Google's 'Project Treble' Could Lead To Faster Android Updates (arstechnica.com)

← Back to Stories (view on slashdot.org)

Google's 'Project Treble' Could Lead To Faster Android Updates (arstechnica.com)

Posted by BeauHD on Saturday May 13, 2017 @06:49AM from the vendor-interface dept.

Thelasko quotes a report from Ars Technica: Ahead of Google I/O, Google has just dropped a bombshell of a blog post that promises, for real this time, that it is finally doing something about Android's update problems. "Project Treble" is a plan to modularize the Android OS, separating the OS framework code from "vendor specific" hardware code. In theory, this change would allow for a new Android update to be flashed on a device without any involvement from the silicon vendor. Google calls it "the biggest change to the low-level system architecture of Android to date," and it's already live on the Google Pixel's Android O Developer Preview. This is not a magic bullet that will solve all of Android's update problems, however. After an update is released, Google lists three steps to creating an Android update:

1. Silicon manufacturers (Qualcomm, Samsung Exynos, etc) "modify the new release for their specific hardware" and do things like make sure drivers and power management will still work.
2. OEMs (Samsung, LG, HTC) step in and "modify the new release again as needed for their devices." This means making sure all the hardware works, rebranding Android with a custom skin, adding OEM apps, and modifying core parts of the Android OS to add special features like (before 7.0) multi-window support.
3. Carriers add more apps, more branding, and "test and certify the new release."

66 of 83 comments (clear)

Min score:

Reason:

Sort:

That's nice but... by Aighearach · 2017-05-13 06:56 · Score: 4, Interesting

More and more I just want a mobile linux device that isn't android and isn't easy/consumerified and just has mobile data and I can use SIP or other IP-phone.
What I don't need is for my mobile device to update more often! What I need is for it to want updates less often.
I don't want new features unless there is hardware that is finally small enough to be mobile. And when it happens, I want it to use one of the existing computer interface paradigms.
1. Re:That's nice but... by rickb928 · 2017-05-13 07:29 · Score: 1
  
  Ah. So you don't want a phone.
  
  --
  deleting the extra space after periods so i can stay relevant, yeah.
2. Re:That's nice but... by Cmdln+Daco · 2017-05-13 13:19 · Score: 1
  
  I would pay a little bit extra for a 'smartphone' that didn't have any kind of telephone functionality, if it had somewhat enhanced 'pocket computer' functionality.
  I could buy a TracPhone for my telephone needs and spend about $100 a year for it.
3. Re:That's nice but... by rtb61 · 2017-05-13 13:59 · Score: 1
  
  Well, yeah, that is exactly correct. When I bought my first and still only smart phone a note 3, I wanted all the other things other than mobile phone service. A stylus because manly fingers get in the way, a bigger screen because older eyes, expandable storage (don't have to fuss with stored images and video, just keep adding it), a user removable battery because I am not a gullible fool to be sold a scam, satnav, camera, video recorder and the phone bit well that is just a chip. To be honest I want to make calls but not receive them, I tend to turn off the phone when I am not using it or leave it in another room, with the door closed.
  
  --
  Chaos - everything, everywhere, everywhen
4. Re:That's nice but... by GNious · 2017-05-13 21:12 · Score: 1
  
  Every time I see these, I reply: Tried Jolla?
5. Re:That's nice but... by KiloByte · 2017-05-14 00:01 · Score: 1
  
  Aye, especially a keyboard and a sane operating system are a must. You'd have to go over my dead body to take away my N900, even though it's getting really long in the tooth (like, no usable graphical browser: MicroB can't handle any SSL anymore, modern browsers can't run in 256 total RAM with only ~100ish left after Nokia's crap), but is good enough that sometimes I do several hours long hacking sessions in the bed without even bothering to get to the big computer a few meters away.
  Neo900 is an expensive piece of vapourware with ancient specs. Keyboard attachments for Android dumbphones are useless. Proper replacements are also vapourware (Pyra, Minotaur One. I've gambled $380 for a Gemini, but there are doubts even whether they'll deliver, chances for a proper mainline kernel rivallling those of a snowcone in hell.
  
  --
  The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
6. Re:That's nice but... by Aighearach · 2017-05-14 05:45 · Score: 1
  
  No, people don't actually try vaporware, they just refer to it on the internet as if it is a thing.
7. Re: That's nice but... by rickb928 · 2017-05-14 11:58 · Score: 1
  
  Mobile device.
  SIP.
  This could be my desktop Avaya phone. Or my Nexus 7 tablet.
  
  --
  deleting the extra space after periods so i can stay relevant, yeah.
8. Re:That's nice but... by GNious · 2017-05-16 07:20 · Score: 1
  
  Shit, you're telling my phone is vaporware? ...explains why no-one calls :(
9. Re:That's nice but... by Aighearach · 2017-05-17 14:59 · Score: 1
  
  I don't doubt you somehow received one, or maybe you live in a small country where it is sold. It is not a thing that is available to the public for purchase, however.
  Which is a rather important detail if you "always" are trying to advertise for them.
10. Re:That's nice but... by GNious · 2017-05-17 18:53 · Score: 1
  
  You mean the small "country" of Europe, where it was readily available via Jolla's online store? Or India, where Intex sold a Sailfish device named Aqua Fish? Or whatever country Amazon.com covers, since a quick googling says the latter is available there (might be trolls) ?
  Look, I get it, you're sad you missed out on getting one, or perhaps live in a country too hostile for Jolla to release their product in, but if it was released, with 3 different devices running SailfishOS, 2 of which were generally available (Jolla C was limited), calling it vaporware is a biiiit of a stretch.
  If you know any nerds, perhaps get a Sony Experia phone, and install SailfishOS on it? Dunno how far along it is, but apparently it's a thing : https://jolla.com/wp-content/u...
11. Re:That's nice but... by Aighearach · 2017-05-18 07:13 · Score: 1
  
  Keyword might have been "was."
  Check if there "is" and online store, or if it "is" available on Amazon.
  And no, Europe isn't a country.
  Also, a sony phone running SailfishOS is not a Jolla phone, it is a Sony phone.
  I didn't "miss out" at all, if you actually read what I said I was looking for you'd understand that "limited time only" is not a commodity phone. It is exactly the same as any other proprietary crap-ware. I never said I'm interested in a new proprietary OS based on linux that is running on proprietary hardware. What I want is regular embedded linux, on generic commodity hardware.
  With that many absurd factual mistakes, I'm not going to read past your claim that I'm not a nerd. Next time, when you google something, remember: if you didn't follow the links, you don't even know what they say. As you admit, you might have just read the titles of documents written by trolls. Or, just didn't look at the dates of the documents.
Tagalog rendering by Okian+Warrior · 2017-05-13 06:59 · Score: 1

More and more I just want a mobile linux device that isn't android and isn't easy/consumerified and just has mobile data and I can use SIP or other IP-phone.
What I don't need is for my mobile device to update more often! What I need is for it to want updates less often.
I don't want new features unless there is hardware that is finally small enough to be mobile. And when it happens, I want it to use one of the existing computer interface paradigms.
Yes, but KB0337827328 fixes the Tagalog rendering issue!
That's been on our books for years now, and it's something you want!
1. Re:Tagalog rendering by FatdogHaiku · 2017-05-13 10:25 · Score: 2, Funny
  
  Hey, I have the Tagalog language installed on my Android...
  I tried to install that repeatedly and all that happened was a girl scout brought a wagon load of cookies to my door and said I owed $1300...
  
  P.S.
  Now my phone has chocolate and peanut-butter all over it!
  
  P.P.S.
  Totally worth it though...
  
  --
  You have the right to remain sentient. If you give up the right to remain sentient, you will be elected to public office
2. Re:Tagalog rendering by ChunderDownunder · 2017-05-13 14:16 · Score: 1
  
  If you're Filipino, then yes.
  Why should US English be the only consideration of a multinational company?
3. Re:Tagalog rendering by KiloByte · 2017-05-13 23:39 · Score: 1
  
  Why should US English be the only consideration of a multinational company?
  Because I have yet to see a project, proprietary or free, translate a non-trivial piece of software in a way that doesn't make a native speaker wonder "what the hell this means?" for 2/3 or more menu entries/etc.
  
  --
  The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
4. Re:Tagalog rendering by hungba193 · 2017-05-15 14:06 · Score: 1
  
  I could buy a TracPhone for my telephone needs and spend about $100 a year for it. nhom kinh tay ninh quang cao tay ninh
If I am correct... by ebrandsberg · 2017-05-13 07:04 · Score: 4, Interesting

This will allow third party ROMs to be built and released for nearly every phone much more easily. I envision the golden age of customized ROMs on the way.
1. Re:If I am correct... by swillden · 2017-05-13 13:03 · Score: 2
  
  This will allow third party ROMs to be built and released for nearly every phone much more easily. I envision the golden age of customized ROMs on the way.
  It will make ROMs much easier for devices that have unlockable bootloaders (note that bootloader unlocking is completely different from carrier unlocking). But at the same time, SELinux, verified boot and other platform security improvements are making it much harder to find exploitable vulnerabilities that allow rooting/modding of phones that aren't unlockable by design.
  If you want to be able to use custom ROMs, be sure to buy a device with an unlockable bootloader. All devices sold by Google are unlockable, out of the box. Other OEMs sell unlockable "developer edition" devices, but you have to be sure that you're getting the right one... and generally this means not buying a device from a wireless carrier.
  
  --
  Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
2. Re:If I am correct... by unrtst · 2017-05-13 13:06 · Score: 1
  
  now that phones are not subsidized with contracts ...
  Where is that? In the US, the primary way the big carriers sell phones these days is via a multi-year lease type of thing (get the phone for $0 down today, and only $35/month for 18 months... which works out to a bit more than retail cost). The other way is via things like iPhone forever, where you get the newest version of the device every year, and you pay a monthly fee for that.
3. Re:If I am correct... by amxcoder · 2017-05-13 17:57 · Score: 2
  
  These lease options are not subsidized like they used to be. You used to be able to get your choice of the latest flagship phone for somewhere around $100-$200 down, and no 'visible' payments after that, and you renewed a new 2-year contract with that purchase. AT&T had the 'New every two' program, that let you get a new subsidized phone every 2 years as long as you signed up for another 2-year contract. Other carriers had similar programs. If you didn't want the latest flagship, you could usually opt to get last years flagship at almost $0 extra cost.
  
  Of course, they were getting their money out of you for the phone, but it wasn't a specific lease that was tied to the phone. If you didn't get your new phone, your monthly bill was still the same price, so you were probably better off to get the new phone, as at least you got a new phone for the price you paid, vs. paying the same monthly price and not getting a new phone. This was considered 'subsidized', because you got a $600 phone for $200.
  
  All the carriers stopped doing that now, and now it's a payment program like you mentioned. You can get a new phone, but your bill goes up by ~$30-40 /mo for set period of time, and when your phone is paid off, that charge goes away. It's separated from the mobile plan charges now. If you buy your own phone outright, your bill will be less than if you lease a new phone from them. These programs are not considered 'subsidized' because you are paying the full amount of the phone (or more). This is closer to financing your phone (or maybe open ended leasing depending on some of the terms).
4. Re:If I am correct... by Lennie · 2017-05-13 19:55 · Score: 1
  
  All the carriers stopped doing that now
  didn't the US make a law ? If so I would be surprised any carrier would go against that. :-)
  
  --
  New things are always on the horizon
5. Re:If I am correct... by lexman098 · 2017-05-15 04:50 · Score: 1
  
  Good thing too since they still haven't released Xposed for Nougat.
PR spin? by Anonymous Coward · 2017-05-13 07:12 · Score: 2, Interesting

Is it just me, or did Google's PR team just announce a hardware abstraction layer and everybody went nuts?
1. Re:PR spin? by Cmdln+Daco · 2017-05-13 13:22 · Score: 2
  
  I was building modular device drivers on my Linux kernel back in the 1.2.13 days. That was a long while ago.
  It isn't a Microkernel design. I can run Minix if I want that.
2. Re:PR spin? by ChunderDownunder · 2017-05-13 14:19 · Score: 1
  
  Google will dump Linux for Magenta as soon as ART and Google Play have been ported.
  Expect 'Android 10' to be merely a skin on top of Fuchsia OS.
Moving forward only, obviously... by Anonymous Coward · 2017-05-13 07:15 · Score: 2, Insightful

So, what will this do for the Android 4.2, 4.4 and 6.0 tablets I already own and are stuck at those versions? Do they continue to be abandonware?
If Google tells me I just need buy one more tablet, and it'll get system updates, "for real this time, no matter what the hardware manufacturers say or do", they can go fuck themselves. I'm done with Android.
1. Re:Moving forward only, obviously... by Jamu · 2017-05-13 07:26 · Score: 1
  
  Yup. If they can't provide updates for their own stuff, I doubt this will lead to updates for third-party stuff.
  
  --
  Who ordered that?
2. Re:Moving forward only, obviously... by demonlapin · 2017-05-13 16:12 · Score: 2
  
  I've held out against getting an iPhone for years now, but I'm pretty sure I'm going to go to the 8 when it comes out. Nexus 6P is a decent phone, and I really do prefer the Android way of doing things, but the fact that Google is killing upgrades at exactly the two-year mark on a flagship phone is bullshit.
3. Re:Moving forward only, obviously... by ChunderDownunder · 2017-05-13 19:39 · Score: 1
  
  Nexus devices fetch a reasonable price on ebay for community modders content to run Lineage OS (or equiv) on flagship hardware from 2 years ago.
  Bye bye vendor support and 'stock' though.
The proposal is way simpler than the summary! by enriquevagu · 2017-05-13 07:40 · Score: 1

Somehow the summary only presents the problems of the current situation (pre-project treble), instead of summarizing the key ideas of the proposal (which is very interesting, by the way). Some excerpts from the link that would help understand:
Project Treble aims to do what CTS [Compatibility Test Suite (CTS), more than a million tests to validate API compatibility] did for apps, for the Android OS framework. The core concept is to separate the vendor implementation — the device-specific, lower-level software written in large part by the silicon manufacturers — from the Android OS Framework.
This is achieved by the introduction of a new vendor interface between the Android OS framework and the vendor implementation. The new vendor interface is validated by a Vendor Test Suite (VTS), analogous to the CTS, to ensure forward compatibility of the vendor implementation.
1. Re:The proposal is way simpler than the summary! by ColdWetDog · 2017-05-13 08:24 · Score: 1
  
  Ah, a hardware abstraction abstraction layer.
  Yet Another Abstraction layer?
  It's layers all the way down?
  
  --
  Faster! Faster! Faster would be better!
2. Re:The proposal is way simpler than the summary! by Marxist+Hacker+42 · 2017-05-13 08:46 · Score: 1
  
  Yep. That's exactly the conclusion I came to.
  
  --
  SJW: a person who perceives an injustice, and while correcting it, commits a greater injustice.
3. Re:The proposal is way simpler than the summary! by Lennie · 2017-05-13 20:02 · Score: 1
  
  A smartphone is a computer and it's layers/abstractions all the way down, it's always been that way.
  This actually doesn't sound like an abstraction, this looks more like:
  on this layer, these APIs are for you to update and these APIs are for us to update.
  
  --
  New things are always on the horizon
4. Re:The proposal is way simpler than the summary! by Marxist+Hacker+42 · 2017-05-14 00:50 · Score: 1
  
  It hasn't always been that way. Sound on the Apple IIe was accomplished by reading a certain memory location that was physically wired to a speaker, very very fast.
  
  --
  SJW: a person who perceives an injustice, and while correcting it, commits a greater injustice.
Re:Google is removing Step 1... by jonwil · 2017-05-13 08:34 · Score: 1

What needs to happen is to remove step 3 from the picture. Take control of Android devices away from carriers and do what Apple does and have OEMs (including Google with its own-branded phones) be 100% responsible for updates.
Plenty of times where an OEM has released an update but carriers (making up some BS excuse but who really just want you to buy a new phone) refuse to update their branded devices (or take months to actually follow the OEM with an update)
What's the difference? by theshowmecanuck · 2017-05-13 08:48 · Score: 4, Insightful

If the vendors like Samsung... like SAMSUNG... don't want to role out Android updates in a timely manner, you still won't get them in a timely manner. Or ever.

--
-- I ignore anonymous replies to my comments and postings.
Welcome to Agile. Prepare to get fucked. by Anonymous Coward · 2017-05-13 09:15 · Score: 1

So, basically, Google is going to push Agile updates on everyone, and turn the userbase into alpha testers instead of just beta testers.
I can't wait.
too many layers, won't change a thing by swschrad · 2017-05-13 09:41 · Score: 1

nice that it's modular. sucks that the phone maker, chipset foundry, and carrier are still in the mix, because they don't move an inch on old phones they no longer make. so, great effort and cost for nothing. sorry, still as stiff as Gargoyle on updating.

--
if this is supposed to be a new economy, how come they still want my old fashioned money?
The Kernel GPL by simpz · 2017-05-13 09:58 · Score: 1

I Wonder what this means in the kernel.
But a shame as this would seem to remove a lever to help push hw vendors to GPL their drivers.
Why don't Google push vendors to open source if they want to be part of Android. Which is a pretty big stick.
1. Re:The Kernel GPL by tepples · 2017-05-13 13:51 · Score: 1
  
  Probably because the cellular radio standards are subject to royalty-bearing software patents, and one of the GPL's reasons for existence in the first place is to prevent royalty-bearing software patents from harming the Free World.
2. Re:The Kernel GPL by Lennie · 2017-05-13 20:08 · Score: 1
  
  "cellular radio standards are subject to royalty-bearing software patents", aren't those just part of the base band processor ?
  That would not impact anything of the rest of the phone.
  Also it's not only the patents, also the laws and regulations which restrict what you can do.
  
  --
  New things are always on the horizon
3. Re:The Kernel GPL by tlhIngan · 2017-05-13 21:14 · Score: 1
  
  I Wonder what this means in the kernel.
  But a shame as this would seem to remove a lever to help push hw vendors to GPL their drivers.
  Why don't Google push vendors to open source if they want to be part of Android. Which is a pretty big stick.
  First off, the reason Android is Apache and not GPL is simple - no hardware vendor in the world would bother with Android if it was GPL. If they did, Linux would be completely popular and available for all SoCs out there. (No, they aren't. And our company produces Linux BSPs for Qualcomm SoCs based on the Android releases. They lack a lot of features because none of the stuff is open-source. So stuff like Camera barely work, if they work at all.).
  Hardware vendors don't like the GPL. They love Android though because it isn't GPL and they can do a lot of their "secret sauce" stuff as non-open-source code. GPU drivers, camera drivers, even things like sensors and GPS often have a lot of proprietary bits to them, and they don't want the hardware accelerated portions of such exposed.
  Qualcomm makes it their business to have some of the best cameras in the business. Sure they use the same commodity sensor, but the real magic is in the image signal processor (ISP). In there it corrects for flaws in the sensor (gamma correction, lens correction, etc) to extract the best possible image out of a commodity sensor. Then there are blocks that process the image doing the 3As (auto exposure, auto white balance, auto focus) with the sensor. And naturally, all that is highly proprietary secret sauce stuff Qualcomm does to promote their chips. You can bet they aren't going to give any of the design of that away with the GPL, nor the more convenience functions like face detection, smile detection, etc.
  Sensor fusion is another big thing - the "motion coprocessor" of Apple's iPhones to Sensor Hub in Android, the offline processing of sensor data without the main CPU being involved in huge. And how much is offloaded to a DSP and processed through the main CPU in the end is highly proprietary and no one is giving up their secret, wanting to be the one to capture your entire run without consuming a single miliwatt of power.
  If Google had enforced open-source, vendors wouldn't have come, preferring to stick with their own operating systems and stacks.
  And that's where this project is interesting - how do you modularize things to allow a hardware vendor to replace basically and entire image processing stack, but also allow a vendor to simply have a camera with no processing and doing it all in software? You try, but you really end up with a mess like Windows where you have to have software support for when hardware's lacking, but also software support for bypassing it all when hardware is supposed to do it.
4. Re: The Kernel GPL by simpz · 2017-05-14 03:10 · Score: 1
  
  I'm not sure I buy any of this. HW vendors couldn't afford to ignore Android. Its just to big.
  An opportunity missed to force some level of driver GPL ing
5. Re:The Kernel GPL by tepples · 2017-05-14 04:28 · Score: 1
  
  "cellular radio standards are subject to royalty-bearing software patents", aren't those just part of the base band processor ?
  First, baseband firmware is a "binary blob" that would likely get a device disqualified from Free Software Foundation's "Respects Your Freedom" certification program.
  Second, I was under the impression that at least back in the Java ME and BREW days, some devices ran the baseband and the applications under a real-time OS in subsets of the same memory space. Is this organization obsolete nowadays?
  Third, my prior comment was incomplete. The cellular radio isn't the only part of a communication standards suite subject to software patents; audio and video codecs are as well. Or would all codec responsibilities be part of the baseband blob as well, with the application processor seeing only uncompressed audio and video?
  
  That would not impact anything of the rest of the phone.
  Depending on how a court distinguishes "aggregation" from "combining modules into one larger work". The GPLv2 intentionally leaves this vague.
  
  Also it's not only the patents, also the laws and regulations which restrict what you can do.
  As far as I'm aware, from a manufacturer's perspective, the regulation states "do not emit spurious RF energy, and interoperate with the networks of incumbent carriers." Interoperability requires following the privately agreed-upon specification, and said spec requires patented processes. That's why I felt that mentioning patents was enough.
6. Re: The Kernel GPL by buchanmilne · 2017-05-14 05:28 · Score: 1
  
  "and one of the GPL's reasons for existence in the first place is to prevent royalty-bearing software patents from harming the Free World."
  Maybe you mean the GPLv3. The GPLv2, the version of the licence used by the Linux kernel, was written before software patents were such a problem, and doesn't have soecific requirements regarding patent licensing that the GPLv3 has.
7. Re: The Kernel GPL by buchanmilne · 2017-05-14 06:31 · Score: 1
  
  "First, baseband firmware is a "binary blob" that would likely get a device disqualified from Free Software Foundation's "Respects Your Freedom" certification program."
  But that is totally irrelevant to whether the software is respecting the GPLv2 or not.
  Consider an alternative where the firmware was not distributed with the O.S. (and required separate flashing to update it). For example, a totally free distro isn't considered GPL-infringing because it was provided with a computer that has a non-free BIOS.
8. Re: The Kernel GPL by tlhIngan · 2017-05-15 05:03 · Score: 1
  
  I'm not sure I buy any of this. HW vendors couldn't afford to ignore Android. Its just to big.
  An opportunity missed to force some level of driver GPL ing
  Perhaps NOW they can't. But back in the Android 1.x days, Android could be ignored. And had Android been GPL then, it would've been like other GPL phone projects like OpenMoko and others.
  The fact that Android allowed closed development was the main reason why it got so big. The GPL would never have worked in making Android popular.
  Hell, I'm sure Google could try to ask for open drivers and the vendors will say "ha ha. thanks for the laugh".
Question ? by Archfeld · 2017-05-13 10:13 · Score: 1

Do the carriers really even want to update ? I think they want the OS to grow stale and to use that as a reason to force users to update to this weeks new hardware. The cost of maintaining the branded OS and apps on last springs 'in' phone or device is not worth it for them, they just want you to by the 'new' fashion accessory phone. Cobalt blue is the new 'secure' device dejour.

--
errr....umm...*whooosh* *whoosh* Is this thing on ?
1. Re:Question ? by BronsCon · 2017-05-13 10:41 · Score: 2
  
  Part of me wants to suggest we say "fuck it" and factor historical lack of updates into our purchase decisions. That is, purposely buy phones based on lack of updates, given that we know they will eventually get hacked.
  
  And when they do, the entire lot of us stick it to the manufacturers, who refused to provide updates, in the form of a series of class action suits, one for each model sold in each market, layered atop one for each manufacturer in each market.
  
  Vendors don't provide updates right now because they believe it is cheaper not to do so. We can't change the equation, but we sure can change the variables and, by effect, the result.
  
  --
  APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
2. Re:Question ? by Cmdln+Daco · 2017-05-13 13:27 · Score: 1
  
  Actually, mobile android devices that 'can not be updated' are the ones that the OEM and Vendor can't bugfix. Which are the devices that it should in many cases eventually be possible to jailbreak and free.
3. Re:Question ? by BronsCon · 2017-05-13 16:52 · Score: 1
  
  Eh? Which Android devices exist that cannot be updated by the OEM? We're talking about devices that aren't updated. There's a pretty big difference.
  
  --
  APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
4. Re:Question ? by Dutch+Gun · 2017-05-13 17:22 · Score: 2
  
  I bought an high-quality phone over 3 1/2 years ago, and it's still perfectly functional, but gets no more security updates. Essentially, I'm screwed as soon as the next major issue hits that has no mitigation. Even Google, with their high-end Pixel devices, apparently only guarantees security patches for 3 years from launch or 18 months from buy date, whichever is longer. That's pretty lame for an $800 phone.
  If HTC wanted to get back into the market, they should sell high-end phones and guarantee five years of software updates. I'd buy one tomorrow.
  
  --
  Irony: Agile development has too much intertia to be abandoned now.
Re:Maybe an all-time slashdot low. by BronsCon · 2017-05-13 10:35 · Score: 1

There's a disconnect somewhere in the editing (go figure). In reality, the silicon and device vendors need only be involved in the initial development phase of a given device's ROM. After that, provided Google doesn't change any APIs (and they generally don't as doing so would break apps as well), the underlying Android core can be updater, even wholesale replaced, by Google.

New APIs and features can be added by Google as they are developed, and the silicon and device vendors can update their apps and drivers to take advantage of those new APIs and features, or not; the user still gets to benefit from them in the form of being able to run the newest apps on the newest version of Android. Also, security patches for the Android core can come direct from Google. Security patches for vendor-supplied apps and drivers still need to come from the vendor, but there's really nothing Google can do to change that.

--
APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
Re:Google is removing Step 1... by JonBoy47 · 2017-05-13 11:12 · Score: 1

This won't be news until Google completely removes the third parties from the update equation.
Re:Google is removing Step 1... by tepples · 2017-05-13 13:48 · Score: 1

What needs to happen is to remove step 3 from the picture. Take control of Android devices away from carriers
That might not do much, as Wi-Fi-only tablets routinely get stuck at a particular version of Android even though they skip step 3.
What grounds for a suit? by tepples · 2017-05-13 13:59 · Score: 2

the entire lot of us stick it to the manufacturers, who refused to provide updates, in the form of a series of class action suits
Under what legal theory would a remedy be available at law? My first guess is the implied warranty of merchantability, that Internet-connected computers without security updates are not "fit for the purposes such goods are ordinarily used." But if you plan to sue on grounds of failure to honor the implied warranty, I thought it was common practice for manufacturers to disclaim implied warranties after a product's express warranty has expired.
If it depends on the jurisdiction, use the United States as an example. It's the home country of Alphabet and Slashdot Media.
1. Re:What grounds for a suit? by BronsCon · 2017-05-13 16:50 · Score: 1
  
  Also my home country, thanks.
  
  A company can disclaim liability for the end user's actions or modifications, and they may limit how long they will warrant a product to be free of manufacturing defects; however, it is not unheard of and would not be unexpected for the court to expect maintenance services (such as software updates) to be made available for a duration exceeding the average usable life of a product, especially when lack of such maintenance is likely to result in financial or social harm to the user. Moreso when the device manufacturer is the only legitimate (and legal re: the DMCA) source of such maintenance. That is, a manufacturer and seller of a product cannot stipulate that their product should only be fit for the purpose for which it was sold for a certain period of time, save for reasons following spoilage, mechanical breakdown, electrical failure, or some other naturally occurring destructive force. And, indeed, even if that were not true, we have phones being sold as new, covered by a 1 year (sometimes longer) warranty, well after manufacturer updates have ceased; if your implication is that the manufacturer should only be liable for updates during the warranty period, well, there's your violation right there.
  
  Put another way, no court would expect Ford to still provide parts and maintenance for a '69 Mustang (though they happily will) because it is trivial to find parts, service manuals, and indeed service stations, who will perform such maintenance. Even if it were not, so long as they provided said parts and maintenance during the typical usable life of the average car (this may seem a poor example as the industry accepted service term, during which the manufacturer must maintain parts inventory is around 10 years, while most cars last much longer -- more on this later, but it's actually quite a salient example indeed), which they did, they would be in the clear. The law, specifically around automobiles, stipulates that manufacturers must allow aftermarket parts to be manufactured and sold, so there are still parts available and plenty of places to have a vehicle serviced even after the manufacturer shuts down the lines.
  
  Not so for phones.
  
  As for why 10 years is acceptable for cars when cars typically last much longer, and why that makes cars a salient example of what the courts might expect in terms of manufacturer-provided support (especially absent a viable aftermarket for said support) if it can be shown that lack of availability of maintenance for a product might cause the end user financial or social harm, it's actually pretty simple. You see, leading up to the mid 1960's, auto makers got in the habit of stopping production of parts when they felt it was time to start selling more new cars, and they were aggressive about curtailing the manufacture of any 3rd party replacement parts. In the 1960's, a law was enacted requiring them to make parts available for a minimum of 20 years; this was repealed in the 1980's as the law was effectively forcing manufacturers to maintain inventory of parts which would literally never sell; but, before then, another law was introduced requiring them to allow 3rd party replacement parts to be manufactured and sold.
  
  Despite no longer being forced by law to maintain parts inventories for 20 years, the US auto industry has adopted a minimum standard of 10 years of factory support, so as to prevent such a law from ever being deemed necessary again. Why 10 years? Well, back in the 1980's when this policy was adopted, 5 years was a common car loan term; roughly half the new-car-buying population would wither trade in their car before it was fully paid for, or do so shortly thereafter, which meant roughly half the new-car-buying population was maintaining a roughly 5-year cycle of vehicle ownership. Of the remaining half, roughly half (so 25% of the total new-car-buying population) would keep their car for 5 years after paying it off, while the remainder would keep it for longer. The math worked out that the averag
  
  --
  APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
Re:Google is removing Step 1... by amxcoder · 2017-05-13 18:30 · Score: 2

Even taking the carriers out of the mix wouldn't be much better. The manufacturers hardly ever update either. With phone updates having to go through 3 steps, it's almost 100% doomed not to make it to your phone. Ever Android phone I've ever owned (with the exception of the Nexus 5x that I bought my wife), has at most only seen one update after the initial purchase.

The REAL questions that need to be addressed, is why we as consumers have allowed phones to be handled so different from PC's.

If I buy a laptop that comes with windows. When I first start it up for the first time, I give it an admin login credentials, and have full admin rights on the PC. Phones, you are locked out, with no admin rights unless you root it, which voids the warranty. Why shouldn't we have admin rights on these things by now, they are multi-purpose computers these days. People would freak out if a new laptop only came with 'basic user' login rights, and you couldn't have access to admin rights under windows. It would not be acceptable on a PC, and shouldn't be acceptable on a phone.

Also, why do the manufacture's and carriers get to 'bake' all kinds of crapware on the phone that can't be removed at all? Again, if I bought a Dell laptop, sure it might come with some Dell apps, but they can be removed. Samsung apps on a phone, not so much. Best Buy doesn't get to then add more crapware onto the Dell PC it sells as well, so that when you buy it has Dell bloatware and BestBuy bloatware baked into windows with no way to remove the apps or disable them. Phone do though, all kinds of crap from the manufacturer like Samsung store and other crap and about a dozen AT&T apps that you can't get rid of. not to mention that they bake-in normal apps too now, like my S5 has Uber preloaded, and baked in. Can't uninstall it or get rid of it. I've never used uber, and it's available in the Play store if I want it. Why is it locked onto my phone!

If Samsung wants to give it a branded skin, or some extra functionality, then fine. But if the first problem (admin rights) were respected, if we didn't like it, we would be able to easily wipe the ROM and put a vanilla android ROM on the phone like you can with a PC when you buy it. Same with the "permanent apps" that are preinstalled on the phone as well, admin rights would allow the removal of all of these. This would solve the update process, as I could opt to update to the latest version at any point. When microsoft releases a patch or update to windows, PC users don't have to wait until Dell (or HP/Asus/etc) get the update and add all their crap onto it, and pass it off to then to BestBuy/Walmart/NewEgg for the retailers to all their specific crap to it, before it gets pushed to your laptop. Why the hell does it work that way with phone?!?

It seems to me, that unfortunately, we as consumers allowed them to do this at the beginning and get away with it, and we didn't make a big enough stink over it. Now we are forever stuck with no admin rights, and several layers of 'baked-in' bloatware from everyone in the chain of manufactures and carriers. Why did we let them get away with it in the first place. And why do people accept it, when they wouldn't accept it with a PC.
I'd rather have a Windows Update style model by ET3D · 2017-05-13 19:36 · Score: 1

Google has already done that partially by putting a lot of functionality into Google Play Services, but it would be nice to be able to get security fixes from Google instead of having the OEM's in the way.
Re:Google is removing Step 1... by Lennie · 2017-05-13 20:05 · Score: 1

The REAL questions that need to be addressed, is why we as consumers have allowed phones to be handled so different from PC's.
For mass market products, the market needs to create options. Currently, only 2 major options are available. Both do the same thing.

--
New things are always on the horizon
John Deere tractors by tepples · 2017-05-14 04:35 · Score: 1

The law, specifically around automobiles, stipulates that manufacturers must allow aftermarket parts to be manufactured and sold, so there are still parts available and plenty of places to have a vehicle serviced even after the manufacturer shuts down the lines.
Not so for phones.
Are John Deere tractors more like automobiles or more like phones? See "American Farmers Are Still Fighting Tractor Software Locks".
1. Re: John Deere tractors by BronsCon · 2017-05-14 06:22 · Score: 2
  
  Therein lies the rub. John Deere can't stop a 3rd party from making an aftermarket ECU, control unit, or diagnostic unit, but copyright law dictates that anyone wishing to do so must not use John Deere's copyrighted software in order to do so unless they have John Deere's permission to use it. No law says they have to licence their copyrights, only that they have to not sue to prevent the sale and manufacture of parts. There is a healthy aftermarket for parts for John Deere tractors which can be replaced without touching the computer systems; that market would be a lot larger if we were allowed to reverse engineer those systems, but that is a separate issue.
  
  And even then, existing laws only cover vehicle's intended to be licensed and driven on public roads, which does not cover most of John Deere's line, making them more like phones than cars. John Deere doesn't want to have to deal with those laws for all of their tractor business, so they allow what 3rd party parts are possible without the use or reverse engineering of their software (because they can still get away with preventing that) and, perhaps more importantly, they provide service well past the expected life of the product.
  
  John Deere actually provides a good model for phone manufacturers to follow, at least in terms of ensuring security updates are available: Full warranty lasting at least as long as the financing period, software updates free of charge during the warranty period, software updates still available after the warranty period, and nothing technically stopping the end user from replacing the software with their own once the warranty ends.
  
  I see where you're going re: Right to Repair and I agree, we'd be better off in that world. We would also be better off that our current situation if phone manufacturers follwed John Deere's model. In either case, I think you and I both realize it is going to take an act of law ir a very hardcore court ruling to make it happen.
  
  --
  APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
2. Re: John Deere tractors by BronsCon · 2017-05-14 06:23 · Score: 1
  
  Ugh... vehicles, not vehicle's... this is why I don't post from my phone...
  
  --
  APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
Didn't read the blog post, did you? by buchanmilne · 2017-05-14 05:19 · Score: 1

"Why don't Google push vendors to open source if they want to be part of Android. Which is a pretty big stick."
The end of the blog post says:
"In addition to the architectural changes, we're working with our silicon and device partners to take their code changes, such as features for a carrier network in a specific country, and move them into the common Android Open Source Project (AOSP) codebase. For example, Sony and Qualcomm contributed dozens of features and hundreds of bugfixes to Android O so they no longer need to rework these patches with each new release of Android."
It genuinely looks like Google is doing their part to address the problems, we can only hope consumers are clever enough to buy models from OEMs who do their part too.
GPLv2 section 7 by tepples · 2017-05-14 07:08 · Score: 1

Maybe you mean the GPLv3.
I meant GPLv2.

The GPLv2, the version of the licence used by the Linux kernel, was written before software patents were such a problem, and doesn't have soecific requirements regarding patent licensing that the GPLv3 has.
Though the patent provisions the GPLv2 are less "soecific" than those in the GPLv3, they still exist. GPLv2 section 7 bans licensees of Linux from adding patented code under a royalty-bearing license and then distributing the result:

If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program.
GPLv2 section 8 even had a geographic limit option that appears to have been dropped from GPLv3:

If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License.