPhone aren't reported to Apple, and will never reach one of their security updates?
https://motherboard.vice.com/en_us/article/gybppx/iphone-bugs-are-too-valuable-to-report-to-apple
There are two ways to look at this problem. iOS bugs are priced outside the budget of criminals. Those have to turn to Android.
Another update on my wife's Huawei P8 lite 2015, Google patch level 1. Juli 2017., delivered in Juli. Not bad, I'm slightly impressed. I would be more impressed if my own Honor 6x, which is 1.5 years newer, would get an update, it's still on patch level 1. March 2017 … I don't get Huawei's strategy behind this …