The ecosystem of Android and in better times caused a lot of questions. Most often, the claims are made by the fragmentation of the platform, which is due to the extremely slow spread of new versions of the most popular operating system. It turned out that the problem is not only this. Information security experts came to similar conclusions.
Within two years, experts from Security Research Labs collected information about security patches issued for smartphones of the largest vendors. Under the sight were Samsung, Motorola, HTC, ZTE, TCL, Google and others. Specialists used reverse engineering to get data on 1200 mobile phone models, Wired reports .
Their goal was to check patches containing security updates: the experts learned if all the gaps and vulnerabilities were closed, as indicated in the system information. In a significant number of cases, manufacturers mislead users: the mobile phone is supposedly completely updated and received all the updates, although in fact it is not. Sometimes manufacturers simply changed the date on which the security update should have occurred, without introducing any changes to the system.
The most common problems are observed in cheap smartphones with MediaTek processors (9.7 missed patches on average), Samsung brand chips have a lower indicator.
Google noted that some of the devices in the tests of SRL are not “certified Android-smartphones,” that is, they do not meet the company’s security standards. They also stressed that modern smartphones remain sufficiently protected even in the absence of all the necessary software “patches”. However, Google has promised to study the matter more closely.