We all know the reason why Android phones take much longer to get the latest software compared to iPhones. There are countless different Android hardware vendors out there who sell their phones through several different carriers. Both of these parties install their own software onto devices and when Google issues new software both carriers and OEMs need to test it out with their own apps before issuing an update. But we’re reaching the point where this system just isn’t going to work anymore.

MORE ANDROID: We now know what Android M’s full name is

Over at Tom’s Hardware, Lucian Armasu explains why Google badly needs to fix the broken Android upgrade process that leaves users waiting for long periods of time for critical security patches. He persuasively argues that revelations about the critical Stagefright bug prove that the status quo is no longer acceptable.

“Apple, Microsoft and even the fragmented ‘Linux’ ecosystem all have a much better security update model than Android has right now,” he says. “In the Android ecosystem, the model seems to be companies fixing stuff whenever they feel like it, and if they feel like it. That’s a model that certainly can’t scale to billions of users — not without leaving a majority of them always vulnerable to some bug or another.”

Google’s latest move of getting some OEMs to sign up for a monthly security update program is too small of a step relative to what needs to be done. This is especially true when you consider that these monthly security updates in the United States will still have to go through mobile carriers for approval, which could still slow down the process.

At some point, says Armasu, Google will need to take charge of Android security updates whether carriers and OEMs like it or not. Given how slow Google has been in reacting to these kinds of issues, however, it seems such a major step is still likely years away.

View Comments