A Look at the Amount of Time Smartphone Vendors Have Taken To Roll out Major Android Updates To Their Handsets, and How Things Are Beginning To Improve

Most Android smartphone vendors have been notorious for the time they take to roll out the newest Android OS updates to their respective handsets. To tackle this, Google in 2017 announced Project Treble, which bypasses some middlemen in delivering new updates to consumers. With Project Treble now supported by all Android phone makers, in theory updates should roll out to us faster than before. To test this, news blog AndroidAuthority looked at the data to see where things stand. From the report: On average, Nougat updates took about 192 days to reach key devices, while Oreo was slightly faster at 170. Android Pie updates hit devices much faster, averaging just 118 days from Google's launch to significant OEM rollout. That's a significant improvement, though we're still waiting on updates from LG and HTC, which could drag this average back up. Most manufacturers are faster at providing updates now, but a few are slower. Huawei, Samsung, and Xiaomi were noticeably quicker this time around, bringing updates to key devices before the end of 2018. OnePlus and Sony were especially fast, but they've always been speedier than most. Disappointingly, Motorola has rolled out updates to its flagship Z series slower over the last few years.

Re: Meanwhile...

[Desler]

BS. The last major OS version for the S5 that was officially released by Samsung was Android 6.0.1 which was released by Google 3.5 years ago. So you're either falsely conflating security updates with OS upgrades (you know, the topic of the submission) or you're using a third-party ROM when this whole topic is about first-party support.

Re:This is about Lock In

[swillden]

Anyway nowadays it's hard to Root and get SuperUser and I don't understand why.

This is my fault. Not only mine, not even mostly mine, but definitely my team's fault -- and I, personally, have a little of the blame. So that makes me a good person to explain.

First, let me point out that my teammates and I have no interest in preventing you from rooting your device. None whatsoever. We are skeptical that you can make good use of root without compromising your own security, but we also believe that if you want to compromise your security, you should be free to do so!

So, if we don't hate rooting, why have we made it hard?

We haven't, exactly. Let me explain.

Let's start with the bootloader. If your device has a locked bootloader (note that this is completely different from carrier locking, AKA SIM locking, which is what people usually mean when they talk about an Android device that is locked or unlocked), then you may not install your own software on it. All of the devices from Google ship with bootloaders that can be unlocked, because we think people should be able to do what they want with their devices. Most other Android device makers feel differently about this and ship bootloaders that cannot be unlocked. Some of them will sell you a "developer edition" that is unlockable.

It's always been this way. Nexus/Pixel devices have always been unlockable, most others have not. Those G1s you were rooting almost certainly did not have unlockable bootloaders. So... how did you root them?

You exploited vulnerabilities. There were lots of them. There was no software integrity checking, so once you exploited a vulnerability you were able to modify the system and keep it in the exploited state.

These vulnerabilities were nice for you because they let you root. They were also nice for anyone who wanted to hack into your phone and get your personal data out. Useful to good guys, but also to bad guys. On balance, that's a bad thing.

What we did was to fix a lot of vulnerabilities. Not all; no software system of substantial size will ever be free of vulnerabilities. Recognizing that, we built defense in depth. SELinux is a big component of this defense in depth. Today in Android it's almost unheard of to find a single vulnerability that allows the attacker to pwn the entire system. Vulnerabilities still exist, but now attackers need long exploit chains. They use one vulnerability to open a chink in a part of the system that then lets them find and exploit another vulnerability, and so on, until they finally get to the data they're trying to get, or -- better yet -- pop the kernel. Root isn't good enough any more; for free reign of the system you need to pop the kernel and disable SELinux. Today's exploit chains often use five to ten separate vulnerabilities, because less than that doesn't do you any good. Working exploit chains for major device models sell for $1M+ on black markets. That's because they're hard to find.

In addition to that, we also added verified boot, so that every piece of the system software is validated as its loaded. This means that once you find and exploit a long chain of vulnerabilities to get control, you can't just change the system software so that you always have it, because if you modify the system the device won't work any more. You have to re-exploit the vulnerabilities after every boot. (Note that a new class of techniques makes so-called "systemless root" possible; which gives you persistent root without changing the system. We're shutting those down, too.)

In addition to that, we got much more aggressive about making device makers patch the vulnerabilities. So if you find a sequence of vulns that gets you control, you'd better keep it secret or it'll stop working after the next update. Oh, and we also made it basically impossible to install an older version of the software to get back to a version that had known vulnerabilities you could use.

That's a small taste; a lot m