Android OEMs Duping Security Patches

Android OEMs Duping Security Patches

Android OEMs Duping Security Patches

It would seem that your brand-spanking new Android phone is not as secure as you think it might be. Nevertheless it still remains that according to SRL, patch updates were still listed as being up to date when they weren't, which might lead some users to wonder going forward if their device has actually been updated with the latest security fixes. That is deception, plain and simple - and this is what the results of a two-year research say.

According to a research from Karsten Nohl and Jakob Lell at Security Research Labs in Berlin, many Android vendors makes false claims of updating their smartphones on a routine basis.

Android OEMs Duping Security Patches

Of the 1,200 phones from over a dozen device makers that were tested by the researchers, the team found that even devices from top-tier device makers had "patch gaps", although smaller device makers tended to have even worse track records in this area. "Probably for marketing reasons, they just set the patch level to nearly an arbitrary date, whatever looks best". "Probably for marketing reasons, they just set the patch level to nearly an arbitrary date, whatever looks best", Nohl is quoted as saying. In other words, the testing likely includes the latest and greatest flagship phones. Of course, Google is the best at sticking to security updates, but owning the Google Pixel 2 isn't critical to staying safe as an Android user. Devices from those manufacturers had, on average, zero to one missing patch that was claimed to have been installed. The smartphones with regular security patches and OS update are a big hit among the user and attracts the potential buyers.

LG, Motorola, Huawei, and HTC missed 3-4 patches, and Nokia, OnePlus, and Xiaomi skipped 1-3 patches on an average.

Soupçons de corruption russe : la Fédération internationale de biathlon dans la tourmente
Cinq mois plus tard et sous la pression, la Fédération internationale de biathlon retirait à la Russie l'organisation. Dans les conditions actuelles, nommer un Russe à l'intérim de Besseberg aurait en effet été un choix douteux.


Over the past few years, Android manufacturers have built up a reputation of being slow to issue important software updates.

Google pushes out Android security updates each month that is a collection of patches for a variety of security bugs. Some manufacturers have even gone to the lengths of altering the date of security patches received by devices, while no actual patches were installed on them.

God of War Review Roundup: Respect The Past, Embrace The Future
From smashing symbol-clad pots to severing glowing sinews, axe-throwing is core to God of War's gameplay in and outside of combat. There's a chance that all the changes in this game would cause polarizing opinions, especially for purists of the game .


In some of the cases, it was found that the Android phone manufacturers had intentionally misrepresented the dates when the device had last been patched. For example, Samsung's 2016 J5 accurately reported what was and wasn't installed, but its 2016 J3 said all patches were up to date when 12 weren't actually installed.

It found that in some cases, Android smartphone makers allegedly told users that smartphone's software has been updated with monthly patches when it hasn't. Google told Wired some of the devices in the report weren't Android certified, and therefore aren't tested for security and performance.

Toy Maker Plans Toys 'R' Us Bid After Longshot Crowdfunding Campaign
The planned liquidation would have a bigger impact on smaller toy companies that had relied on the chain more heavily. Surprise, is bidding to buy the Toys "R" Us stores in the USA and Canada, it was disclosed Friday.


Missing an update or two may not end up in a device hack, but with a series of patches missing can cause some serious problems with the security of the device.

Latest News