If you are using Android, you may have been lied by your manufacturer about security updates

Just like that, the Android update is still not bad enough.

Android phones are still famous for slow updates - as in the most recent update in February, only 1.1% of Android users get the latest version - but obviously this has deep causes. more complicated than we thought.

Wired reported that research organization Security Research Labs (SRL) said that many Android manufacturers have lied to their users about security patches.

Karsten Nohl and Jakob Lell spent 2 years analyzing Android devices, checking whether they were actually installed the security patch as said. They discovered that many devices lacked a lot of patches while still being confirmed to be updated. They call this a patch gap.

The lack of patch sale is no coincidence. According to Wired, SRL has checked the update of each patch for the firmware of 1200 phones from Google, Samsung, HTC, Motorola, ZTE and TCL last year. As a result, even Samsung or Sony high-end segment phones are sometimes lacking.

Whether deliberately or not, this is obviously not good at all because users need to be best protected by the latest security updates. Thinking that I was protected while not so could lead to worse things. To help users, SRL has a tool called SnoopSnitch on the Play Store that analyzes the installed versions and firmware.

If you are using Android, you may have been lied by your manufacturer about security updates Picture 1
Whether it is updated or not, at least users should know the truth

Not all manufacturers are the same. In general, Google, Samsung or Sony sometimes lack, and ZTE or TCL is much worse when it lacks up to 4 (or more) patches compared to what they say.

As for Google, they told Wired that 'We have conducted a review of each OEM, see the device's compatibility certificate', and said it will investigate further. Google also explained some of the problems that SRL found out about ignoring the patch, that they might delete from the device, or some phones that lacked the official Android security certificate from Google.

Google sent to The Verge:

'We want to thank Karsten Nohl and Jakob Kell for their efforts to increase the security of their Android ecosystem. We are working with them to improve the mechanism of detecting situations where users choose other security updates instead of the one Google suggests. Security patch is one of many layers used to protect Android users. Platform-based integration methods such as application sandbox, security services like Google Play Protect, are equally important. These layers of security - along with the variety of Android ecosystems - also contribute to the researchers 'assumption that exploiting Android devices is still a challenge.'

See more:

1. Appearing dangerous Android malicious code specializing in stealing chat content on Facebook Messenger, Skype .
2. Microsoft blocked Windows 7 security updates without antivirus software
3. Galaxy Note 8 officially launched Android 8.0 Oreo, did you know how to update?

Interested users download SnoopSnitch here.