Slashdot Mirror

← Back to Stories (view on slashdot.org)

Wireless Carriers Put On Notice About Providing Regular Android Security Updates

Posted by Soulskill on from the suggestion-placed-in-circular-file dept.

msm1267 writes "Activist Chris Soghoian, who in the past has targeted zero-day brokers with his work, has turned his attention toward wireless carriers and their reluctance to provide regular device updates to Android mobile devices. The lack of updates leaves millions of Android users sometimes upwards of two revs behind in not only feature updates, but patches for security vulnerabilities. 'With Android, the situation is worse than a joke, it’s a crisis,' said Soghoian, principal technologies and senior policy analyst with the American Civil Liberties Union. 'With Android, you get updates when the carrier and hardware manufacturers want them to go out. Usually, that’s not often because the hardware vendor has thin [profit] margins. Whenever Google updates Android, engineers have to modify it for each phone, chip, radio card that relies on the OS. Hardware vendors must make a unique version for each device and they have scarce resources. Engineers are usually focused on the current version, and devices that are coming out in the next year.'"

171 comments

  1. Java by goombah99 · · Score: 3, Interesting

    Does Dalvik have the same security problems Oracle Java does? If so this is a serious problem

    --
    Some drink at the fountain of knowledge. Others just gargle.
    1. Re:Java by stewsters · · Score: 1

      They are completely different languages. Also as far as i know it would be a total pain to run an applet on an Android device. You would need to run a virtual machine inside android, install another operating system inside that virtual machine, and install oracle's java plugin for the browser inside that.

    2. Re:Java by Qwavel · · Score: 2

      No, it doesn't.

    3. Re:Java by supersat · · Score: 4, Informative

      No. Even if it did, it doesn't matter because Android does NOT rely on Java for isolation or security. Each application runs as a separate Linux user, and the kernel enforces isolation between apps this way.

      Because apps are isolated in this way, they can include native code.

    4. Re:Java by Miamicanes · · Score: 2

      As of this moment, there is no known "Java" VM that runs under Android. Dalvik begins its life as Java sourcecode, but it's actually "double-compiled" by the time it runs on Android: Java source to Java bytecode, then Java bytecode is compiled to Dalvik bytecode. Lots of Android developers eventually get bitten hard before grasping the true meaning of "Dalvik Isn't Java" (ie, there ARE things that work in Java, but don't work in Dalvik. Runtime dynamic compilation to achieve dependency injection is one example that comes to mind).

      Getting Java to run in any kind of compliant manner, with or without Swing, would be a HUGE undertaking that's also prohibited by Oracle and Java's open-source license. Remember, Java is encumbered by patents now owned by Oracle, and a license to use those patents is granted ONLY to users running compliant implementations of Java on x86/AMD64-architecture hardware. You can have a license to use software, without necessarily having a license to make use of patents embodied within it.

      If you spent months of your life getting OpenJDK to work under Android (with or without Swing) and published it, you'd be instantly sued by Oracle for patent infringement. Even pre-Oracle, Sun charged shitloads of money to license Java for embedded applications (remember, that's what it was invented for in the first place).

      Either way, Java applets under Android aren't happening. Period. Even if you solved the software problems & fought off the lawyers, there's still the tiny problem that Android browsers have no concept of an "Applet".

    5. Re:Java by davester666 · · Score: 1

      It has entirely different ones. On millions of devices connected directly to the Internet, with people using them willing to download and execute pretty much anything.

      --
      Sleep your way to a whiter smile...date a dentist!
    6. Re:Java by Rich0 · · Score: 1

      Does Dalvik have the same security problems Oracle Java does? If so this is a serious problem

      It is an independent implementation, so I'd say it likely has a similar but altogether different set of security problems.

      At least it doesn't run arbitrary code from applets, and since applications run as individual users they benefit from the underlying linux security model. That said, maybe if you open some document in an application the document might exploit some dalvik flaw to gain access to other data the application can view (likely your entire SD card), and if the app has rights (likely the case) upload it to random places on the internet.

    7. Re:Java by Rich0 · · Score: 1

      True enough, but the isolation only protects apps from each other. It doesn't protect your data from apps, unless the app in question doesn't have rights to read your SD card (and if you're attacking an app chances are it was from reading some data from the SD card in the first place, like an attachment to an email).

  2. Stop screwing with it so much by redback · · Score: 4, Insightful

    Handset manufacturers should stop screwing with it so much, if they used pure android it wouldnt be so much work to get updates out.

    1. Re:Stop screwing with it so much by The+Other+White+Meat · · Score: 1

      I'd be fine if the manufacturers and carriers would just make their bloatware an optional "feature" that users could take or leave. Like AT&T Maps; it's $10/month, the one time I used it was by accident because I confused it for Google Maps.

      --

      --- Generation X: The first generation to have SIG lines inferior to their parents... ---
    2. Re:Stop screwing with it so much by Anonymous Coward · · Score: 0

      You're asking them to stop differentiating themselves from each other. Not going to happen.

    3. Re:Stop screwing with it so much by Anonymous Coward · · Score: 0

      If the manufacturers simply passed their OS / device driver updates back to the core Android Open Source Project, it'd make everyone's lives easier.

      If they want to keep their launcher and misc add-on apps private, that's their call.

    4. Re:Stop screwing with it so much by ColdWetDog · · Score: 5, Insightful

      Like AT&T Maps; it's $10/month, the one time I used it was by accident because I confused it for Google Maps.

      No, it's not by accident. It's by design. A significant number of people won't be able to parse the difference between AT&T maps and Google Maps. So they'll just pay the dollars until they wise up. If indeed you do wise up, then you have to change their contract to opt out. Then the contract timer starts again.

      They get you coming or going.

      Brilliant strategy.

      --
      Faster! Faster! Faster would be better!
    5. Re:Stop screwing with it so much by poofmeisterp · · Score: 1

      But, but, but... AT&T maps has SO much more to offer than Google Maps! It has......... More!

      /snark

    6. Re:Stop screwing with it so much by jtownatpunk.net · · Score: 2

      Tell that to my Galaxy Nexus that's still running 4.1.1. So much for the idea that Nexus devices are on the cutting edge. They're abandoned as fast as any other phone.

    7. Re:Stop screwing with it so much by Frojack123 · · Score: 5, Insightful

      I agree, to a certain extent.

      But I also maintain that this is strictly Google's fault (The Open Hanset Alliance).

      They took an operating system, Linux, which always has long the ability to put hardware drivers in dynamically loadable modules and built Android, where they compiled everything into the kernel in one huge binary blob. This is a huge retrograde step in OS design. The kernel should be replaceable without having to replace the driver for every radio, screen, sound chip.

      After all, the radio didn't gain any new functionality between Android releases. The same carrier specific radio "rom" the phone was shipped with should suffice. Just call it dynamically rather than compile it into the kernel. Let us get our kernel updates directly from Google, or the handset manufacturer, and any carrier specific updates from the carrier.

      This is a packaging error.

      --
      F. Robert Jack
    8. Re:Stop screwing with it so much by AmiMoJo · · Score: 1

      Consumers need to stop buying phones from manufacturers who screw with Android and don't provide updates.

      Actually that already seems to be happening to some extent. Manufacturers seem to be making much more effort to update. It is carriers who really lag behind, but you would be mad to buy your phone from them anyway.

      Rumour has it that Android 4.2 will introduce an advanced skinning system that lets the manufacturer put its skin on but still get OS updates directly from Google. As a bonus the manufacturer (or hacker) will be able to enable an option to switch to vanilla Android too. I really hope that is true.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    9. Re:Stop screwing with it so much by Archangel+Michael · · Score: 1

      Hell, this isn't even needed, with AOSP and projects like CyanogenMod, just unlock the bootloader of unsupported phones, and let them have the needed drivers to make the shit work right. But you can't complain about old devies not getting updates when you don't do updates nor let anyone else do them either. This is not a catch 22. This is "we want our cake and eat it too".

      --
      Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
    10. Re:Stop screwing with it so much by LiENUS · · Score: 1

      Rumour has it that Android 4.2 will introduce an advanced skinning system that lets the manufacturer put its skin on but still get OS updates directly from Google. As a bonus the manufacturer (or hacker) will be able to enable an option to switch to vanilla Android too. I really hope that is true.

      Seems unlikely. Android 4.2 was released months ago and I haven't noticed this functionality in it yet.

    11. Re:Stop screwing with it so much by peragrin · · Score: 1

      That's because the manufactures are getting the blame from users using the phrase.

      Well my iphone used to update why can't I update this one the same way.

      Wait until smart TV vendors realize they also have to provide updates.

      If you want locked down software like apple you must limit the number of models of devices.

      otherwise you can't keep up

      --
      i thought once I was found, but it was only a dream.
    12. Re:Stop screwing with it so much by tlhIngan · · Score: 4, Informative

      Tell that to my Galaxy Nexus that's still running 4.1.1. So much for the idea that Nexus devices are on the cutting edge. They're abandoned as fast as any other phone.

      Only the Verizon Nexues are "abandoned". If you got the HSPA ones, you should be at 4.2.x already.

      If you're not, perhaps it's because you bought it from a carrier and have the default carrier firmware stuck to them with carrier firmware updates. In which case you need to go to Google, download the latest factory images and install them on your GNex. This will get updates as fast as Google pushes them out (the carrier ones actually have an update URL pointing somewhere else, while the Google ones point to Google).

      An interesting note - when I did this, battery life shot up dramatically. The carrier GNex firmware isn't all that great.

    13. Re:Stop screwing with it so much by Anonymous Coward · · Score: 0

      They're not the problem, the problem is then it has to be basically 'forked' into the providers version and they are the ones that are usually slow with their end of the updates. (some more than others)

      Google really needs to change the agreements for the distribution rights for their distro. and take a little more control. not to the point of apple but enough that sprint can't shove nascar and nfl apps at me that are constantly trying to use 'my' data connection and consuming ram when i have never used them and can't remove them.

    14. Re:Stop screwing with it so much by Anonymous Coward · · Score: 0

      God forbid they should compete on price and quality of service.

    15. Re:Stop screwing with it so much by NatasRevol · · Score: 1

      That explains why Samsung is the #1 seller of Android phones. /sarcasm

      --
      There are two types of people in the world: Those who crave closure
    16. Re:Stop screwing with it so much by gr8_phk · · Score: 1

      Handset manufacturers should stop screwing with it so much, if they used pure android it wouldnt be so much work to get updates out.

      Google should stop screwing with it so much and then they wouldn't need updates! And you should stop blaming the customers (handset makers)

      Seriously, you folks in "the tech industry" have no idea what product quality and reliability are. Try writing software for a car. Yes, it's much smaller in scope, but it has to be complete. We ship modules that are never updated (ROM parts anyone?) and in some cases are turned on and never off until you disconnect the battery (i.e. sleep rather than full reset). We have people who swear you must refresh hardware configuration registers periodically because cosmic rays or some shit will occasionally disable a feature indefinitely. I have not personally encountered such an issue but I know people who have. But that shit HAS to work, and it has to work for decades without updates.

      My phone runs Android 2.1 because it won't update if I tell it to, and it still makes calls. I have better things to do than tech support for a phone. It's a PHONE it shouldn't need updates.

    17. Re:Stop screwing with it so much by peragrin · · Score: 1

      Not it isn't. not even close.

      this is, Hey the iphone has those kinds of updates why can't my HTC/Samsung, etc.

      Seriously the only reason why is the carriers being stupid, and manufacturers not understanding the big software release picture.

      --
      i thought once I was found, but it was only a dream.
    18. Re:Stop screwing with it so much by cheater512 · · Score: 1

      Thats why when I bought my Galaxy S3 I immediately put Cyanogenmod on it.
      My phone is regularly updated (currently running 4.2.1), stable and doesn't have any crap on it.

    19. Re:Stop screwing with it so much by JonBoy47 · · Score: 2

      These Android-makers customize/skin the Android experience for the simple reason that it's just about the only thing preventing their product from becoming completely commoditized just like Windows PC's have been in the past few years. They also lack the clout to tell the carriers to pound sand. Thus we get Android handsets with carrier-dictated bloatware because the carriers get incremental revenue off that stuff. Be it someone using AT&T Maps and paying $10/month because they can't tell the difference from the Google Maps icon, or because someone is paying $0.50 a unit to have their app pre-loaded on the phone. All this bloatware, plus the additional QA the carrier does on each new build, is why Android releases are so delayed. Note that iPhones are devoid of these specific issues (though they have their own different issues). Apple wisely told carriers to shove it where the sun don't shine, and Google was wise to follow The Late Steve's lead with their Nexus devices.

    20. Re:Stop screwing with it so much by canadiannomad · · Score: 1

      If the manufacturers simply passed their OS / device driver updates back to the core Android Open Source Project, it'd make everyone's lives easier.

      If they want to keep their launcher and misc add-on apps private, that's their call.

      Somebody mod this up... It is exactly what they should be doing! Honestly I don't know why low margin hardware manufacturers are keeping themselves in the picture at all (with little to no economic gain for holding the code they won't support).

      --
      Hmm, the humour and sarcasm seem to have been be lost on you.
    21. Re:Stop screwing with it so much by canadiannomad · · Score: 2

      The moment you connect your car up to the internet, it too will need software updates.
      In a car no-one is constantly trying to run you off the road or blow you up.
      Not true online, you are almost always being probed to find out if you are susceptible to the latest car disabling technology.
      Online it is an arms race, not a status quo.

      --
      Hmm, the humour and sarcasm seem to have been be lost on you.
    22. Re:Stop screwing with it so much by thegarbz · · Score: 1

      I can't say I fully agree with this. One of the good things about Android is that you have different flavours just like you do on Linux. For example HTC's OS design choices in my opinion suck. I'd pick Google's vanilla Android any day. However I do like the menu layout, the older keyboard, and many other features that Samsung brought to its version of Android a lot more than Google's own (Touchwiz excepted though, it looks and feels shitty).

      What the manufacturers need to do is work with Google to make the system more modular. Being able to install a package with customisations over the top of vanilla Android and at the same time include all the drivers needed for the phone without having to get the code wizards to apply large changes to the latest Android kernel would really ease the pain.

      The driver infrastructure and ability to customise the system is an absolute mess.

    23. Re:Stop screwing with it so much by icebike · · Score: 2

      Try writing software for a car. ... We ship modules that are never updated (ROM parts anyone?)

      Hmmm, that's not my experience.
      Both my prior car and my current car had software updates over their life, the new car within 5 months of delivery as required by a recall. Its still riddled with bugs that are obvious, and grousing to the dealer is of no use, because the software is out of their hands. If I install after-market software, my warranty is void on the entire vehicle.

      --
      Sig Battery depleted. Reverting to safe mode.
    24. Re:Stop screwing with it so much by cliffjumper222 · · Score: 1

      Android is a gift, not a product. Android needs fixing to work properly because it doesn't work out of the box. Why? Because hardware changes from OEM to OEM, the government require mandatory support for features that aren't included, the customer (AT&T etc) require support for their apps or services, some very important ones, and last, but not least, it's buggy.

      Details:
      It takes about 6 months for a dedicated SCRUM team to knock a version of Android out that meets a major US carrier's requirements after Google releases their code to the community. I know because I've done it. Verizon has about 6000 requirements for their devices, Sprint and AT&T are not far behind. On top of the carrier requirements, which could be anything from implementing a custom address book sync adapter, to ensuring AGPS works accurately, you need to meet US Government requirements. CMAS is a great example. Further, there may be a stack of accessibility items that need to be done, although, Google dramatically increased their support there from ICS. So, once you've done the carrier requirements and the regulatory ones, you also then need to fix the bugs. These could be part of the open source - just look at the issues at code.google.com to see the outstanding ones, or they could be the result of the changes your chip set supplier made to have the code work with their hardware, or their proprietary codecs, etc.. Google may not have gotten around to fixing their bugs yet, but that doesn't mean you'll be able to ship a product today with without fixing them. Should those fixes be pushed back to the open source tree, absolutely, but are they? Why let a competitor benefit from our hard work? Also, you need to weed out any bugs that are unique to your hardware configuration - that could be caused by touch screen firmware, or the modem, bluetooth, or some other piece. Then, finally, you can decide if you want to reskin the UI or add your twiddly improvement. Sometimes that's an enhancement that customer's expect, like hyphenating dial strings, or sometimes it's a totally sexy homescreen widget. That part gets all the press, but all the other stuff must get done even if you decide to ship "pure android".

    25. Re:Stop screwing with it so much by aztracker1 · · Score: 2

      If you aren't pushing bug fixes upstream, you are part of the problem...

      --
      Michael J. Ryan - tracker1.info
    26. Re:Stop screwing with it so much by TheGratefulNet · · Score: 1

      my nexus one is stuck on cm7.2 which is the farthest forward I can go. sigh.

      pretty much abandoned and by google, by design, as I understand it.

      correct me if I'm wrong, but the problem was that they bundled the graphics system too much with the rest of the non-gfx parts. and so, when the n1 chip was declared 'too old', this froze the WHOLE shooting works. so to speak.

      I don't develop for android, I'm just a user. I never looked at any of the code. so I might have this all wrong; but why else is my system (2.x tain, not anything higher) stuck so far back in the past? stock google android is buggy as hell for this phone and CM7 is enough to make the phone still usable. but there are still serious bugs and yet its pretty much abandoned.

      mine is still in great shape and I just won't throw it out until its truly 'old and busted'.

      I'm not impressed with what I see from the whole android thing. (I don't use apple or any other; but I'm just not impressed if this is google's best effort).

      --

      --
      "It is now safe to switch off your computer."
    27. Re:Stop screwing with it so much by trparky · · Score: 3, Informative

      Actually, minor changes (like that) to your plan do not reset your wireless contract clock.

    28. Re:Stop screwing with it so much by Anonymous Coward · · Score: 0

      It's a PHONE it shouldn't need updates.

      No, it's a computer that happens to have a phone application. If you want just a phone that has less need for updates then get a feature phone.

    29. Re:Stop screwing with it so much by Anonymous Coward · · Score: 0

      Ever tried to build a desktop Linux kernel module using unmodified source code from two years ago and plop it into a current kernel?

      While shipping drivers separately certainly would help, it only goes part of the way. You also need to maintain compatibility across time on the other end.

    30. Re:Stop screwing with it so much by ozmanjusri · · Score: 1

      correct me if I'm wrong, but the problem was that they bundled the graphics system too much with the rest of the non-gfx parts. and so, when the n1 chip was declared 'too old', this froze the WHOLE shooting works. so to speak.

      Cyanogen have halted development of all the old Snapdragon devices, not just the Nexus 1. There were a number of reasons, including the Adreno 200 GPU, limited RAM and restricted storage memory.

      Other modders are still developing for it though. MIUI have a Jelly Bean version, but I'm not sure what compromises they had to make to get there.

      http://forums.miui.us/showthread.php?15234-ROM-10-29-12-MIUI-us-v4-1-Jellybean-Edition

      --
      "I've got more toys than Teruhisa Kitahara."
    31. Re:Stop screwing with it so much by DarwinSurvivor · · Score: 1

      I remember reading an article about a proof of concept where a hacker was able to control parts of his car with a cleverly crafted MP3 burned to a CD. He hypothesized that such attacks could be distributed through P2P networks and install backdoors into cars allowing them to be unlocked/started without a key.

    32. Re:Stop screwing with it so much by L4t3r4lu5 · · Score: 1

      Heh, no. You're stuck with Gingerbread only if you stick with CyanogenMod official release. If you want Honeycomb / ICS / JB switch to another AOSP ROM.

      Here is the XDA-Developers forum for Android development on the Nexus One. I like CM9 on my Desire HD, so I stuck with the Unofficial CM9 on mine, though they have nightly CM10 for the Desire HD too, as well as other 4.x AOSP-based ROMs. There are plenty of 4.x ROMs for your phone on there, too. CyanogenMod is by no means the only one available.

      --
      Finally had enough. Come see us over at https://soylentnews.org/
    33. Re:Stop screwing with it so much by Velex · · Score: 1

      Ditto this. My 2011 Fiesta needs a software update so the passenger side curtain airbag deploys properly. Perhaps OP should take that little "security glitch" into consideration before getting his dick out next time.

      --
      Join the Slashcott! Stay away entirely Feb 10 thru Feb 17! Close all tabs to prevent autorefresh!
    34. Re:Stop screwing with it so much by DragonTHC · · Score: 1

      Tell that to my Galaxy Nexus that's still running 4.1.1. So much for the idea that Nexus devices are on the cutting edge. They're abandoned as fast as any other phone.

      --
      They're using their grammar skills there.
    35. Re:Stop screwing with it so much by helix2301 · · Score: 1

      I agree let android be like linux and run on all platforms this way security updates and product updates can just be downloaded when they are released. The customization makes it a security problem.

      --
      http://www.thetechnologygeek.org
    36. Re:Stop screwing with it so much by squiggleslash · · Score: 1

      It takes about 6 months for a dedicated SCRUM team to knock a version of Android out that meets a major US carrier's requirements after Google releases their code to the community. I know because I've done it. Verizon has about 6000 requirements for their devices, Sprint and AT&T are not far behind. On top of the carrier requirements, which could be anything from implementing a custom address book sync adapter, to ensuring AGPS works accurately, you need to meet US Government requirements.

      Maybe I'm misunderstanding you, but are you saying that, for example, most users of the GSM Galaxy Nexus in the US are doing so illegally?

      We, after all, get our updates before Google releases the code to the community, not six months afterwards.

      --
      You are not alone. This is not normal. None of this is normal.
    37. Re:Stop screwing with it so much by Anonymous Coward · · Score: 1

      If only someone would make a mobile OS that was managed and released by a single party. Perhaps the same one that built the devices themselves. That way updates could be released to all users in a timely fashion.

    38. Re:Stop screwing with it so much by David_W · · Score: 1

      In a car no-one is constantly trying to run you off the road or blow you up.

      You don't drive in DC, do you?

    39. Re:Stop screwing with it so much by canadiannomad · · Score: 1

      Lol, touché.

      --
      Hmm, the humour and sarcasm seem to have been be lost on you.
  3. Still using my Droid 1 going on three years by Anonymous Coward · · Score: 1

    And haven't had an update since the first year.

    They (Verizon) should at least push updates while it's still under contract.

    1. Re:Still using my Droid 1 going on three years by h4rr4r · · Score: 0

      You are running stock on that device?
      WHY?

    2. Re:Still using my Droid 1 going on three years by poofmeisterp · · Score: 2

      You are running stock on that device?
      WHY?

      Because they're trying to run the device from the perspective of the average end user. And that perspective has been clad in suckiness since the beginning.

    3. Re:Still using my Droid 1 going on three years by gmhowell · · Score: 1

      You are running stock on that device?
      WHY?

      Because maybe it does what he wants it to do? Your use case is not the universal use case.

      --
      Jesus was all right but his disciples were thick and ordinary. -John Lennon
  4. Why isn't Android more modular by The+Other+White+Meat · · Score: 1

    Every new revision of Android is this large, monolithic package that seems to take years to get right. If Android were more modular, you could have teams working in parallel on various modules, and releasing them as needed. This is what regular Linux does, so I don't see why Android doesn't do more of it. Other than the Google Apps package, everything else seems to be lumped together. (and yes, I know it's more modular behind the scenes, but if it isn't that way for the user, it's a moot point.)

    --

    --- Generation X: The first generation to have SIG lines inferior to their parents... ---
    1. Re:Why isn't Android more modular by Anonymous Coward · · Score: 1

      You missed the entire point. It is modular, the problem is the manufacturers keep driver code to themselves and out of the mainline kernel, they bolt in all sorts of UI shit no one actually wants and aren't interested in patching problems. They want you to buy the next new shiny thing.

    2. Re:Why isn't Android more modular by AwesomeMcgee · · Score: 2

      Go re-read why worse is better http://www.dreamsongs.com/RiseOfWorseIsBetter.html and realize any form of micro-architecture has long since been destroyed by the formidable drive of the monolithic design and it's ability to be simultaneously horrible and intractably irremovable from the minds of the vast majority of engineers, along with being faster to get out the door and therefore meeting all requirements of the business people who actually shove all this garbage down our throats.

    3. Re:Why isn't Android more modular by AuMatar · · Score: 3, Funny

      Wouldn't matter. The problem is more political than technical. Carriers are the ones who push updates, and they don't care especially in the US. Check EU versions of US phones and you'll see many more updates that never make it out here.

      Some of that is for a good reason. Carriers put phones through very rigorous acceptance testing that takes weeks to finish. It tests the phone as a whole, not individual modules. Trying to push out partial updates would screw with their process and cost tens of millions. It would also lead to people having versions of modules that were never tested together, an increased possibility of bricking your phone. When your device is seen as a consumer utility that just really isn't an option.

      --
      I still have more fans than freaks. WTF is wrong with you people?
    4. Re:Why isn't Android more modular by Anonymous Coward · · Score: 0

      Erh... monolithic?

      Do you call ZIP package as monolithic because it package multiple file as one?

      Android is very modular, that someone ship it with single flashable "ROM" file doesn't make Android monolithic.

  5. Rooting by Anonymous Coward · · Score: 0

    How about instead of spending money on modifying those new versions of Android to work on old models, offer ways to unlock the bootloaders so that people can get the security updates they desperatly need through third party ROMs such as Cyanogenmod?

  6. First post! by Anonymous Coward · · Score: -1

    I got the first post! Suck on that, Baquack Obamailure!

    1. Re:First post! by Anonymous Coward · · Score: 0

      Sadly, Baquack won't be sucking on anything today. Because you're the one sucking.

  7. American Civil Liberties Union by Qwavel · · Score: 3, Interesting

    "said Soghoian, principal technologies and senior policy analyst with the American Civil Liberties Union."

    Finally, an article about the dangers of Android that quotes someone I'm prepared to listen to. I'm not entirely sure why the ACLU would be involved in this stuff, but I do have some respect for them and believe them to be objective in this matter.

    I'm tired of the barrage of articles about the security problems with Android, and the need for anti-virus to resolve them - quoting people paid by the anti-virus companies.

  8. Not a problem for iOS. by BasilBrush · · Score: -1, Troll

    Another way in which iOS is superior. Every user gets offered every OS update, within a day of it's release.

    It's a mystery to me why people put up with Android's deficiencies.

    1. Re:Not a problem for iOS. by h4rr4r · · Score: 1

      Really all the other advantages are a mystery to you?

      Not everyone wants to live in a walled garden and pay a tithe to be allowed to program for their own device. Not to mention the lack of custom ROMS, and a whole host of other things.

    2. Re:Not a problem for iOS. by sehlat · · Score: 1

      Superior right up until the point when an update breaks an application you consider critical to using the gadget and the owner of the program (in this case, Stanza) refuses to allow it to be updated because it's a hundred times better than his precious Kindle.

      I'm now two revs behind iOS and don't give a damn.

      You have to keep an eye on both the manufacturer *and* the companies that provide applications to make sure they're not letting nose-in-the-air corporate rah-rah get in the way of taking care of their customers.

    3. Re:Not a problem for iOS. by Anonymous Coward · · Score: -1

      Not everyone wants to live in a walled garden and pay a tithe to be allowed to program for their own device.

      Then those people deserve the malware and security problems and I hope every one of them gets their identities stolen and bank accounts emptied.

    4. Re:Not a problem for iOS. by Anonymous Coward · · Score: -1

      Babby is mad because he doesn't want to pay a tithe to program something that will get him a little extra money?

      Just do what the other Obamailures do and torrent the software that you need. Then hack your device and void your warranty. Apple is more corrupt than Micro$oft, so feel free to steal from them. Power to the Poors, I say.

      When the poors are capable of pulling them up by their bootstraps, that is when I will respect them. Until then, they might as well just be a bunch of worthless gangbanging thieves. I wish they would change the laws so it was no longer a crime to kill poors for fun. It doesn't matter what race they are; poor people ruin neighborhoods.

    5. Re:Not a problem for iOS. by PortHaven · · Score: 2, Insightful

      Really?

      Because my iPhone 3G didn't get the last few updates. And courtesy of Apple, it no longer streams Netflix. Because crApple is so incompetent, they can't even manage app versions.

      Case in point. I have iPhon4 and 3G. iPhone 4s are running iOS5 & 6. Which the new Netflix app requires. However, the 3G model is not able to update to iOS5. But iTunes only allows for one instance of an app. So you'll find that you're old phones are now updated to versions of applications they cannot run.

      Get off your high crApple horse. The platform has major suckage. Want to bet $250?

      Move a photo you take with your phone into another folder. (No, don't just create a reference. Actually MOVE IT!!!)

    6. Re:Not a problem for iOS. by MBCook · · Score: 1

      You're not forced to take the update, but at least it's available to you if you want it.

      Depending on the specific manufacturer/phone, an Android device may get a few updates, possibly very late, or none at all.

      --
      Comment forecast: Bits of genius surrounded by a sea of mediocrity.
    7. Re:Not a problem for iOS. by Anonymous Coward · · Score: 0

      You can program for your own device without paying Apple for it. You're just spreading FUD.

    8. Re:Not a problem for iOS. by Anonymous Coward · · Score: -1

      im sure he more mad he didn't spend the little extra time convincing your mother to have an abortion.

    9. Re:Not a problem for iOS. by Anonymous Coward · · Score: 0

      Really? I can write an iPhone app without buying a mac and a copy of xcode? I don't have to buy anything special to write for Android or BlackBerry or even Windows. It's a fact, not FUD.

    10. Re:Not a problem for iOS. by cant_get_a_good_nick · · Score: 1

      crApple? Jeez... I thought calling it Micro$oft was bad. Yes, the troll was a fanboi. But you bit and went the wrong way.

      Apple is much better at having a consistent platform than Android is. You have phones coming out 4 months ago stranded with no updates. Your iPhone 3G goes back (possibly) 4 years, and a minimum 2 years. It's a much different situation.

      I have an iPod touch, gen 2, which has been stranded. I wish I could get an update on it. but the CPU on it is too old, so they don't support CPU hog IOS5 on it.

    11. Re:Not a problem for iOS. by maccodemonkey · · Score: 1

      Really?

      Because my iPhone 3G didn't get the last few updates.

      You missed the part that because that device is over two years old, you can get a newer device for free when you renew your contract.

      Of course, it sounds like you're using it as a secondary device. In which case I'm going to counter with a rant about how my spare G4 Cube can't run the latest version of Mac OS, can't run Netflix, and blah blah blah...

    12. Re:Not a problem for iOS. by countach · · Score: 1

      Yeah it's not a perfect platform. But I prefer it because at least I know what I'm getting. I know the level of support Apple will give me, which is pretty good, even if they do sometimes drop support on old models. But what can I expect if I buy Android? It's really hard to research, figure out and predict. This is why Apple is killing the competition.

    13. Re:Not a problem for iOS. by bhagwad · · Score: 3, Informative

      Not everyone with a Windows PC has had their identities stolen and bank accounts empties. Oh any by the way, "security" is just a convenient excuse for censoring apps. Look at the big stories of Apple censorship - they have nothing to do with security and everything to do with Apple enforcing their own morals.

      Security my ass.

    14. Re:Not a problem for iOS. by Anonymous Coward · · Score: 0

      You are complaining that a five year old computing device isn't getting the latest OS updates? My five year old laptop won't run Win 8. There comes a time when technology advances require leaving older technology behind. To include your device would mean having to code for non-retina display resolutions, and for much slower and less capable processor capabilities.

      You do have a point about iTunes should be able to recognize that you have a variety of devices and allow for older versions of apps to exist in your library as well as the latest and greatest.

    15. Re:Not a problem for iOS. by Chirs · · Score: 1

      You missed the part that because that device is over two years old, you can get a newer device for free when you renew your contract.

      You assume the person is *on* a contract.

    16. Re:Not a problem for iOS. by Anonymous Coward · · Score: 0

      Not everyone wants to live in a walled garden and pay a tithe to be allowed to program for their own device. Not to mention the lack of custom ROMS, and a whole host of other things.

      Most people don't do those things with their Android devices anyway.

    17. Re:Not a problem for iOS. by Anonymous Coward · · Score: 0

      I can write an iPhone app without buying a mac and a copy of xcode?

      xcode is free and no, you don't need to buy a mac, especially if you already have one or you could install OSX on your PC or even in a virtual machine.

      I don't have to buy anything special to write for Android or BlackBerry or even Windows.

      Macs aren't special, they aren't any different to PCs, in fact you can even run OSX on PCs and in VMs and XCode is free.

    18. Re:Not a problem for iOS. by Anonymous Coward · · Score: 0

      Not everyone with a Windows PC has had their identities stolen and bank accounts empties.

      And not every person that has played russian roulette has been killed either.

      But they still deserve to be.

    19. Re:Not a problem for iOS. by Anonymous Coward · · Score: 0

      Wow, that's ignorant.

      I can create a free developer account, download Xcode and install any app I develop on my phone. No 'tithe' anywhere.

      Custom iPhone roms:
      http://whited00r.com/

      But then, you probably knew that and just felt like trolling at the end of the day.

    20. Re:Not a problem for iOS. by Anonymous Coward · · Score: 0

      You have to buy a computer regardless.
      Xcode is free.
      You're an ignorant idiot.

    21. Re:Not a problem for iOS. by Anonymous Coward · · Score: 0

      no, you don't need to buy a mac, especially if you already have one.
      no, you don't need to buy a mac, especially if you already have one.

      no, you don't need to buy a mac, especially if you already have one.
       

      That was so funny I had to repeat it three times.

      Mactards, they're so cute when they're young...

    22. Re:Not a problem for iOS. by Anonymous Coward · · Score: 0

      The parent was patently wrong, however I'd like to point out the iPhone 3G is nearly five years old and only stopped receiving updates a couple years ago while most android phones stop receiving updates within a year or two.

    23. Re:Not a problem for iOS. by thegarbz · · Score: 1

      you can get a newer device for free when you renew your contract

      Oh you poor misguided consumer.

    24. Re:Not a problem for iOS. by metrix007 · · Score: 1

      Seeing your idiotic past posts and now seeing that you are unabashedly an Apple fanboi, things make a lot of sense. I mean, you made a post just to troll, which if you know anything about Android you know is factually incorrect. How old are you, 12?

      --
      If you ignore ACs because they are anonymous - you're an idiot.
    25. Re:Not a problem for iOS. by Cabriel · · Score: 1

      So you'll find that you're old phones are now updated to versions of applications they cannot run.

      This is wholly untrue. I was using an iPhone 3G up until last week and when I tried to update any app, I was told "Requires iOS 4.3 or higher" and the update failed. I was left with all of my apps able to run on my old phone as they were before iOS 4.3 was released.

    26. Re:Not a problem for iOS. by Anonymous Coward · · Score: 0

      You have phones coming out 4 months ago stranded with no updates

      Yeah, no kidding, I bought a phone and was told I was lucky to have seen 6 months of updates. I never did get off of 2.3.x...

    27. Re:Not a problem for iOS. by ozmanjusri · · Score: 1

      This is why Apple is killing the competition

      "Android captured almost 70% global smartphone market share in 2012, Apple just under 20%"

      http://venturebeat.com/2013/01/28/android-captured-almost-70-global-smartphone-market-share-in-2012-apple-just-under-20/#AOkdwU4cgQebLIbR.99

      --
      "I've got more toys than Teruhisa Kitahara."
    28. Re:Not a problem for iOS. by BasilBrush · · Score: 0

      Not everyone with a Windows PC has had their identities stolen and bank accounts empties.

      Oh well, if there are still some that haven't been hit, that's OK then. Equally Afghanistan isn't dangerous, as not everyone who goes there dies.

    29. Re:Not a problem for iOS. by BasilBrush · · Score: 1

      But it's not factually incorrect. It's absolutely correct. That's why people who don't want it to be true get so upset about it.

      And asking how old someone is in itself a childish argument.

    30. Re:Not a problem for iOS. by BasilBrush · · Score: 1

      The current version of Stanza is compatible with the current version of iOS.

      Even if it wasn't it's still true that it's better to get the option to upgrade the OS than not get the option, or to get it late, both of which are par for the course for Android users.

    31. Re:Not a problem for iOS. by BasilBrush · · Score: 1

      If you want people to believe you are an Apple customer, it's pretty silly to call them crApple.

      It's even more silly when you say something that isn't true:

      Case in point. I have iPhon4 and 3G. iPhone 4s are running iOS5 & 6. Which the new Netflix app requires. However, the 3G model is not able to update to iOS5. But iTunes only allows for one instance of an app. So you'll find that you're old phones are now updated to versions of applications they cannot run.

      iTunes does not install any application updates which are incompatible with the phone. If the phone is on iOS4, and the app requires iOS5, then iTunes does not transfer it to the phone. If you already had an iOS4 version of the app on the phone, then it will remain with that one.

      Your claim that iTunes only stores one version of an app isn't even true. Go to ~/Music/iTunes/iTunes Music/Mobile Applications, and you can see multiple versions of apps, stored with the version number in the filename. Not all versions are stored here, only the ones that are needed to satisfy the fact that you have multiple devices, with different OS versions.

    32. Re:Not a problem for iOS. by bhagwad · · Score: 1

      Wow - "deserve"?

      Good thing you're not a god.

    33. Re:Not a problem for iOS. by countach · · Score: 1

      And the power users - the people who actually care about what they're buying are on iOS mostly, judging by web browser statistics. Yes, people who'll buy any old shit because its cheap, bugger whether it gets upgraded, are buying Android. Nobody makes money out of them. Apple makes money, Android often doesn't. Yes, Apple is killing the competition.

    34. Re:Not a problem for iOS. by Skater · · Score: 3, Insightful

      I have an iPod touch, gen 2, which has been stranded. I wish I could get an update on it. but the CPU on it is too old, so they don't support CPU hog IOS5 on it.

      I hear people complaining about this, and I don't get it. Maybe they don't remember the 80s and 90s when your computer was out of date within a few months, and it wasn't long before you couldn't run the newest and greatest software. Today, computers have a much longer lifetime than they did back then. I point this out because that's where we are with these portable computers (iPhones, Android phones, tablets, etc.) - we're still in that early and fast update phase. Early on, each new iteration was leaps and bounds ahead of the prior one, and the pace is only starting to slow down now. The pace will speed up again if and when better battery technology shows up.

      And, frankly, they pushed out updates for the Touch 2nd Gen for quite some time. Don't act like it was abandoned 3 weeks after they released it, because it wasn't. Updates were available for a long time for it.

    35. Re:Not a problem for iOS. by Anonymous Coward · · Score: 0

      RDF mode ON...

    36. Re:Not a problem for iOS. by Anonymous Coward · · Score: 0

      If someone is stupid enough to take a chance at killing themselves for no reason at all, they do deserve to die because their brain doesn't work.

    37. Re:Not a problem for iOS. by sehlat · · Score: 1

      I tested the upgrade to 6 on an iTouch. Stanza blew out after the upgrade when I tried to change my settings, and locked up so hard I had to power down and up again to get the device back.

      I'm in Stanza 90% of the time I'm using my phone and 100% when I'm using the pad. I will NOT upgrade to 6.anything until there's an official release of Stanza that is guaranteed compatible.

      And options that blow out key components are WORSE than useless.

    38. Re:Not a problem for iOS. by Anonymous Coward · · Score: 0

      xcode used to be free. it isn't any more. more significant, it has an onerous developer agreement that I will never agree to.

    39. Re:Not a problem for iOS. by Anonymous Coward · · Score: 0

      Apple made 70% of the mobile handset profit last year, on 20% of the sales. And they became the largest handset manufacturer in the USA, capturing the majority of the sales in the country. It's quick to find if you do a google search.

      So I think they're doing fine.

  9. Stalling? by Anonymous Coward · · Score: 1

    Is this the reason why Google are having such a hard time selling Nexus devices? Are the hardware manufacturer + carriers reluctant to allow teh NExus 4 on the market at "Google prices"?

    1. Re:Stalling? by poofmeisterp · · Score: 0

      Is this the reason why Google are having such a hard time selling Nexus devices? Are the hardware manufacturer + carriers reluctant to allow teh NExus 4 on the market at "Google prices"?

      Well, that and their lack of Flash support.

    2. Re:Stalling? by h4rr4r · · Score: 2

      What lack of flash support?

      Adobe killed flash for all devices post 4.0.

    3. Re:Stalling? by compro01 · · Score: 1

      Hard time selling?

      The only hard times they appear to be having is getting LG to build enough of the things.

      --
      upon the advice of my lawyer, i have no sig at this time
    4. Re:Stalling? by Miamicanes · · Score: 1

      The Nexus One rocked. It was groundbreaking, best of breed, and was unquestionably the best Android device money could buy at any price. Every Nexus since then has been... underwhelming, to put it politely.

      The Nexus S was a joke, and literally WAS "last year's hardware". By the time Sprint got it, it was already obsolete.

      The gNex was a step in the right direction, except they stupidly gave Verizon exclusivity for 6 months & shipped it with a locked bootloader. By the time the gNex hit other carriers, the Galaxy S3 was imminent (and a solid step up hardware-wise).

      The Nexus 4 has a sealed battery, no microSD, steals screen real estate for the buttons, and has an insane glass back that cracks if you drop it more than a quarter inch.

      Are the Nexi good values? Yeah. Are they competition-crushing best of breed devices that decisively take Android to the next level, and instantly render all Android phones that came before them functionally obsolete? Unfortunately, no. Google seems to have decided to settle for "cheap & throwaway" instead of "bully pulpit awesome".

    5. Re:Stalling? by poofmeisterp · · Score: 1

      I thought that's what we were talking about here.

    6. Re:Stalling? by poofmeisterp · · Score: 1

      Misread galaxy s4 as s7. My mistake. Guess misreading makes me a "troll". Yay!

    7. Re:Stalling? by aztracker1 · · Score: 1

      I think the current N4 really does have a good value point (if purchased out of contract from Google)... It's been stable, works well, and a solid performer. I had to wait a while to actually get it though. Other than the back is too slick (solved with a rubberized case), and some gesture keyboard quirks I've been really happy with it. It's my fourth Android phone (first was the G1), and it's the first one I've been happy with the out of the box experience... MicroSD would be nice, but the 16GB is enough for me (I would feel constrained by 8 though). And thankfully it hasn't been like my last phone, would constantly freeze and lock up requiring me to remove the battery. So, knocking on wood, it's been a nice phone.

      I was a pretty big Nokia fan before my G1.. experiencing my contacts sync automagically was eye opening, and sold me on the Android platform.. it irks me how vendors will put their crapware over the top of stock. I wish a lot more was done to keep the hardware drivers compatible between versions of android so updates could go smoother. I do wish people knew there was an option to buy direct from Google... it's been a much better experience for everyone I know who has.

      --
      Michael J. Ryan - tracker1.info
    8. Re:Stalling? by Rich0 · · Score: 1

      My N4 is my first Nexus phone - the last time I was up for one I got a G2 figuring that the CM team would just make it work (a bit of a mistake - with the increase in the number of phones their effort is REALLY diluted and CM hasn't come out with a release on that phone since Gingerbread).

      I'm pretty happy with the N4 despite the flaws you mentioned. I wish Google had more variety on the phone front, but they're at least starting to get that with the Tablets (it remains to be seen if they sustain annual releases in 3 formats though).

  10. The carriers don't care. by getto+man+d · · Score: 2

    If the carriers were what most of us want, i.e. dumb pipes, then we could possibly own our phones and upgrade them in a much easier fashion (so long as the hardware manufacturer is still providing updates).

    Verizon's treatment of the Samsung Galaxy Nexus has been an eye opening experience and I'm still trying to figure out an alternative solution.

    1. Re:The carriers don't care. by h4rr4r · · Score: 1

      The alternative I will be seeking is leaving verizon and buying a GSM nexus as soon as my contract is over.

      Verizon is losing a family plan that is over 10 years old because of this.

    2. Re:The carriers don't care. by Andy+Dodd · · Score: 2

      Solution: Buy from an MVNO that is a dumb pipe. Straight Talk's BYOD SIM plans are proving quite popular.

      Nexus 4 from the Play Store + Straight Talk = device you control hooked up to a dumb pipe.

      --
      retrorocket.o not found, launch anyway?
    3. Re:The carriers don't care. by SiChemist · · Score: 1

      Do you know anyone who uses Straight Talk? I'm out of contract in January 2014 and I'm contemplating buying the newest Nexus phone at that time and switching to Straight Talk. I worry about running over the "secret" 2GB data cap and getting cut off. There is good AT&T coverage where I live and work, so I was planning on buying an AT&T sim from ST.

      --
      God is imaginary
    4. Re:The carriers don't care. by aztracker1 · · Score: 1

      I can't comment on Straight Talk.. but been happy with SimpleMobile (T-Mobile equivalent) with my N4.

      --
      Michael J. Ryan - tracker1.info
    5. Re:The carriers don't care. by Anonymous Coward · · Score: 0

      I have st, I've hit 5gb a few times. After the first 2gb they redirect to a quiz. It asks stuff like do you teather y/n; do you share your sim y/n; yada yada. You just say no to all. Its all automated and your back on. Other then that the service is very nice. I live in a small town and work in small towns around me and i have yet to lose service. If i'm out in the field ( and it just might be a 300 acre corn field) my data might drop to sub t1 speeds but that's the tower i'm on. When I'm closer to a town I hardly see less then 6mbps down 1mbps up. On the few times i'm in Chicago I've seen it go as fast as 15mbps down.

    6. Re:The carriers don't care. by Anonymous Coward · · Score: 0

      Prepaid is an alternative solution. So when the carrier puts a "free" upgrade under your nose are you going to forget all of this or are you seriously committed to being free of your bonds of slavery?

      5gb/$30 - Tmobile's Walmart plan
      2gb/$35 - Virgin's basic unlimited plan

    7. Re:The carriers don't care. by Drathos · · Score: 1

      And when the GSM carriers have crap coverage where you live?

      Believe me, I'd love to leave VZW, but I've got to go several miles away to pick up a signal from AT&T or T-mobile - and I'm not far outside Washington, DC.

      --
      End of line..
    8. Re:The carriers don't care. by h4rr4r · · Score: 1

      They don't in my area.

      I have been to DC, lets see some maps for your claim. I bet you are very far outside DC or mistaken.

    9. Re:The carriers don't care. by Andy+Dodd · · Score: 1

      I know a few of the XDA admins are on ST and love it, and more are hopping over.

      I have yet to talk to a user of their BYOD SIM plans that was unhappy in any way.

      --
      retrorocket.o not found, launch anyway?
    10. Re:The carriers don't care. by SiChemist · · Score: 1

      Thanks for the info! I imagine the XDA guys are pretty heavy data users, so that encourages me.

      --
      God is imaginary
    11. Re:The carriers don't care. by Andy+Dodd · · Score: 1

      Actually, many of us are quite responsible with our data. I don't think any of us support the "I HAVE A RIGHT TO EAT 20GB OF DATA PER MONTH OVER A CONNECTION THAT WASN'T DESIGNED TO HANDLE THAT!" crowd. Let's face it, if you're in that crowd, your days are numbered and few people will have sympathy for you.

      My average monthly usage is around 500MB. I stay on unlimited only because I like having that "safety net" of not getting charged insane amounts if my device flakes out on me.

      --
      retrorocket.o not found, launch anyway?
  11. Separation of Responsibilities by BradleyUffner · · Score: 1

    Android really needs a system where security updates can be delivered outside of entire OS updates. Carries could enjoy their OS lock-in while users still manage to get security.

    1. Re:Separation of Responsibilities by h4rr4r · · Score: 1

      Considering you don't have the device drivers how do you update the phone without them?

      Great you can have security updates and a phone that no longer has a functioning radio or camera.

      Getting the drivers into mainline would be a far better solution.

    2. Re:Separation of Responsibilities by gnoshi · · Score: 1

      I think the parent was meaning that by providing security updates as subcomponents of the OS rather than full OS updates, then the drivers wouldn't need to change (unless the secure issue was in the driver itself).

      However, your point is basically right. If you look over at XDA-developers, a common pattern is that one manufacturer stops providing updates for a device (e.g. Acer A500, for which the last official update was 4.0.x) so Android mod developers have to dig around for other devices using the same chipsets but that received later updates in order to get compatible drivers (for the A500, I believe that is one of the Asus Transformer models).
      Manufacturers have an impetus not to provide major OS updates, because that reduces the differentiators on which they can sell the new model. This does need to be balanced against the reputation cost of having shabby update support (e.g. Motorola received a lot of hate about the Motorola Defy, which was released with a two-version-ago OS, was updated to a one-version-ago OS, and has a locked bootloader so replacing the OS is a pain. This case was particularly bad, because the Motorola Defy+ was released shortly thereafter with the current OS version, and the only difference was the camera and clock speed). Samsung seems to balance this pretty well, HTC so-so, Motorola very poorly.

      If drivers didn't need to be modified between Android versions that would be a big advantage for Android mod developers, and probably for the handset manufacturers as well. Those manufacturers are not even releasing minor updates within a major OS version, though (which don't involve drivers changes, to my knowledge) so the basic issue isn't drivers - it is handset manufacturer retiscence (be it for cost or laziness reasons).

    3. Re:Separation of Responsibilities by Miamicanes · · Score: 1

      > Getting the drivers into mainline would be a far better solution.

      Or at least stabilize Android's kernel ABI so that every new release doesn't break most/all of the loadable kernel modules that shipped with the phone. 99% of the time, the Linux kernel ABI breaks between versions for no particular reason besides "nobody even bothers to try and NOT break it".

      Among some, .ko-breakage is considered a feature and punishment for not open-sourcing drivers. Unfortunately, Qualcomm, nVidia, and Broadcom own the chipset market (for American phones, at least), and no amount of market forces or consumer preferences are likely to make the slightest difference to them, because it's pretty much impossible to make a fully-working American LTE phone without their chips. The overwhelming majority of real changes to successive Android kernels are Google-made, anyway. If Google would just fork Android's kernel once and for all, ignore the mainline going forward (to avoid senseless ABI breakage with every new kernel, possibly attempting to incorporate Linus' latest improvements as faithfully as possible without breaking the ABI), we'd be better off.

  12. Keep it Android! by BobCollins · · Score: 1

    A novel idea! Maybe the carriers could stop f**king with the OS and make it easier to upgrade?

    1. Re:Keep it Android! by idontgno · · Score: 2

      Nonsense. Why would carriers interfere with the current Android upgrade model: Buy a new phone with the current release of Android. And extend your contract at the same time.

      The ACLU is complaining that the carriers are allowing the shackles to get all rusty and dangerous and uncomfortable, but they're not arguing for an Emancipation Proclamation: they just want the handcuffs to be adjusted and replaced regularly.

      --
      Welcome to the Panopticon. Used to be a prison, now it's your home.
    2. Re:Keep it Android! by sehlat · · Score: 1

      You forget one thing: the carriers want to customize their brands so they can brand their customers.

      It doesn't matter whether it's the flying-A, the rocking-S, or the lazy-V, they still want their cattle branded.

    3. Re:Keep it Android! by MBCook · · Score: 3, Insightful

      If they don't tinker with the OS, how are they supposed to add value?

      Why, with what you're suggesting, they would just be commodity dumb pipes. When has a phone company ever admitted that?

      --
      Comment forecast: Bits of genius surrounded by a sea of mediocrity.
    4. Re:Keep it Android! by AmiMoJo · · Score: 4, Informative

      The real problem is that customers in the US get completely and utterly screwed by the carriers. Really, you guys take it hard in the arse and pay though the nose for the privilege.

      In the UK you can get a phone on contract from a third party. You get the same contract deal as you would going directly to the carrier, although often for £5/month less. The phone is unlocked and unbranded, you get updates directly from the manufacturer and no pre-installed carrier crapware. There are some good deals on offer too, for example 3 do a really unlimited data plan. A friend of mine runs Android uTorrent on it.

      Regulation has delivered this for us. It is really easy to switch provider and take your number with you. Contract terms are heavily regulated to make sure they are fair and reasonable. It isn't perfect by a long way but it saves us from the rip-off hell that the US mobile market suffers from.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    5. Re:Keep it Android! by Anonymous Coward · · Score: 0

      ...and in places like central London, you can barely walk 10 yards without tripping over a shop that does phone unlocking. I'm glad I'm not in the land of the "free" ;-)

  13. Perfect. by poofmeisterp · · Score: 1

    Engineers are usually focused on the current version, and devices that are coming out in the next year.

    So what you're saying is that it's absolutely PERFECT for the wireless industry, eh? Keep people wanting the future product that you have to buy before the end of your contract!

    I wish I were joking.

  14. Cyanogenmod by vlm · · Score: 3, Interesting

    Whenever Google updates Android, engineers have to modify it for each phone, chip, radio card that relies on the OS. Hardware vendors must make a unique version for each device and they have scarce resources

    How come the cyanogenmod people do a better job than everyone else in the industry?

    I just upgraded a LS670 last weekend to cyanogenmod. CM9 if I recall. Its faster, looks better, more features, MUCH newer which would imply fewer holes, overall quite a massive improvement over stock. It no longer has cell service, I'm using this phone as a wifi microtablet, quite happily.

    --
    "Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
    1. Re:Cyanogenmod by Anonymous Coward · · Score: 0

      I'm using this phone as a wifi microtablet, quite happily.

      Yeah, og droid plus CM7 is my kitchen pandora source. $30 from ebay incl 16gb card! Even better deal than my brown Zune (which I still use, for the FM radio mostly).

    2. Re:Cyanogenmod by MonsterTrimble · · Score: 1

      The big issue I have with Cyanogenmod is the fact that it can be very difficult to do right and you risk bricking the phone by doing it.

      My wife has a LG Optimus 3D (LG Thrill 4G for those of you stateside) and the last update she received upgraded her from 2.2 to 2.3.5, which was a brutal abortion of a release. Bugs everywhere and eats battery life to beat hell. After researching it throughly I decided against doing anything to it because I had to root it, then make sure I had a kosher set of files and upgrades on it first, then install CM. Frankly, she lives on the thing and if I screw it up I'm dead.

      Don't get me wrong, I think the people behind CM are brilliant and I have nothing but kudos for them, however the lack of a good installer stops me from taking the plunge.

      --
      I call it 'The Aristocrats'
    3. Re:Cyanogenmod by h4rr4r · · Score: 1

      Nearly no phone can actually be bricked. Absolute worst case you boot into recovery and flash another zip.

      For what device is installing Cyanogenmod difficult?
      From your description not that one.

      There can't be a "good" installer, that would require the device company to play along. There is nothing they could do to make it easier for you.

    4. Re:Cyanogenmod by Anonymous Coward · · Score: 0

      The big issue I have with Cyanogenmod is the fact that it can be very difficult to do right and you risk bricking the phone by doing it. Don't you mean: The big issue I have with the carriers locking down the phones is the fact that they force upgrading to any other OS very difficult to do right and you risk bricking the phone by doing it.

    5. Re:Cyanogenmod by Anonymous Coward · · Score: 0

      No, I'm sorry, but it's next to impossible to brick a phone.

      I've tried. Like seriously screwed some stuff up. Flashed the ROM for one model to an entirely different model. I got the thing so it wouldn't even turn on.

      But, hooked it up to a PC and was able to recover the thing entirely.

    6. Re:Cyanogenmod by Anonymous Coward · · Score: 0

      How come the cyanogenmod people do a better job than everyone else in the industry?

      They do almost no testing. ROMs are more like the experimental builds that would normally be the input into multiple rounds of validation testing. You routinely see ROM releases with a note that says "Bluetooth isn't working, sorry. Maybe we'll fix that later." ROMs get away with it because they're run by volunteers and ROM users accept that the price of getting the latest and greatest technology is being a guinea pig. Carriers can't put out a release like that to paying customers.

    7. Re:Cyanogenmod by Anonymous Coward · · Score: 0

      For what device is installing Cyanogenmod difficult?

      How about the ones where there's no proper release? There's a set of phones that is very difficult to install CM on.

      Happened to buy a phone six months ago at launch that didn't take off? Too bad... You're stuck with buggy roms, or ancient firmware...

    8. Re:Cyanogenmod by MrNiceguy_KS · · Score: 1

      Nearly no phone can actually be bricked.

      In most cases, you're right. I do know that the Samsung Epic 4G Touch has a bug that can permanently brick your phone. Not "brick" as in, "reboot into download mode and re-flash," but rather "brick" as in, "your phone will never be usable again". XDA Developers even have a thread, How not to brick your E4GT At this point, it's well documented as to how to avoid the problem, but if you come to the Touch from a different Android phone and you just jump in and start flashing ROMs, you might end up with an expensive paperweight.

      --
      Redundancy is good And also good.
    9. Re:Cyanogenmod by Anonymous Coward · · Score: 0

      actually, cm has a full hardware compliance rule for any device that is official (at the nightly build stage or further). sounds like you are describing early ports which have been released by a random developer...

    10. Re:Cyanogenmod by Rich0 · · Score: 1

      CM is obviously great, and it is even better for the price.

      However, it isn't available for all devices, and because of the large number of devices these days it seems like many devices only have one or two devices. My previous phone was a G2 and CM never got past Gingerbread despite a 3rd party mod being sort-of working with Jellybean. Their quality control is better than the average mod, but isn't really up to professional standards. When a build that just came out of the compiler is released the same day as "stable" they can't have any kind of formal quality process. The definition of stable is not that it works, but that it hasn't changed recently - something lost on CM (they could learn a lot from projects like Debian/etc).

      So, with CM you're often stuck with stable releases that are a year or more old (few phones have stable Jellybean releases still) or nightlies that have no particular quality reputation whatsoever.

      Your best bet is a Nexus, but my Nexus 10 is pretty glitchy and of course there is no stable CM release for it.

      I can't complain since it is free, but I'm not going to call CM the magic bullet either.

  15. Doesn't matter on rooted phones by bobthesungeek76036 · · Score: 1

    I have ClockworkMod Recovery and it's a royal pain to update the OS. AT&T pushed an update to my Skyrocket a few months ago and I haven't updated yet because of it. And the whole re-rooting afterwards...

    --
    Karma: Bad
    1. Re:Doesn't matter on rooted phones by h4rr4r · · Score: 2

      Why not just flash a new ROM instead of using the OTA update?

      If you wanted to use OTAs, why flash Clockwork at all?

  16. (PLUS ONE INFORMATIVE) by Anonymous Coward · · Score: -1

    for *BSd becTause

  17. Insecure is insecure? by unp · · Score: 1

    I'm shocked that an easily rootable platform such as Android has security holes...

  18. Unexpected? by DogDude · · Score: 1

    How is this unexpected? Unlike Apple phones and Microsoft phones, Android are a mishmash of some open source stuff, and some carrier specific stuff. This is part of the reason that I, at least, went with a MS Phone, instead of an Android phone. It reminds me of Linux: the core of it may all be the same, but by the time you slap all kinds of custom stuff on top of it, every single version is essentially different from every other version, and compatibility goes down the drain. So of course the carriers are going to be very delayed in updating everything: they have to juggle multiple versions of "Android" phones, and each update has to be tested and customized for each version. There IS a downside to the wide amount of customization that Android allows. Apple and MS phones, on the other hand, are true walled gardens, so they're much easier to update.

    --
    I don't respond to AC's.
    1. Re:Unexpected? by Microlith · · Score: 3, Informative

      Nonsense.

      The core problem with Android is a core problem with ARM, namely that all of the nice plug-and-play stuff that lets a single kernel, and thus an Ubuntu live CD, boot on many systems doesn't exist in ARM. So each handset has to have the kernel adapted to it. And since this adaptation has to be done for every kernel Google releases, the handset vendors get lazy particularly as the kernel moves on and leaves their older, out of tree drivers behind.

      This has little to nothing to do with regular Linux distros because compatibility across them is actually quite good and as of Jellybean there is nothing other than the kernel in Android that is used by other open source projects.

      That they fail to push security fixes, let alone new Android versions, is because they just don't give a fuck.

  19. Too many phones! by HRbnjR · · Score: 1

    The problem is Android phone manufacturers, rooted in traditionally consumer electronics oriented companies, are pumping out far more models than they could ever hope to provide adequate support for, as they aren't used to actually having to provide long term support for anything. This is one area they could really learn something from Apple, whose home computer roots have taught them what's involved with proper support. As consumer electronics get smarter, you're gonna see the same types of problems from everything these guys produce... next up, smart televisions. Those companies would have us just throw these perfectly good older devices away, and upgrade to a new ones, but I don't think consumers much like that idea - or at least, I know I don't.

  20. Latest but not greatest by Impy+the+Impiuos+Imp · · Score: 1

    "Hardware vendors must make a unique version for each device and they have scarce resources."

    Google, Samsung, and Verizon have scarce resources? Are earning little from this? Bitch, please x2

    --
    (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
  21. This is one of many reasons why by erroneus · · Score: 3, Insightful

    In previous comments related to carriers and phones, I stated that I am done with carrier games.

    I am done with carriers selling me "discounted" phones which are actually far over-priced when required and unwanted data plans are added to the mix. I am done with carriers and their spyware and bloatware. I am done with carriers controlling the obsolesence of my device by providing late updates or failing to update them at all.

    Long ago I recognized the potential for security issues which predictably would not be managed by the carriers well or at all.

    Apple has it easier and it was by design. There are fewer models of iPhone so everyone is happier. Users know what they've got. The accessory makers are better guaranteed sales of mass produced products. Apple's carriers don't get to corrupt the iPhone and therefore there is more sanity when it comes to user concerns like bugs and security.

    I have a Google Nexus. Not quite my ideal phone, but less expensive than unlocked/unbranded Samsung Galaxy S3. It is more likely to get updates and fixes and within my power to install and use custom ROMs.

    Carriers care more about themselves than their customers. It is clear and evident. Why keep hoping and demanding that they care? Know them for what they are and respond.

  22. No cash, no updates by Anonymous Coward · · Score: 0

    For Android, updates only come with phone contracts.

    So, if you buy a wifi Android device (similar to an iPod Touch), how do you get updates?

    Answer: You don't. There is no business model for updating that kind of device.

    Discuss.

  23. not so fast by Charliemopps · · Score: 1

    Usually, that’s not often because the hardware vendor has thin [profit] margins. Whenever Google updates Android, engineers have to modify it for each phone, chip, radio card that relies on the OS. Hardware vendors must make a unique version for each device and they have scarce resources. Engineers are usually focused on the current version, and devices that are coming out in the next year.

    That's pretty funny, because there's a small group out there that manages to provide nightly updates for almost EVERY PHONE ON THE MARKET for free... http://get.cm/?type=nightly

    It seems to me like a carrier could simply let you switch to CM10 and get your updates from them as long as you agree that their updates are your problem and not the carriers... oooh... wait... the problem isn't updating Android... the problem is updating all their adware revenue bullshit to work with android, not the OS. I forgot. Sorry!

    1. Re:not so fast by Anonymous Coward · · Score: 0

      That's pretty funny, because there's a small group out there that manages to provide nightly updates for almost EVERY PHONE ON THE MARKET for free...

      Wow. 50 phones equals every phone on the market. Fail.

  24. But wait - now how much would you pay? by cyanman · · Score: 2
    The phone maker gets their profit from selling new phones. Updating your phones OS to a new version cost them money and delays your purchase of a new phone. How much effort would you put into raising your cost while costing yourself future revenue? The carrier makes money by locking you into a longer contract term. Often those new terms are at more $$ per month which happens when you buy a new phone. Updating your phone to a new version delays your commitment to a new contract term. I'm perfectly happy with my 3 year old android, especially since I updated it myself via an xda-developer ROM. But what if the manufacturer/carrier said "You want Gingerbread? Give us $20. You want Jelly Bean? Give us another $20. You want Key Lime? Give us another $20." They get cash in hand, you get renewed life on your phone.

    Are you in?

    1. Re:But wait - now how much would you pay? by trparky · · Score: 1

      Yes, if it was $20 I would pay that. Hell, I've donated that much money to many developers over on RootzWiki for various ROMs and kernels.

  25. Google doesn't get it right by fedorowp · · Score: 1

    First, stating the obvious - Google acquired Android.

    This means even Google cannot get it right.

    The CyanogenMod community puts a lot of hard work into trying to support old models, but Google/Motorola will not release the information on how to unlock the bootloader.

    Most modders view this as a serious hit to Google's "no evil philosophy".

  26. Slightly worse cycle than that by AlienSexist · · Score: 1

    It is more than just Google Android OS -> Phone Manufacturer but also then on to the Cell Carrier. Yes a new Android OS rolls out, and yes the Phone Manufacturer has to tweak drivers and what not. But after that the Cell Carrier then tries to splice on their apps other misc. clutter. This 3-phase pipeline is just murder for delivery. At each transition there is pushback. There had been, for example, discussion on the Droid BIONIC forums on how Verizon rejected a build from Motorola (for ICS) due to "poor quality."

  27. Great timing... by detritus. · · Score: 1

    Right when there's new DMCA rules that don't allow you to jailbreak your phone. Yet, if a carrier refuses to patch their phones, one can't legally load a new firmware on it, right?

    1. Re:Great timing... by BradleyUffner · · Score: 1

      Right when there's new DMCA rules that don't allow you to jailbreak your phone. Yet, if a carrier refuses to patch their phones, one can't legally load a new firmware on it, right?

      Wrong. These are 2 separate issues. The new rules only apply to carrier unlocking, not to jail-breaking, rooting, or custom firmware.

  28. Devil His Due by ThatsNotPudding · · Score: 1

    If an update bricked a phone and the owner died because even 911 wouldn't work, the carrier would be saddled with a slam-dunk loser case that would cost them at least $50 million dollars in settlements, fines, and legal fees.

    1. Re:Devil His Due by Skater · · Score: 1

      ...and yet, Apple updates their devices frequently.

    2. Re:Devil His Due by cynyr · · Score: 1

      counting the iPad, apple has what? 6 hardware models that they keep supported at any one time? How many has samsung had in that time? HTC? Heck even nokia has had more than that. Now I am counting the 4 and 4S as different, when they weren't really.

      Also Apple has had the ability to stand up to the carriers in the US. There are a few versions of the Samsung Galaxy S3 in the wild. I think it is at least 3.

      --
      All of the above was encrypted with a Quad ROT-13 method. Unauthorized decryption is in violation of the DMCA.
  29. Responsibility... by pev · · Score: 1

    This is very interesting in the context of the recent US ban on unlocking. As I understand it, the argument for banning unlocking has to do with the carriers wishing to retain at least partial ownership over your handset. As such, surely they're responsible for security implications? However, they're never keen on the effort involved in keeping older devices secure (which is more of a new threat in the age of android smartphone than it was on older proprietary non-app, non-data handsets).

    So what happens when the handset is still in use but old enough that the carrier can't be bothered to support any more? Will they be faced to take responsibility for security issues? I don't know the average expected life of phones these days but I expect that a couple of years ties in with max contract length so is likely to be the support period.

    In the UK, the sale of goods act covers the quality of goods sold and they must be "sufficiently durable" - if you can prove the manufacturers goods aren't up to snuff they have to fix them for you. Certainly in a phone I'd expect that leaving a known security hole with no patch should fall into this remit. And how long do the goods need to be "sufficiently durable"? Six years. That could prove a major headache here at least. I'm not sure what equivalent consumer protection laws there are in the US that could cover the same eventualities?

  30. What Firefox OS Does by caspy7 · · Score: 1

    This separation is what Firefox OS does actually.
    There is the lower level linux kernel/Gonk layer and then Gecko running on top of that. So Gecko can be patched with small over-the-air updates (these may come straight from Mozilla). Either way the burden on a carrier would be notably less.

    As a bonus Gonk is based on the same code Android uses, so if a carrier wants to port Firefox OS onto Android compatible hardware it should be relatively easy.

  31. Why trust this guy by Anonymous Coward · · Score: 0

    > they have scarce resources

    If he said that he can't have any idea what's actually going on. I mean, the US wireless carriers are practically printing money. The fact that they don't update phones has a lot more to do with the fact that they're completely incompetent and most decidedly evil.

  32. stock android by CosaNostra+Pizza+Inc · · Score: 1

    They should only be selling phones as stock Android if the carriers are unwilling to manage changes whenever a security update or new version of the Android OS is available.

  33. Kool Aid Drinkin' Fool by Anonymous Coward · · Score: 0

    But ... it's OPEN!

  34. Why I dumped Android by malchus842 · · Score: 1

    And this is exactly why I threw in the towel on Android. Two reference phones, bought unlocked, were abandoned. After the second one, and seeing my daughter's ancient iPhone 3GS continue to receive updates, I bought an iPhone 5. Perfect world? No. But I do get regular updates and it works with my iTunes/Apple TV. None of the phones worked perfectly in my Ford with SYNC, but sending text messages is limited to feature phones (reading on the iPhone was added in the latest Ford software update). Smartest thing Apple did was maintain control of updates.