Google forces smartphone makers to issue Android security patches

Android security patches

Google has taken a bold step to contractually obligate smartphone makers to issue regular Android security patches.

Starting with Android P smartphone makers must issue regular Android security patches via over-the-air updates. Android P security patches are independent of any customisations by smartphone makers and Telcos.

Head of Android security David Kleidermache said that OEMs will now be contractually obligated to issue regular security patches.

“We’ve also worked on building security patching into our OEM agreements. This will lead to a massive increase in the number of devices and users receiving regular security patches.”

If you are interested, Kleidermacher has a 32-minute updated on Android security.

Android P is shaping up as a major upgrade. GadgetGuy has covered its new features  here

Also, at Google, I/O is “What’s new in Android P?” It is 34 minutes.

GadgetGuy’s take – Android Security Patches make it as secure as any other smartphone operating system

OK let be clear – Android P, and to a slightly lesser extent Android O, are as secure as any other smartphone operating system. It achieves this via Android security patches issued over-the-air regardless of the smartphone maker or Telco.

You can read more about Android safety here.

Google has tried the ‘big stick’ approach demanding makers process operating system (OS) version and security updates, but that has not worked. It has tried making critical APIs not backwards compatible with older Android versions.

All that means is that Android remains as fragmented as ever.

Android security patches

Our recommendations on how to be safe include

  1. Buy an Android 9/x or 8.x phone (preferably with a guaranteed upgrade). Android just keeps getting better and more secure.
  2. Buy from one of the top makers – Samsung, LG, Sony, Lenovo (Moto), Huawei, BBK (includes OPPO, vivo and Oneplus), Xiaomi, TCL (Alcatel and Blackberry), HTC (including Google Nexus) and of course Google if you want any semblance of manufacturer commitment to Android Security patches. There are around 1,300 Android smartphone makers all up with about 85-90% of the global smartphone market!
  3. Only download from Google Play and do not root Android to load an app from elsewhere.