Wireless Carriers Put On Notice About Providing Regular Android Security Updates

msm1267 writes "Activist Chris Soghoian, who in the past has targeted zero-day brokers with his work, has turned his attention toward wireless carriers and their reluctance to provide regular device updates to Android mobile devices. The lack of updates leaves millions of Android users sometimes upwards of two revs behind in not only feature updates, but patches for security vulnerabilities. 'With Android, the situation is worse than a joke, it’s a crisis,' said Soghoian, principal technologies and senior policy analyst with the American Civil Liberties Union. 'With Android, you get updates when the carrier and hardware manufacturers want them to go out. Usually, that’s not often because the hardware vendor has thin [profit] margins. Whenever Google updates Android, engineers have to modify it for each phone, chip, radio card that relies on the OS. Hardware vendors must make a unique version for each device and they have scarce resources. Engineers are usually focused on the current version, and devices that are coming out in the next year.'"

Java

[goombah99]

Does Dalvik have the same security problems Oracle Java does? If so this is a serious problem

Re:

[Qwavel]

No, it doesn't.

Re:Java

[supersat]

No. Even if it did, it doesn't matter because Android does NOT rely on Java for isolation or security. Each application runs as a separate Linux user, and the kernel enforces isolation between apps this way.

Because apps are isolated in this way, they can include native code.

Re:

[Rich0]

True enough, but the isolation only protects apps from each other. It doesn't protect your data from apps, unless the app in question doesn't have rights to read your SD card (and if you're attacking an app chances are it was from reading some data from the SD card in the first place, like an attachment to an email).

Re:

[Rich0]

Does Dalvik have the same security problems Oracle Java does? If so this is a serious problem

It is an independent implementation, so I'd say it likely has a similar but altogether different set of security problems.

At least it doesn't run arbitrary code from applets, and since applications run as individual users they benefit from the underlying linux security model. That said, maybe if you open some document in an application the document might exploit some dalvik flaw to gain access to other data the application can view (likely your entire SD card), and if the app has rights (likely the case) u

Re:

[Miamicanes]

As of this moment, there is no known "Java" VM that runs under Android. Dalvik begins its life as Java sourcecode, but it's actually "double-compiled" by the time it runs on Android: Java source to Java bytecode, then Java bytecode is compiled to Dalvik bytecode. Lots of Android developers eventually get bitten hard before grasping the true meaning of "Dalvik Isn't Java" (ie, there ARE things that work in Java, but don't work in Dalvik. Runtime dynamic compilation to achieve dependency injection is one exam

Stop screwing with it so much

[redback]

Handset manufacturers should stop screwing with it so much, if they used pure android it wouldnt be so much work to get updates out.

Re:

[jtownatpunk.net]

Tell that to my Galaxy Nexus that's still running 4.1.1. So much for the idea that Nexus devices are on the cutting edge. They're abandoned as fast as any other phone.

Re:Stop screwing with it so much

[tlhIngan]

Tell that to my Galaxy Nexus that's still running 4.1.1. So much for the idea that Nexus devices are on the cutting edge. They're abandoned as fast as any other phone.

Only the Verizon Nexues are "abandoned". If you got the HSPA ones, you should be at 4.2.x already.

If you're not, perhaps it's because you bought it from a carrier and have the default carrier firmware stuck to them with carrier firmware updates. In which case you need to go to Google, download the latest factory images and install them on your GNex. This will get updates as fast as Google pushes them out (the carrier ones actually have an update URL pointing somewhere else, while the Google ones point to Google).

An interesting note - when I did this, battery life shot up dramatically. The carrier GNex firmware isn't all that great.

Re:

[cheater512]

Thats why when I bought my Galaxy S3 I immediately put Cyanogenmod on it.
My phone is regularly updated (currently running 4.2.1), stable and doesn't have any crap on it.

Re:

[TheGratefulNet]

my nexus one is stuck on cm7.2 which is the farthest forward I can go. sigh.

pretty much abandoned and by google, by design, as I understand it.

correct me if I'm wrong, but the problem was that they bundled the graphics system too much with the rest of the non-gfx parts. and so, when the n1 chip was declared 'too old', this froze the WHOLE shooting works. so to speak.

I don't develop for android, I'm just a user. I never looked at any of the code. so I might have this all wrong; but why else is my system

Re:

[ozmanjusri]

correct me if I'm wrong, but the problem was that they bundled the graphics system too much with the rest of the non-gfx parts. and so, when the n1 chip was declared 'too old', this froze the WHOLE shooting works. so to speak.

Cyanogen have halted development of all the old Snapdragon devices, not just the Nexus 1. There were a number of reasons, including the Adreno 200 GPU, limited RAM and restricted storage memory.

Other modders are still developing for it though. MIUI have a Jelly Bean version, but I'm not sure what compromises they had to make to get there.

http://forums.miui.us/showthread.php?15234-ROM-10-29-12-MIUI-us-v4-1-Jellybean-Edition [forums.miui.us]

Re:

[L4t3r4lu5]

Heh, no. You're stuck with Gingerbread only if you stick with CyanogenMod official release. If you want Honeycomb / ICS / JB switch to another AOSP ROM.

Here [xda-developers.com] is the XDA-Developers forum for Android development on the Nexus One. I like CM9 on my Desire HD, so I stuck with the Unofficial CM9 on mine, though they have nightly CM10 for the Desire HD too, as well as other 4.x AOSP-based ROMs. There are plenty of 4.x ROMs for your phone on there, too. CyanogenMod is by no means the only one available.

Re:

[DragonTHC]

Tell that to my Galaxy Nexus that's still running 4.1.1. So much for the idea that Nexus devices are on the cutting edge. They're abandoned as fast as any other phone.

Re:Stop screwing with it so much

[Frojack123]

I agree, to a certain extent.

But I also maintain that this is strictly Google's fault (The Open Hanset Alliance).

They took an operating system, Linux, which always has long the ability to put hardware drivers in dynamically loadable modules and built Android, where they compiled everything into the kernel in one huge binary blob. This is a huge retrograde step in OS design. The kernel should be replaceable without having to replace the driver for every radio, screen, sound chip.

After all, the radio didn't gain any new functionality between Android releases. The same carrier specific radio "rom" the phone was shipped with should suffice. Just call it dynamically rather than compile it into the kernel. Let us get our kernel updates directly from Google, or the handset manufacturer, and any carrier specific updates from the carrier.

This is a packaging error.

Re:

[AmiMoJo]

Consumers need to stop buying phones from manufacturers who screw with Android and don't provide updates.

Actually that already seems to be happening to some extent. Manufacturers seem to be making much more effort to update. It is carriers who really lag behind, but you would be mad to buy your phone from them anyway.

Rumour has it that Android 4.2 will introduce an advanced skinning system that lets the manufacturer put its skin on but still get OS updates directly from Google. As a bonus the manufacturer (

Re:

[peragrin]

That's because the manufactures are getting the blame from users using the phrase.

Well my iphone used to update why can't I update this one the same way.

Wait until smart TV vendors realize they also have to provide updates.

If you want locked down software like apple you must limit the number of models of devices.

otherwise you can't keep up

Re:

[NatasRevol]

That explains why Samsung is the #1 seller of Android phones. /sarcasm

Re:

[Archangel Michael]

Hell, this isn't even needed, with AOSP and projects like CyanogenMod, just unlock the bootloader of unsupported phones, and let them have the needed drivers to make the shit work right. But you can't complain about old devies not getting updates when you don't do updates nor let anyone else do them either. This is not a catch 22. This is "we want our cake and eat it too".

Re:

[peragrin]

Not it isn't. not even close.

this is, Hey the iphone has those kinds of updates why can't my HTC/Samsung, etc.

Seriously the only reason why is the carriers being stupid, and manufacturers not understanding the big software release picture.

Re:

[gr8_phk]

Handset manufacturers should stop screwing with it so much, if they used pure android it wouldnt be so much work to get updates out.

Google should stop screwing with it so much and then they wouldn't need updates! And you should stop blaming the customers (handset makers)

Seriously, you folks in "the tech industry" have no idea what product quality and reliability are. Try writing software for a car. Yes, it's much smaller in scope, but it has to be complete. We ship modules that are never updated (ROM par

Re:

[canadiannomad]

The moment you connect your car up to the internet, it too will need software updates.
In a car no-one is constantly trying to run you off the road or blow you up.
Not true online, you are almost always being probed to find out if you are susceptible to the latest car disabling technology.
Online it is an arms race, not a status quo.

Re:

[DarwinSurvivor]

I remember reading an article about a proof of concept where a hacker was able to control parts of his car with a cleverly crafted MP3 burned to a CD. He hypothesized that such attacks could be distributed through P2P networks and install backdoors into cars allowing them to be unlocked/started without a key.

Re:

[David_W]

In a car no-one is constantly trying to run you off the road or blow you up.

You don't drive in DC, do you?

Re:

[canadiannomad]

Lol, touché.

Re:

[icebike]

Try writing software for a car. ... We ship modules that are never updated (ROM parts anyone?)

Hmmm, that's not my experience.
Both my prior car and my current car had software updates over their life, the new car within 5 months of delivery as required by a recall. Its still riddled with bugs that are obvious, and grousing to the dealer is of no use, because the software is out of their hands. If I install after-market software, my warranty is void on the entire vehicle.

Re:

[Velex]

Ditto this. My 2011 Fiesta needs a software update so the passenger side curtain airbag deploys properly. Perhaps OP should take that little "security glitch" into consideration before getting his dick out next time.

Re:

[JonBoy47]

These Android-makers customize/skin the Android experience for the simple reason that it's just about the only thing preventing their product from becoming completely commoditized just like Windows PC's have been in the past few years. They also lack the clout to tell the carriers to pound sand. Thus we get Android handsets with carrier-dictated bloatware because the carriers get incremental revenue off that stuff. Be it someone using AT&T Maps and paying $10/month because they can't tell the difference

Re:

[thegarbz]

I can't say I fully agree with this. One of the good things about Android is that you have different flavours just like you do on Linux. For example HTC's OS design choices in my opinion suck. I'd pick Google's vanilla Android any day. However I do like the menu layout, the older keyboard, and many other features that Samsung brought to its version of Android a lot more than Google's own (Touchwiz excepted though, it looks and feels shitty).

What the manufacturers need to do is work with Google to make the s

Re:

[cliffjumper222]

Android is a gift, not a product. Android needs fixing to work properly because it doesn't work out of the box. Why? Because hardware changes from OEM to OEM, the government require mandatory support for features that aren't included, the customer (AT&T etc) require support for their apps or services, some very important ones, and last, but not least, it's buggy.

Details:
It takes about 6 months for a dedicated SCRUM team to knock a version of Android out that meets a major US carrier's requirements after

Re:

[aztracker1]

If you aren't pushing bug fixes upstream, you are part of the problem...

Re:

[account_deleted]

Comment removed based on user account deletion

Re:Stop screwing with it so much

[ColdWetDog]

Like AT&T Maps; it's $10/month, the one time I used it was by accident because I confused it for Google Maps.

No, it's not by accident. It's by design. A significant number of people won't be able to parse the difference between AT&T maps and Google Maps. So they'll just pay the dollars until they wise up. If indeed you do wise up, then you have to change their contract to opt out. Then the contract timer starts again.

They get you coming or going.

Brilliant strategy.

Re:

[trparky]

Actually, minor changes (like that) to your plan do not reset your wireless contract clock.

Re:

[poofmeisterp]

But, but, but... AT&T maps has SO much more to offer than Google Maps! It has......... More!

/snark

Re:

[canadiannomad]

If the manufacturers simply passed their OS / device driver updates back to the core Android Open Source Project, it'd make everyone's lives easier.

If they want to keep their launcher and misc add-on apps private, that's their call.

Somebody mod this up... It is exactly what they should be doing! Honestly I don't know why low margin hardware manufacturers are keeping themselves in the picture at all (with little to no economic gain for holding the code they won't support).

Still using my Droid 1 going on three years

[Anonymous Coward]

And haven't had an update since the first year.

They (Verizon) should at least push updates while it's still under contract.

Re:

[poofmeisterp]

You are running stock on that device?
WHY?

Because they're trying to run the device from the perspective of the average end user. And that perspective has been clad in suckiness since the beginning.

Re:

[gmhowell]

You are running stock on that device?
WHY?

Because maybe it does what he wants it to do? Your use case is not the universal use case.

Why isn't Android more modular

[The Other White Meat]

Every new revision of Android is this large, monolithic package that seems to take years to get right. If Android were more modular, you could have teams working in parallel on various modules, and releasing them as needed. This is what regular Linux does, so I don't see why Android doesn't do more of it. Other than the Google Apps package, everything else seems to be lumped together. (and yes, I know it's more modular behind the scenes, but if it isn't that way for the user, it's a moot point.)

Re:

[AwesomeMcgee]

Go re-read why worse is better http://www.dreamsongs.com/RiseOfWorseIsBetter.html [dreamsongs.com] and realize any form of micro-architecture has long since been destroyed by the formidable drive of the monolithic design and it's ability to be simultaneously horrible and intractably irremovable from the minds of the vast majority of engineers, along with being faster to get out the door and therefore meeting all requirements of the business people who actually shove all this garbage down our throats.

Re:Why isn't Android more modular

[AuMatar]

Wouldn't matter. The problem is more political than technical. Carriers are the ones who push updates, and they don't care especially in the US. Check EU versions of US phones and you'll see many more updates that never make it out here.

Some of that is for a good reason. Carriers put phones through very rigorous acceptance testing that takes weeks to finish. It tests the phone as a whole, not individual modules. Trying to push out partial updates would screw with their process and cost tens of millions. It would also lead to people having versions of modules that were never tested together, an increased possibility of bricking your phone. When your device is seen as a consumer utility that just really isn't an option.

Devil His Due

[ThatsNotPudding]

If an update bricked a phone and the owner died because even 911 wouldn't work, the carrier would be saddled with a slam-dunk loser case that would cost them at least $50 million dollars in settlements, fines, and legal fees.

Re:

[Skater]

...and yet, Apple updates their devices frequently.

Re:

[cynyr]

counting the iPad, apple has what? 6 hardware models that they keep supported at any one time? How many has samsung had in that time? HTC? Heck even nokia has had more than that. Now I am counting the 4 and 4S as different, when they weren't really.

Also Apple has had the ability to stand up to the carriers in the US. There are a few versions of the Samsung Galaxy S3 in the wild. I think it is at least 3.

American Civil Liberties Union

[Qwavel]

"said Soghoian, principal technologies and senior policy analyst with the American Civil Liberties Union."

Finally, an article about the dangers of Android that quotes someone I'm prepared to listen to. I'm not entirely sure why the ACLU would be involved in this stuff, but I do have some respect for them and believe them to be objective in this matter.

I'm tired of the barrage of articles about the security problems with Android, and the need for anti-virus to resolve them - quoting people paid by the anti-virus companies.

The carriers don't care.

[getto man d]

If the carriers were what most of us want, i.e. dumb pipes, then we could possibly own our phones and upgrade them in a much easier fashion (so long as the hardware manufacturer is still providing updates).

Verizon's treatment of the Samsung Galaxy Nexus has been an eye opening experience and I'm still trying to figure out an alternative solution.

Re:

[h4rr4r]

The alternative I will be seeking is leaving verizon and buying a GSM nexus as soon as my contract is over.

Verizon is losing a family plan that is over 10 years old because of this.

Re:

[Drathos]

And when the GSM carriers have crap coverage where you live?

Believe me, I'd love to leave VZW, but I've got to go several miles away to pick up a signal from AT&T or T-mobile - and I'm not far outside Washington, DC.

Re:

[h4rr4r]

They don't in my area.

I have been to DC, lets see some maps for your claim. I bet you are very far outside DC or mistaken.

Re:

[Andy Dodd]

Solution: Buy from an MVNO that is a dumb pipe. Straight Talk's BYOD SIM plans are proving quite popular.

Nexus 4 from the Play Store + Straight Talk = device you control hooked up to a dumb pipe.

Re:

[SiChemist]

Do you know anyone who uses Straight Talk? I'm out of contract in January 2014 and I'm contemplating buying the newest Nexus phone at that time and switching to Straight Talk. I worry about running over the "secret" 2GB data cap and getting cut off. There is good AT&T coverage where I live and work, so I was planning on buying an AT&T sim from ST.

Re:

[aztracker1]

I can't comment on Straight Talk.. but been happy with SimpleMobile (T-Mobile equivalent) with my N4.

Re:

[Andy Dodd]

I know a few of the XDA admins are on ST and love it, and more are hopping over.

I have yet to talk to a user of their BYOD SIM plans that was unhappy in any way.

Re:

[SiChemist]

Thanks for the info! I imagine the XDA guys are pretty heavy data users, so that encourages me.

Re:

[Andy Dodd]

Actually, many of us are quite responsible with our data. I don't think any of us support the "I HAVE A RIGHT TO EAT 20GB OF DATA PER MONTH OVER A CONNECTION THAT WASN'T DESIGNED TO HANDLE THAT!" crowd. Let's face it, if you're in that crowd, your days are numbered and few people will have sympathy for you.

My average monthly usage is around 500MB. I stay on unlimited only because I like having that "safety net" of not getting charged insane amounts if my device flakes out on me.

Perfect.

[poofmeisterp]

Engineers are usually focused on the current version, and devices that are coming out in the next year.

So what you're saying is that it's absolutely PERFECT for the wireless industry, eh? Keep people wanting the future product that you have to buy before the end of your contract!

I wish I were joking.

Cyanogenmod

[vlm]

Whenever Google updates Android, engineers have to modify it for each phone, chip, radio card that relies on the OS. Hardware vendors must make a unique version for each device and they have scarce resources

How come the cyanogenmod people do a better job than everyone else in the industry?

I just upgraded a LS670 last weekend to cyanogenmod. CM9 if I recall. Its faster, looks better, more features, MUCH newer which would imply fewer holes, overall quite a massive improvement over stock. It no longer has cell service, I'm using this phone as a wifi microtablet, quite happily.

Re:

[MonsterTrimble]

The big issue I have with Cyanogenmod is the fact that it can be very difficult to do right and you risk bricking the phone by doing it.

My wife has a LG Optimus 3D (LG Thrill 4G for those of you stateside) and the last update she received upgraded her from 2.2 to 2.3.5, which was a brutal abortion of a release. Bugs everywhere and eats battery life to beat hell. After researching it throughly I decided against doing anything to it because I had to root it, then make sure I had a kosher set of files and upgr

Re:

[h4rr4r]

Nearly no phone can actually be bricked. Absolute worst case you boot into recovery and flash another zip.

For what device is installing Cyanogenmod difficult?
From your description not that one.

There can't be a "good" installer, that would require the device company to play along. There is nothing they could do to make it easier for you.

Re:

[Rich0]

CM is obviously great, and it is even better for the price.

However, it isn't available for all devices, and because of the large number of devices these days it seems like many devices only have one or two devices. My previous phone was a G2 and CM never got past Gingerbread despite a 3rd party mod being sort-of working with Jellybean. Their quality control is better than the average mod, but isn't really up to professional standards. When a build that just came out of the compiler is released the same d

Unexpected?

[DogDude]

How is this unexpected? Unlike Apple phones and Microsoft phones, Android are a mishmash of some open source stuff, and some carrier specific stuff. This is part of the reason that I, at least, went with a MS Phone, instead of an Android phone. It reminds me of Linux: the core of it may all be the same, but by the time you slap all kinds of custom stuff on top of it, every single version is essentially different from every other version, and compatibility goes down the drain. So of course the carriers a

Re:Unexpected?

[Microlith]

Nonsense.

The core problem with Android is a core problem with ARM, namely that all of the nice plug-and-play stuff that lets a single kernel, and thus an Ubuntu live CD, boot on many systems doesn't exist in ARM. So each handset has to have the kernel adapted to it. And since this adaptation has to be done for every kernel Google releases, the handset vendors get lazy particularly as the kernel moves on and leaves their older, out of tree drivers behind.

This has little to nothing to do with regular Linux distros because compatibility across them is actually quite good and as of Jellybean there is nothing other than the kernel in Android that is used by other open source projects.

That they fail to push security fixes, let alone new Android versions, is because they just don't give a fuck.

Too many phones!

[HRbnjR]

The problem is Android phone manufacturers, rooted in traditionally consumer electronics oriented companies, are pumping out far more models than they could ever hope to provide adequate support for, as they aren't used to actually having to provide long term support for anything. This is one area they could really learn something from Apple, whose home computer roots have taught them what's involved with proper support. As consumer electronics get smarter, you're gonna see the same types of problems from

This is one of many reasons why

[erroneus]

In previous comments related to carriers and phones, I stated that I am done with carrier games.

I am done with carriers selling me "discounted" phones which are actually far over-priced when required and unwanted data plans are added to the mix. I am done with carriers and their spyware and bloatware. I am done with carriers controlling the obsolesence of my device by providing late updates or failing to update them at all.

Long ago I recognized the potential for security issues which predictably would not be managed by the carriers well or at all.

Apple has it easier and it was by design. There are fewer models of iPhone so everyone is happier. Users know what they've got. The accessory makers are better guaranteed sales of mass produced products. Apple's carriers don't get to corrupt the iPhone and therefore there is more sanity when it comes to user concerns like bugs and security.

I have a Google Nexus. Not quite my ideal phone, but less expensive than unlocked/unbranded Samsung Galaxy S3. It is more likely to get updates and fixes and within my power to install and use custom ROMs.

Carriers care more about themselves than their customers. It is clear and evident. Why keep hoping and demanding that they care? Know them for what they are and respond.

not so fast

[Charliemopps]

Usually, that’s not often because the hardware vendor has thin [profit] margins. Whenever Google updates Android, engineers have to modify it for each phone, chip, radio card that relies on the OS. Hardware vendors must make a unique version for each device and they have scarce resources. Engineers are usually focused on the current version, and devices that are coming out in the next year.

That's pretty funny, because there's a small group out there that manages to provide nightly updates for almost EVERY PHONE ON THE MARKET for free... http://get.cm/?type=nightly [get.cm]

It seems to me like a carrier could simply let you switch to CM10 and get your updates from them as long as you agree that their updates are your problem and not the carriers... oooh... wait... the problem isn't updating Android... the problem is updating all their adware revenue bullshit to work with android, not the OS. I forgot. S

But wait - now how much would you pay?

[cyanman]

The phone maker gets their profit from selling new phones. Updating your phones OS to a new version cost them money and delays your purchase of a new phone. How much effort would you put into raising your cost while costing yourself future revenue? The carrier makes money by locking you into a longer contract term. Often those new terms are at more $$ per month which happens when you buy a new phone. Updating your phone to a new version delays your commitment to a new contract term. I'm perfectly happy with

Slightly worse cycle than that

[AlienSexist]

It is more than just Google Android OS -> Phone Manufacturer but also then on to the Cell Carrier. Yes a new Android OS rolls out, and yes the Phone Manufacturer has to tweak drivers and what not. But after that the Cell Carrier then tries to splice on their apps other misc. clutter. This 3-phase pipeline is just murder for delivery. At each transition there is pushback. There had been, for example, discussion on the Droid BIONIC forums on how Verizon rejected a build from Motorola (for ICS) due to

Responsibility...

[pev]

This is very interesting in the context of the recent US ban on unlocking. As I understand it, the argument for banning unlocking has to do with the carriers wishing to retain at least partial ownership over your handset. As such, surely they're responsible for security implications? However, they're never keen on the effort involved in keeping older devices secure (which is more of a new threat in the age of android smartphone than it was on older proprietary non-app, non-data handsets).

So what happens whe

stock android

[CosaNostra Pizza Inc]

They should only be selling phones as stock Android if the carriers are unwilling to manage changes whenever a security update or new version of the Android OS is available.

Why I dumped Android

[malchus842]

And this is exactly why I threw in the towel on Android. Two reference phones, bought unlocked, were abandoned. After the second one, and seeing my daughter's ancient iPhone 3GS continue to receive updates, I bought an iPhone 5. Perfect world? No. But I do get regular updates and it works with my iTunes/Apple TV. None of the phones worked perfectly in my Ford with SYNC, but sending text messages is limited to feature phones (reading on the iPhone was added in the latest Ford software update). Smartest thing

Re:

[h4rr4r]

Really all the other advantages are a mystery to you?

Not everyone wants to live in a walled garden and pay a tithe to be allowed to program for their own device. Not to mention the lack of custom ROMS, and a whole host of other things.

Re:Not a problem for iOS.

[bhagwad]

Not everyone with a Windows PC has had their identities stolen and bank accounts empties. Oh any by the way, "security" is just a convenient excuse for censoring apps. Look at the big stories of Apple censorship - they have nothing to do with security and everything to do with Apple enforcing their own morals.

Security my ass.

Re:

[bhagwad]

Wow - "deserve"?

Good thing you're not a god.

Re:

[PortHaven]

Really?

Because my iPhone 3G didn't get the last few updates. And courtesy of Apple, it no longer streams Netflix. Because crApple is so incompetent, they can't even manage app versions.

Case in point. I have iPhon4 and 3G. iPhone 4s are running iOS5 & 6. Which the new Netflix app requires. However, the 3G model is not able to update to iOS5. But iTunes only allows for one instance of an app. So you'll find that you're old phones are now updated to versions of applications they cannot run.

Get off your

Re:

[cant_get_a_good_nick]

crApple? Jeez... I thought calling it Micro$oft was bad. Yes, the troll was a fanboi. But you bit and went the wrong way.

Apple is much better at having a consistent platform than Android is. You have phones coming out 4 months ago stranded with no updates. Your iPhone 3G goes back (possibly) 4 years, and a minimum 2 years. It's a much different situation.

I have an iPod touch, gen 2, which has been stranded. I wish I could get an update on it. but the CPU on it is too old, so they don't support CPU hog IOS5

Re:Not a problem for iOS.

[Skater]

I have an iPod touch, gen 2, which has been stranded. I wish I could get an update on it. but the CPU on it is too old, so they don't support CPU hog IOS5 on it.

I hear people complaining about this, and I don't get it. Maybe they don't remember the 80s and 90s when your computer was out of date within a few months, and it wasn't long before you couldn't run the newest and greatest software. Today, computers have a much longer lifetime than they did back then. I point this out because that's where we are with these portable computers (iPhones, Android phones, tablets, etc.) - we're still in that early and fast update phase. Early on, each new iteration was leaps and bounds ahead of the prior one, and the pace is only starting to slow down now. The pace will speed up again if and when better battery technology shows up.

And, frankly, they pushed out updates for the Touch 2nd Gen for quite some time. Don't act like it was abandoned 3 weeks after they released it, because it wasn't. Updates were available for a long time for it.

Re:

[maccodemonkey]

Really?

Because my iPhone 3G didn't get the last few updates.

You missed the part that because that device is over two years old, you can get a newer device for free when you renew your contract.

Of course, it sounds like you're using it as a secondary device. In which case I'm going to counter with a rant about how my spare G4 Cube can't run the latest version of Mac OS, can't run Netflix, and blah blah blah...

Re:

[Chirs]

You missed the part that because that device is over two years old, you can get a newer device for free when you renew your contract.

You assume the person is *on* a contract.

Re:

[thegarbz]

you can get a newer device for free when you renew your contract

Oh you poor misguided consumer.

Re:

[countach]

Yeah it's not a perfect platform. But I prefer it because at least I know what I'm getting. I know the level of support Apple will give me, which is pretty good, even if they do sometimes drop support on old models. But what can I expect if I buy Android? It's really hard to research, figure out and predict. This is why Apple is killing the competition.

Re:

[ozmanjusri]

This is why Apple is killing the competition

"Android captured almost 70% global smartphone market share in 2012, Apple just under 20%"

http://venturebeat.com/2013/01/28/android-captured-almost-70-global-smartphone-market-share-in-2012-apple-just-under-20/#AOkdwU4cgQebLIbR.99 [venturebeat.com]

Re:

[countach]

And the power users - the people who actually care about what they're buying are on iOS mostly, judging by web browser statistics. Yes, people who'll buy any old shit because its cheap, bugger whether it gets upgraded, are buying Android. Nobody makes money out of them. Apple makes money, Android often doesn't. Yes, Apple is killing the competition.

Re:

[Cabriel]

So you'll find that you're old phones are now updated to versions of applications they cannot run.

This is wholly untrue. I was using an iPhone 3G up until last week and when I tried to update any app, I was told "Requires iOS 4.3 or higher" and the update failed. I was left with all of my apps able to run on my old phone as they were before iOS 4.3 was released.

Re:

[metrix007]

Seeing your idiotic past posts and now seeing that you are unabashedly an Apple fanboi, things make a lot of sense. I mean, you made a post just to troll, which if you know anything about Android you know is factually incorrect. How old are you, 12?

Re:

[MBCook]

You're not forced to take the update, but at least it's available to you if you want it.

Depending on the specific manufacturer/phone, an Android device may get a few updates, possibly very late, or none at all.

Re:

[h4rr4r]

Considering you don't have the device drivers how do you update the phone without them?

Great you can have security updates and a phone that no longer has a functioning radio or camera.

Getting the drivers into mainline would be a far better solution.

Re:

[gnoshi]

I think the parent was meaning that by providing security updates as subcomponents of the OS rather than full OS updates, then the drivers wouldn't need to change (unless the secure issue was in the driver itself).

However, your point is basically right. If you look over at XDA-developers, a common pattern is that one manufacturer stops providing updates for a device (e.g. Acer A500, for which the last official update was 4.0.x) so Android mod developers have to dig around for other devices using the same ch

Re:

[Miamicanes]

> Getting the drivers into mainline would be a far better solution.

Or at least stabilize Android's kernel ABI so that every new release doesn't break most/all of the loadable kernel modules that shipped with the phone. 99% of the time, the Linux kernel ABI breaks between versions for no particular reason besides "nobody even bothers to try and NOT break it".

Among some, .ko-breakage is considered a feature and punishment for not open-sourcing drivers. Unfortunately, Qualcomm, nVidia, and Broadcom own the

Re:

[compro01]

Hard time selling?

The only hard times they appear to be having is getting LG to build enough of the things.

Re:

[Miamicanes]

The Nexus One rocked. It was groundbreaking, best of breed, and was unquestionably the best Android device money could buy at any price. Every Nexus since then has been... underwhelming, to put it politely.

The Nexus S was a joke, and literally WAS "last year's hardware". By the time Sprint got it, it was already obsolete.

The gNex was a step in the right direction, except they stupidly gave Verizon exclusivity for 6 months & shipped it with a locked bootloader. By the time the gNex hit other carriers, th

Re:

[aztracker1]

I think the current N4 really does have a good value point (if purchased out of contract from Google)... It's been stable, works well, and a solid performer. I had to wait a while to actually get it though. Other than the back is too slick (solved with a rubberized case), and some gesture keyboard quirks I've been really happy with it. It's my fourth Android phone (first was the G1), and it's the first one I've been happy with the out of the box experience... MicroSD would be nice, but the 16GB is enough

Re:

[Rich0]

My N4 is my first Nexus phone - the last time I was up for one I got a G2 figuring that the CM team would just make it work (a bit of a mistake - with the increase in the number of phones their effort is REALLY diluted and CM hasn't come out with a release on that phone since Gingerbread).

I'm pretty happy with the N4 despite the flaws you mentioned. I wish Google had more variety on the phone front, but they're at least starting to get that with the Tablets (it remains to be seen if they sustain annual rel

Re:

[h4rr4r]

What lack of flash support?

Adobe killed flash for all devices post 4.0.

Re:

[poofmeisterp]

I thought that's what we were talking about here.

Re:

[poofmeisterp]

Misread galaxy s4 as s7. My mistake. Guess misreading makes me a "troll". Yay!

Re:

[idontgno]

Nonsense. Why would carriers interfere with the current Android upgrade model: Buy a new phone with the current release of Android. And extend your contract at the same time.

The ACLU is complaining that the carriers are allowing the shackles to get all rusty and dangerous and uncomfortable, but they're not arguing for an Emancipation Proclamation: they just want the handcuffs to be adjusted and replaced regularly.

Re:Keep it Android!

[AmiMoJo]

The real problem is that customers in the US get completely and utterly screwed by the carriers. Really, you guys take it hard in the arse and pay though the nose for the privilege.

In the UK you can get a phone on contract from a third party. You get the same contract deal as you would going directly to the carrier, although often for £5/month less. The phone is unlocked and unbranded, you get updates directly from the manufacturer and no pre-installed carrier crapware. There are some good deals on offer too, for example 3 do a really unlimited data plan. A friend of mine runs Android uTorrent on it.

Regulation has delivered this for us. It is really easy to switch provider and take your number with you. Contract terms are heavily regulated to make sure they are fair and reasonable. It isn't perfect by a long way but it saves us from the rip-off hell that the US mobile market suffers from.

Re:Keep it Android!

[MBCook]

If they don't tinker with the OS, how are they supposed to add value?

Why, with what you're suggesting, they would just be commodity dumb pipes. When has a phone company ever admitted that?

Re:

[h4rr4r]

Why not just flash a new ROM instead of using the OTA update?

If you wanted to use OTAs, why flash Clockwork at all?