Skip to main content

Some Android manufacturers lie to customers about installing security updates

Your Android phone may not be as secure as you think it is. According to a recent report from German security firm Security Research Labs, which was first picked up by Wired, not only do many Android manufacturers not always keep up to date with Android security updates, but they actually lie to customers by telling them that their device has the latest patch installed.

It’s troubling news. In recent years, it appeared Android manufacturers were getting better at ensuring that their devices are safe and up to date — but it seems that may not be the case after all.

Recommended Videos

The researchers — Karsten Nohl and Jakob Lell — spent two years analyzing Android devices and checking their code to see if the manufacturers had actually installed the updates, or if they were instead simply claiming that they were up to date. What they found was that many devices had what they called a “patch gap,” where the phone’s software claimed the phones were up to date, but the code proved that often dozens of patches had simply been skipped.

Even worse is the fact that the lying seems to be a pretty common practice. The team tested firmware from a hefty 1,200 phones from the likes of Google, Samsung, HTC, Motorola, ZTE, and TCL, and found that even major releases from massive companies like Samsung occasionally skipped a security patch.

Some manufacturers were worse than others. While the likes of Sony and Samsung only skipped one or no security updates, Xiaomi, OnePlus, and Nokia skipped up to three. HTC, Huawei, LG, and Motorola skipped up to four, and TCL and ZTE skipped more than four. Phones built by Google did not skip security updates. According to SRL, the skipped patches could also be related to the chipset used by the phone. According to the company, phones with Samsung-built chips had very few skipped patches, while phones with MediaTek chipsets skipped a whopping 9.7 patches on average. This may be because bugs are found in the chip rather than the operating system, and the manufacturer then depends on the maker of the chipset to patch those bugs before a security update can be installed.

According to Google, which gave a statement to Wired for the report, one cause for the skipped updates could be that some devices are uncertified, meaning that they’re not held to the same security standard. On top of that, skipping patches could be because of a specific phone not offering the feature that needs to be patched in the first place.

Of course, it really doesn’t matter why manufacturers are skipping updates — what matters is that even when updates are skipped, the software still claims that the phone is up to date when it isn’t. In reality, it’s still extremely hard to hack an Android phone, and there are plenty of other security measures in place to prevent an attack — but the fact is that smartphone manufacturers are lying.

Christian de Looper
Christian de Looper is a long-time freelance writer who has covered every facet of the consumer tech and electric vehicle…
The iPad Pro is about to get some tough competition
Huawei MatePad Pro 12.2.

Apple's iPad lineup currently dominates the tablet market. However, other excellent tablets are available as well. One upcoming tablet that looks impressive is the Huawei MatePad Pro 12.2, which is set to launch worldwide this week.

The MatePad Pro 12.2 is designed to compete with the 13-inch iPad Pro (M4) and iPad Air (M2) and offers some excellent specs, starting with its 12.2-inch dual-layer OLED display, which has a 144Hz refresh rate and 2,000 nits of peak brightness. With a 3:2 ratio, the MatePad Pro 12.2 has a resolution of 2800 by 1840 pixels (275 PPI).

Read more
RCS messages are about to look a little different on your Android phone
Google Messages app on a Pixel 8 Pro, showing an RCS Chat message thread.

You might soon see a change in how your messages look on your Android phone. Google Messages is rolling out a change to how the type of message is displayed. At present, it says either "Text message" or "RCS message" at the bottom, but the new change will shorten these to either (Text) or (RCS).

9to5Google's Abner Li reports the change and points out that the phrasing could be reduced to either Text or RCS to streamline the appearance and make it look less technical. That said, only a limited number of people have reported the change so far. Google has a tendency to roll updates out slowly, however, so that's not surprising.

Read more
Android 16 could give your phone a big redesign
Someone holding the Google Pixel 9 with the screen on.

Google is set to release Android 15 to the general public soon, so attention is slowly turning to Android 16, which is expected to launch toward the end of next year. Android Authority recently discovered intriguing information about this update from the Android 15 QPR1 beta.

In the beta, the site discovered that Google plans a "complete redesign" for Android's Notifications and Quick Settings panels. The current design dates back to Android 12 when Google introduced its Material You design language. It provides a uniform appearance, including the initial four Quick Setting tiles and the entire notifications panel.

Read more