Skip to main content

Android security came a long way in 2016 but Google says there is more work

ransomware wannacry exploit attacking pc security padlock
Maksim Kabakou/Shutterstock.com
With hundreds of different Android devices out in the wild, running different versions of the operating system on different hardware, Google faces a massive challenge in distributing critical security updates. In the past, many users have had to wait up to three months before having their phones patched, not only due to the variation between Android products, but also the lack of urgency with which manufacturers pushed fixes out.

Google has been well aware of this problem, which is why it has made significant strides over the past several years, reducing that wait time to just a couple of days, according to TechCrunch. But there is still work to be done, as Adrian Ludwig and Mel Miller, members of Android’s Security Team, have noted in a year-in-review blog post.

More than 735 million devices from more than 200 manufacturers received security updates last year, according to Google. While that illustrates the company’s commitment to keeping users safe, the job is hardly complete. Ludwig and Miller also noted roughly half the Android products in use at the end of 2016 had not received an update in the preceding 12 months. Google claims its new A/B update system, designed to make over-the-air updates more reliable and prevent them from inadvertently bricking phones, will help encourage installation.

The monthly security update initiative, set in motion after the Stagefright vulnerability was discovered in 2015, also saw expansion in 2016, the team reported. Those updates were released for devices running Android 4.4.4 and up, which comprises 86 percent of all active devices globally.

Ludwig and Miller also said they made strides in stamping out potentially harmful apps (PHAs) in the Google Play Store. Verify Apps, a system that checks users’ devices for PHAs, conducted 750 million daily tests last year, up from 450 million in 2015. As a result, installation of PHAs was reportedly reduced in the top 50 countries in which Android devices are used. Google estimated PHAs accounted for 0.05 percent of all apps on the Play Store last year, compared to 0.15 percent in the year prior.

Of course, Google Play isn’t the only place where users can get their apps, and that is one of the roadblocks Google encountered trying to make Android safer for everyone. The number of devices with a PHA installed — from any source, not just Google’s marketplace — actually rose to 0.71 percent from 0.5 percent.

Although many Android users have chosen Pixel and Nexus devices to receive updates straight from Google automatically, the security team attributed much of its progress to enhancements offered by the release of Android 7.0 Nougat. Chiefly, the introduction of file-based encryption and protections against media-based attacks have bolstered security in the most recent Android phones, regardless of manufacturer.

Still, as much as the Android Security Team has accomplished alongside partners and carriers, it still helps to have friends in the research community. Google said its Vulnerability Rewards Program paid out nearly $1 million to researchers in 2016 for their contributions — some of which were set to rave music.

Editors' Recommendations

Adam Ismail
Former Digital Trends Contributor
Adam’s obsession with tech began at a young age, with a Sega Dreamcast – and he’s been hooked ever since. Previously…
Everything announced at Google I/O 2023: Pixel Fold, Pixel 7a, and more
The Google I/O 2023 logo outside Mountain View.

Every year, Google takes to Google I/O to announce its plans and products for the coming year. While the event itself will run for several days, the opening keynote presentation covers all the major announcements, from the newest version of Android to the latest versions of the Pixel smartphones.

So, what did Google have in store for us with Google I/O 2023? Quite a lot! From the Pixel Fold to the Pixel 7a to a ton of AI updates and more, here are all of the biggest announcements from Google I/O 2023.
Google Pixel Fold

Read more
Your Google One plan just got 2 big security updates to keep you safe online
Two Google Pixel 7 Pro smartphones.

Google just added some major new security features to keep its Google One subscribers safe while on the web. After all, the internet is where you spend a lot of your time, whether that's looking things up, paying bills, shopping, booking appointments, or sharing photos with family and friends. That’s a lot of information, and Google wants to keep subscribers safe from the darker side of the web.

Regardless of whether you use an iPhone or an Android smartphone, all Google One subscribers are getting the following two security features.
VPN by Google One for everyone

Read more
Google just announced 9 new features for your Android phone and watch
Samsung Galaxy S23 showing Google Photos

Google has announced some big new features coming to Android and Wear OS devices during the Mobile World Congress 2023 event in Barcelona, Spain. These new features are beginning to roll out starting today, February 27, with others to come later.
New Android features available starting February 27

Google Drive users will now be able to do freehand annotation on Android phones and tablets. This means you are now able to use a stylus or your fingers to annotate PDFs directly in the Google Drive app on Android.

Read more