[HN Gopher] Samsung now updates Android for longer than Google does
___________________________________________________________________
Samsung now updates Android for longer than Google does
Author : samizdis
Score : 154 points
Date : 2021-02-23 16:25 UTC (6 hours ago)
(HTM) web link (arstechnica.com)
(TXT) w3m dump (arstechnica.com)
| foobaw wrote:
| As someone that worked at an OEM, updating used to be a huge
| hassle and required a lot of R&D work. Project Treble definitely
| simplified this effort and I'm glad this is enabling and making
| life better for users.
| abrouwers wrote:
| I'd love to believe that, but I'm a OnePlus owner who bought in
| with the "promise" of major OS updates for 2 years, and
| security for 3. My device (a 6T) crossed the 2 year mark in
| November, with no sign of Android 11 in sight. Between the M1
| mac & android getting progressively worse, I've never been
| closer to abandoning Linux & Android.
|
| EDIT: Android 11
| hojjat12000 wrote:
| I also have a Oneplus 6T and it has been running android 10
| for a year now. It also receives security updates frequently.
|
| If you are talking about android 11, it is also in the works.
| Maybe in a few months the first beta will come out. They have
| confirmed that 6T will receive the update though.
| abrouwers wrote:
| Sorry, typo - it should have said Android 11. I agree that
| it MIGHT happen at some point, but it's an example (IMO) of
| how bad the Android ecosystem is, compared to apple. This
| phone really makes me believe OnePlus is definitely more
| interested in the next, new hardware, rather than
| supporting their existing.
| thargor wrote:
| Android 10 has been available for op6/op6t since 2019. I'm
| actually posting from an op6 with android 10.
|
| Maybe you are talking about android 11?
| abrouwers wrote:
| Whoops, terrible typo! Yes, Android 11.
| [deleted]
| koyote wrote:
| I'm in the same boat (same phone) but I don't really care
| anymore?
|
| Back in the days of Android 1.5 to ~5 a new update meant a
| ton of new features and fixes. Now all we get are slight
| cosmetic tweaks that are not even always for the better.
|
| My partner has a pixel which is on 11 and I don't see the
| difference when using her phone.
| hef19898 wrote:
| Stock Android and constant updates are the main reasons I
| dumped Samsung for a Nexus back the day. I stuck with Pixels
| and Nexuses ever since.
|
| Android One is changing that. Now, some mid-range Nokia phones
| are at the very top of the list. Why? I just looked up what
| kind of Nikon cameras I could get, used, for the difference
| between a Nokia 5.4 and a Pixel 4. That settled it, with the
| camera being the main difference for me.
| mattlondon wrote:
| I had the same journey. Nexus/Pixels then the pixel 4 was too
| expensive for me so I got myself and the wife Nokia 7s.
|
| Suffice to say that both Nokia devices failed due hardware
| failures of the charge port. This happened 3 times to 2
| devices. One device also just bricked itself out of the blue
| one day and needed to be returned. All this in about 18
| months. Not great.
|
| We have now gone back to Pixel 3a (wife) and 5 (me). Probably
| won't go back to Nokia anytime soon - the hardware quality is
| just not there.
| hef19898 wrote:
| The only reason I have to replace my Pixel 2 is the charge
| port. Sometimes it charges, sometimes not. Tried every
| cable I have, every charger.
|
| Limiting myself to Android One, and around 200 - 250 bucks,
| what phones are out there? Are the Motorola ones any good?
| depressedpanda wrote:
| I had that exact issue with my phone. Then I used very
| thin toothpicks and a needle to clean out all the lint
| that had gathered in the charging port. It required a lot
| more force than expected (broke several toothpicks),
| since I had compressed the lint so much by pushing the
| charger inside the port when trying to get the phone to
| start charging.
|
| My phone has worked great ever since.
|
| If you like your phone, I would recommend you take a look
| before replacing it.
| leetcrew wrote:
| pixel 4a is pretty good for $350. I just upgraded to one
| from my pixel 2 and I have no complaints so far (I had
| the same issue with the pixel 2 charging port lol).
|
| if you bought your pixel 2 from google, there's a good
| chance you have a $100 google store credit sitting in
| your account. if so, that would bring the pixel 4a down
| to your price range. wanted to let you know just in case.
| I'm currently kicking myself because I forgot I had that
| credit and paid full price for the phone.
| hef19898 wrote:
| That credit would be great... Just checked, I bought it
| from Amazon. Too bad...
| rektide wrote:
| Until the world sees an Android device get a kernel upgrade,
| imo, Android is a cruel cruel cruel joke, ecocide-al insanity.
|
| The world can not afford to let high tech devices rot away like
| they do.
|
| I too am excited to see something done. Abstracting over the
| entire kernel is a helluva Extend-Embrace-Extinguish policy,
| but at least some updates will come. I remain doubtful that
| we'll see kernel upgrades though. Even though the whole device
| driver architecture is now abstracted from the kernel, now
| offered by Treble, I still expect there'll be a lot of
| compliance cold-feet & general-low-ambitions to support less-
| than-current devices.
|
| The whole idea of kicking out a pervasively connected
| communications device that has a hard wall for how supported it
| will be, that no one else can help maintain, is just corrupt &
| vile. It's sad to see such mal-use of Linux.
|
| Post script: I don't blame Google per-se for this all. Trying
| to applicationize a computing device, turn it from a general
| purpose system where thing can go wrong into a product that
| works reliably & can be let onto cellular networks is a
| difficult challenge, and against the grain of the highly
| hierarchical systems of power that have flowed in the world.
| None the less, it is sad to see an un-upgradeable Linux where
| owners can't get root, their apps will lock them out if they do
| (Android SafetyNet), where bootloaders are usually locked, and
| where driver support is only for OEMs. It rather makes me think
| of the other dominating factor in computing, the de-
| generalization/specialization of computing as it effervesces
| into the cloud, an unfortunate juggernaut of a trend I wrote
| about earlier today[1].
|
| [1] https://news.ycombinator.com/item?id=26238376
| 177tcca wrote:
| How do we compromise the e-waste with the fact that a Pixel
| and Pixel 2 already have, comparatively speaking, insecure
| hardware to the latest secure phones?
| rektide wrote:
| There is improved physical security, but I'm not aware of
| any hardware errata out there that would make the a Pixel
| or other internet-communicator insecure to use as an
| internet device. If you can upgrade the kernel, you can get
| modern defenses against timing attacks (which mainly but
| not exclusively have appeared in x86 archs), &c.
| 177tcca wrote:
| There's no upstream firmware being patched by Google. The
| phone is effectively unpatched once the hardware
| manufacturer gives up on maintaining its security.
|
| This is a fundamental misunderstanding for, I'd guess,
| well over half of the custom ROM/custom phone OS
| community. ie: Lineage is customizable, and helps certain
| activity be more private - but it shatters security.
| deostroll wrote:
| Why hasn't anyone noticed that along with security updates apps
| also get installed? For e.g, in India Moj or PhonePe gets
| installed...
| perryizgr8 wrote:
| Because it is not true, I haven't noticed this on my S10.
|
| Edit: A bit of searching has revealed that it may be true for
| mid/low tier devices.
| dartharva wrote:
| That's a flagship device. Obviously they won't be doing that
| to flagship devices.
| cute_boi wrote:
| In India they do such thing even on flagship device.
| Abishek_Muthian wrote:
| Interesting to see Galaxy M series on the list, they're made in
| India/Made for India smartphones, Decent hardware but subsidized
| with bloat. The Samsung One UI in the M series seems completely
| different to One UI from other Samsung devices, especially from
| other countries.
|
| It has all the international data hoarder apps and their local
| equivalents preloaded in the firmware. Apps install notifications
| from Samsung store masquerade as security updates notification.
|
| Even after disabling the bloat I could, the phone shows about
| 3000 requests from the blocked list/day on Pi hole. This kind of
| discriminatory behavior is unacceptable but goes unnoticed as
| Samsung is pulling this off only in India AFAIK.
| solarkraft wrote:
| > data hoarder apps
|
| Do you mean spyware? Data hoarding is a term usually applied to
| archiving public media, not personal data.
| Abishek_Muthian wrote:
| True, But I've seen data hoarding used negatively to imply
| anti-privacy behavior[1].
|
| [1] 'Facebook has suspended 'tens of thousands' of apps
| suspected of hoarding data'-
| https://techcrunch.com/2019/09/20/facebook-suspends-apps-
| hoa...
| mcraiha wrote:
| Topic should be more like "Samsung will deliver security updates
| for at least four years to certain devices while Google
| guarantees only three years for Pixel devices"
| simonh wrote:
| "iOS still offers the best update plan in the industry, with iOS
| 14 support going all the way back to the iPhone 6S, a phone
| released in 2015."
|
| That implies 5 years of support. Samsung is only offering bug
| fixes and security updates for up to 4 years from release though,
| not major releases. The iPhone 5s just got a point release this
| January, and that phone came out in 2013 so that's over 7 years
| and counting. The iPhone 5 also got 7 years of fixes (well, 6
| years and 10 months).
| amanaplanacanal wrote:
| I used android phones for years, but this is exactly why I
| switched to iOS for my last phone. I was tired of having a
| perfectly good phone that I could no longer get security
| updates for.
| vetinari wrote:
| It is not correct to compare Android updates to iOS updates.
|
| On iOS, the bundled apps are locked to the iOS release. One of
| these is Safari - the only browser allowed on iOS. So to have a
| current browser it is critical to update the underlying OS too.
|
| On Android, this is not the same. The apps are updated even if
| the OS is not; so you will have Chrome (or Firefox) in the
| current version, even if your vendor doesn't update the OS.
| 908B64B197 wrote:
| Assuming the app vendors still targets old stale releases.
|
| Fragmentation on Android makes it worthwhile to only test on
| the flagship phones with a few different version. Everywhere
| else is pretty much too small to be worth the effort.
| blinkingled wrote:
| Right. Newer Android versions keep adding more and more
| critical stuff that gets updated via the play store - ART
| (Android Runtime) will be a Mainline module in Android 12
| that would allow Google to update it without needing a system
| OTA update. Chrome/System WebView have been updated via Play
| Store since Android 5 I think.
|
| https://source.android.com/devices/architecture/modular-
| syst...
| foolmeonce wrote:
| The manufacturer/google installed apps really undermine
| what little trust I have in Android security. If you do a
| normal OS update, the old version is gone. With these
| playstore things, ancient versions are sitting in storage
| waiting to be rolled back to (or probably otherwise
| executed with the permissions they shipped with,) since no
| one can be trusted to know they don't need bloatware.
| simonh wrote:
| That's better than nothing, but still pretty half arsed. To
| see why, here's the latest monthly Android Security Bulletin.
|
| I count 43 of these fixes are for issues with the underlying
| AOSP platform, kernel and drivers. One of them is a Play
| Store codec update. Admittedly not all of those fixes are
| relevant to every device because some of them (about a dozen)
| are specific driver updates, but over 40 fixes in one
| randomly chosen monthly update isn't trivial. This is what
| you lose when your device goes out of support.
|
| https://source.android.com/security/bulletin/2021-02-01
| AdmiralAsshat wrote:
| Depending on your point of view, security updates for old
| devices are almost preferable to full-feature updates. My
| reasoning is as follows:
|
| Each new version of iOS/Android is more resource-hungry than
| the last, and expects better hardware to run it. Many people
| with Apple device complain, "This new version makes my old
| iPhone/iPad so slow it's practically useless." So in most
| cases, people _want_ to keep using their old devices
| (presumably at the performance speed they were running
| previously), but they are compelled to stop using them when
| they stop receiving updates, because the unpatched bugs
| /exploits could put their data at risk.
|
| While there are definitely many people who would like the
| latest-greatest OS on their device, I think a large number of
| people would be happy with their device's current OS, patched
| to ensure that it's not vulnerable to an active 0-day exploit.
| ryandrake wrote:
| Frankly, this goes for most software, for me. When I update,
| I want security fixes, bugs fixed, and performance
| improvements. I generally _don 't_ want more feature cram,
| pointless UX re-designs, and deprecated functionality.
| Unfortunately, the way 99% of software companies do updates,
| you have to take the bad if you want the good. They don't do
| separate tracks, where people who just want under-the-hood
| fixes can get them.
| 177tcca wrote:
| This is why a Pixel 3a or later with GrapheneOS.org is tough
| to beat.
|
| Best of all worlds.
| leetcrew wrote:
| > While there are definitely many people who would like the
| latest-greatest OS on their device, I think a large number of
| people would be happy with their device's current OS, patched
| to ensure that it's not vulnerable to an active 0-day
| exploit.
|
| most people don't care about patch level either. if they care
| about OS versions at all, they just want the option to
| decline so their old phone doesn't get "slower". outside of
| my tech friends, no one I know takes security updates into
| account when purchasing a new phone and/or retiring an old
| one.
|
| in any case, OS security updates are only part of the story.
| eventually important apps you use will require a higher OS
| version for updates. then you're using a secure OS, but
| possibly stuck using an old version of an app with its own
| known vulnerabilities.
| 908B64B197 wrote:
| The source of the problem is that OEMs won't go through the
| effort to get their kernel patches in the main tree.
|
| Why won't they?
| eznzt wrote:
| Because it takes a lot of effort, kernel developers will bitch
| that some of the code is there just to connect to blobs that
| aren't free, blah blah blah. cf the nvidia situation.
| yjftsjthsd-h wrote:
| > kernel developers will bitch that some of the code is there
| just to connect to blobs that aren't free
|
| That seems like a completely legitimate complaint? The whole
| point of upstreaming code is making it so that the device
| stays stable, current, and secure. If you just shove all the
| important bits into a userspace black box that can't be
| audited or updated, how much did you really gain?
| BugsJustFindMe wrote:
| They lack financial incentive to do so.
| Kneecaps07 wrote:
| Because they already have your money and don't consider the
| long-term effect of losing a future customer due to the lack of
| updates.
| SamBam wrote:
| Separate issue, but I find Google's end of life policy for
| Chromebooks baffling. Chrome OS will not update or get any new
| security patches on any device (made by any vendor) after the
| device's Auto Update Expiration date. It doesn't matter if the
| hardware is more-than-capable of running the updated ChromeOS.
|
| Since this is, of course, tied to the Chrome browser on the
| computer, this means that there is no way for a six-year-old
| Chromebook to safely browse the web.
|
| How is this justifiable, in terms of security?
| ProAm wrote:
| This is where you replace ChromeOS for linux and live a happy
| life.
| dunnevens wrote:
| This doesn't help your 6 year old Chromebook, but going forward
| Google is going to update Chrome independently of Chrome OS.
|
| I understand your frustration though. I love ten inch laptops.
| That's about the perfect size for my use. I've got a 5.5 year
| old 10 inch Asus Flip Chromebook that still runs perfectly, but
| hasn't received updates since last Spring / Summer. There's
| really nothing else on the market, short of a iPad Pro 11 in a
| laptop-hinged case, that could replace it.
| SamBam wrote:
| I got the kid a Chromebook for school. Now Google Meet says
| that the browser is too old to use most of the features.
| Netflix puts up a notice that the browser is too old. Etc.
|
| Once the school year is over and she doesn't need it all the
| time I plan on replacing ChromeOS with Linux of some flavor.
| Wowfunhappy wrote:
| > Netflix puts up a notice that the browser is too old.
|
| Whoa. I guess some DRM scheme is forcing their hand?
|
| I'm surprised because on Mac you can still use Netflix in
| Snow Leopard, if you install Silverlight and use the
| ancient built-in version of Safari. Netflix's support page
| seems to imply this will even work on Tiger, although I
| haven't tried it. https://help.netflix.com/en/node/23742
| mattlondon wrote:
| Netflix still seems to work perfectly fine in both
| Chromebooks I have (one dell that is perhaps 2 or 3 years
| old, and one HP that is about 6 months). Netflix
| experience is identical on each (but the Dell's screen
| sucks) - don't think DRM has anything to do here.
| themacguffinman wrote:
| I think what he/she meant is that the Widevine DRM that
| Chrome uses likely has multiple versions, and Netflix may
| require the most recent versions to view its content.
| Wowfunhappy wrote:
| Yes, that's what I was imagining must be going on, if it
| indeed doesn't work as SamBam said. I just can't see why
| else they'd support ten-year-old Macs but not a
| (presumably) much newer Chromebook.
| josefresco wrote:
| >I love ten inch laptops
|
| You might like the Lenovo Duet:
| https://www.lenovo.com/us/en/laptops/lenovo/student-
| chromebo...
| SamBam wrote:
| End of life 2028. Comes sooner than you think.
| dunnevens wrote:
| I thought of the Duet after writing my comment. I actually
| bought one when it was super cheap at Best Buy. I like it.
| The size is perfect. But I wish there was an optional
| hinged keyboard for it to turn it into a semi-proper
| laptop. Hoping it's selling well enough for Lenovo, or some
| third party, to make that accessory.
| Abishek_Muthian wrote:
| >but I find Google's end of life policy for Chromebooks
| baffling.
|
| Brought to you by the smartphone ecosystem. Smartphones are the
| most successful computers ever, but could a computer
| manufacturer pull off arbitrary update schedule, locked boot-
| loader and among other nonsense a decade ago? Now this has
| seeped into personal computers.
|
| >this means that there is no way for a six-year-old Chromebook
| to safely browse the web. How is this justifiable, in terms of
| security?
|
| Neither does in iOS, especially in iOS since all browsers are
| Safari WebViews and So once OS updates stop it becomes
| dangerous to even browse the web. 7 year old android can
| receive latest Firefox, but it's highly likely it never
| received a single OS upgrade in its lifetime.
| amelius wrote:
| > How is this justifiable, in terms of security?
|
| Or in terms of e-waste ...
| jeffbee wrote:
| Chromebooks come with published EOL dates before you buy. Is
| there another platform that has a better policy? My Pixelbook
| Go has a 6-year life. If I buy an iMac right now, Apple will
| only say it gets updates "for years to come". How many years?
| dep_b wrote:
| Probably 5 years, since it's still an Intel version at the
| moment which will be phased out for Mx based Mac. If you
| would buy the latest MBP 13" M1 I think at least 8 years.
| jeffbee wrote:
| That's just you hand-waving. Does Apple or any other
| computer maker offer an explicit end-of-updates policy?
| jerlam wrote:
| Apple has a hard-cutoff of seven years for hardware
| support:
|
| https://support.apple.com/en-us/HT201624
|
| Not as clear for software (Mac OS) updates.
| toast0 wrote:
| Nobody else makes specific promises, however with the
| exception of some very poorly thought out computers, most
| x86/amd64 Windows PCs that sold with Windows 7 or later are
| still supported by Windows 10, and will continue to be.
| Exceptions are generally those machines that had very little
| disk space (mostly Atom based netbooks); there may be a few
| other cases here and there; systems built on traditional hard
| drives will run poorly with Windows 10, but are still
| generally supported.
|
| Regardless of upgrades, Microsoft has generally made OS
| support commitments that are pretty clear, although they've
| often been extended, so you didn't necessarily have correct
| and complete information when you purchased; but supported
| until X, but possibly later is a lot better in my mind than
| supported until X and then abandoned, even if it's the same
| hardware as something else that continues to be supported.
| jeffbee wrote:
| The way Microsoft supports your hardware is with stable
| driver APIs, but they don't and can't tell you that third
| parties like Dell will ship timely updates to their
| defective drivers and firmware. Microsoft did not until
| very recently (November 2020!) start offering EOL dates for
| their own Surface products, and they offer 4 years.
| 908B64B197 wrote:
| > How is this justifiable, in terms of security?
|
| It isn't.
|
| Chromebooks are primarily aimed at the .edu market. I assume
| there must be some data that a Chromebook rarely survives up to
| it's End of Life data.
|
| But with Windows 10 running on ARM, who knows, we might soon be
| able to install a real OS on these devices!
| ForHackernews wrote:
| > soon be able to install a real OS
|
| Good news, you already can:
| https://www.debian.org/ports/arm/#status
| moistbar wrote:
| Linux support for Chromebooks is nowhere near as good as it
| used to be. I spent way too long trying to get sound
| working on a C302 with Ubuntu before giving up and going
| back to ChromeOS, and that's even got an x86 processor. I
| can't begin to imagine how bad the ARM ones are.
| srcmap wrote:
| Would be good biz for a company (ubuntu) to setup Linux
| distribution to support security monitor/update for schools
| for some model of Chromebooks for $500-1k per school?
| 908B64B197 wrote:
| Not really.
|
| Chrome OS already ships out of the box for these devices.
| At a cost of 0$.
|
| And, and this is just me speculating, I don't think a lot
| of Chromebooks are still bootable 6 years from their
| release due to, well, being used by students who don't care
| much for them.
| cma wrote:
| > Chromebooks are primarily aimed at the .edu market. I
| assume there must be some data that a Chromebook rarely
| survives up to it's End of Life data.
|
| If it's aimed at the .edu market I think there might be some
| textbook "Nth edition" artificial obsolescence jealousy
| feeding it.
| sempron64 wrote:
| Windows 10 was released in 2015 and will receive security updates
| for the foreseeable future. This should be the standard for
| reliable operation.
| jonquark wrote:
| I'd really like some sort of "Best Before" label on electronics
| with a date that said how long the manufacturer was commiting to
| security updates.
|
| But there are issues - what exactly constitutes a security
| update, how frequently and timely are the patches -what if the
| manufacture goes bankrupt....
| heavyset_go wrote:
| Honestly, I wish they'd just jump over to Tizen with an Anbox
| layer for Android apps.
| effingwewt wrote:
| Doesn't matter in the least Samsung phones are now some of the
| most malware infected phones out there.
|
| Check google play store reviews of Carrier Hub[1], and Mobile
| Installer from SoftBank[2].
|
| Both were installed by Samsung in a recent _mandatory, forced
| within 72 hours update_
|
| Neither can be uninstalled without root, and will show
| uninstalled and instantly re-install itself,since both have root
| access...which they say they keep from us for 'security'.
|
| Fuck Samsung I will never touch their garbage again.
|
| [1]
| https://play.google.com/store/apps/details?id=com.sprint.ms....
| [2]
| https://play.google.com/store/apps/details?id=com.sprint.ce....
|
| Edit for clarity
| mrbonner wrote:
| I got burned by Samsung devices one too many times: phones G2 to
| G5, security cameras, TV. Their software are all buggy and grinds
| the devices to a stop. My life became better once I got rid of
| all Samsung crap.
| cute_boi wrote:
| this is my experience too. Samsung is all about marketing. I
| bought s6 which didn't even last 5 hour of battery life on
| usage. And after 2 year it died so easily.
|
| Then there was Samsung Washing Machine which started giving lot
| of issue after 2 years.
|
| My life has become lot better and peaceful after getting rid of
| samsung crap. Samsung doesn't deserve our money.
| LASR wrote:
| Had a similar experience, but by proxy. I was answering a lot
| of LOT of tech support calls when my dad decided to buy the
| latest and greatest Samsungs.
|
| Next cycle, I got him an iPhone X as a gift. Apart from "how do
| I do this on iOS", have had very little trouble with it. Still
| going strong even after several years now. Somehow, he's even
| picked up some decent iMovie editing skills - learning all by
| himself.
|
| Durability-wise, the Pro-level iPhones are the new Nokia 3310s.
| jonshariat wrote:
| My experience has been with their TVs, really poor experience
| so far. Software fails all the time (this is less than 1 year
| old), screen is black, needs to be rebooted to work again.
| Remote started firing multiple times at random too.
| dartharva wrote:
| Samsung is notoriously aggressive against customization though,
| it puts a lot of hurdles for people trying to root their phones
| and will disable many functionalities once it detects a breached
| Knox counter.
| plusfour wrote:
| updates it with garbage
| butz wrote:
| More Android phone manufacturers should join this "who can
| support their phones for a longest time" race. Everyone will be a
| winner.
___________________________________________________________________
(page generated 2021-02-23 23:02 UTC)