It has been long acknowledged in the tech industry that Android’s system of updates, which relies on phone manufacturers and carriers to roll out updates, sucks. Much as Google has long claimed that fragmentation isn’t a problem, having devices running tens of different versions is a giant headache for developers, and a boon for hackers.
As always, the first step on the road to recovery is acceptance, and according to Bloomberg, Google is getting there.
Bloomberg‘s report is a good breakdown of how Google is trying to address the situation. Speaking at Google I/O, Android chief Hiroshi Lockheimer described the current situation as “not ideal,” which should win a prize for corporate understatement.
Getting updates from Google to users in a timely fashion requires working with phone makers and carriers, both of whom typically need to work on (and sign off on) an update before it’s pushed to users. The logjam seems to sit mostly with carriers: networks like Verizon need to thoroughly test each update on dozens of different devices before pushing it out. Those tests can cost hundreds of thousands of dollars, and are difficult to expedite.
Google’s strategy at the moment is to lean most heavily on security updates. It’s been working with device manufacturers towards a target of issuing monthly updates — which honestly isn’t even enough, given an environment where hacks are happening weekly, and new bugs are discovered within hours.
But Google is working aggresively to put pressure on carriers. According to the report, “It has drawn up lists that rank top phone makers by how up-to-date their handsets are, based on security patches and operating system versions, according to people familiar with the matter. Google shared this list with Android partners earlier this year. It has discussed making it public to highlight proactive manufacturers and shame tardy vendors through omission from the list, two of the people said.”
In other words, Google is security-shaming carriers into issuing updates faster. Not the prettiest of measures, but if it fixes bugs and security holes faster, I reckon it’s worth a few bruised egos.