Skip to main content
  1. Home
  2. Mobile
  3. News

Google-commissioned security report paints a bleak picture of Android

By

Android 6.0 Marshmallow.
Image used with permission by copyright holder
The lack of fast updates across the Android ecosystem means that more than 80 percent of device owners are at risk to at least one critical vulnerability. That’s according to a study from the University of Cambridge, which was partially funded by Google.

The study shows that while Google can make the latest version of Android safe from all vulnerabilities, its inability to get the updates out to every Android phone in a timely fashion makes most of the ecosystem unsafe. Even being one or two patches behind could put smartphone owners at risk of vulnerabilities like Stagefright, which is capable of taking over devices and infecting them with malware.

android-device-security
Image used with permission by copyright holder

In the study, each mobile vendor was graded based on security with scores from 1 to 10. Nexus devices ranked the highest at 5.2, followed by LG at 4.0, and Motorola at 3.1. Samsung came in fourth at 2.1, followed by Sony, and finally, HTC.

Recommended Videos

Samsung and LG both confirmed plans to stick on course with Google’s monthly updates, but HTC claimed that goal was unrealistic due to carrier testing. AT&T and Verizon Wireless have both been accused of routinely pausing updates, and blocking certain features like Google Wallet on Android devices.

Related

Having a phone that’s vulnerable to attack might sound terrifying, but most critical vulnerabilities can only be exploited if the user downloads or clicks on something that is laced with malware. That’s why malware attacks tend to only reach a few hundred or thousand devices. Of course, some serious bugs like Heartbleed and Stagefright do pose risks to more devices.

Naturally, Android device owners would much rather have a system that is 100-percent safe. Google is working with device partners and carriers to ensure updates, especially security patches, are delivered at a speedy rate. Things just don’t always go as planned.

Android’s rival iOS isn’t completely off the hook when it comes to vulnerabilities, either. The most recent panic in China happened only a week ago, when an old video player returned and took over iPhones. A week before that, Chinese developers Baidu and Tencent were both caught using a faulty version of Xcode, infecting iPhone owners in China with malware.

However, the main difference is that Apple can immediately shore up the vulnerability on every iPhone that supports the latest version of iOS (which is the vast majority of iPhones) with a software update. Google isn’t able to do that because it’s phones are made by third-party manufacturers, whose own User Interfaces often slow down the update process, and the carriers who support these phones dictate when updates pass to individual phones.

Editors' Recommendations

Topics
David Curry
David Curry
Former Digital Trends Contributor
David has been writing about technology for several years, following the latest trends and covering the largest events. He is…
The 6 biggest announcements we expect from Google I/O 2024
Google I/O 2019

Google will hold its annual developer conference, Google I/O 2024, on May 14 in Mountain View, California. The event is about a month away, and we're expecting a few big announcements.

As with any Google I/O event, this year's conference will start with a big opening keynote presentation from CEO Sundar Pichai. But what actual announcements are we looking forward to? Here are a few of the biggest things that we are likely to see at Google I/O 2024.
Android 15

Read more
Google just released the first Android 15 beta. Here’s what’s new
The Android 15 logo on a smartphone.

Google has just released the first public beta build of Android 15, marking an end to the developer-focused test phase. The beta version’s release also means that Android 15 is finally in a state where it can be tried by the masses without people having to worry about too many bugs leaving their phone in a sorry state.

The first beta version of Android 15 doesn’t introduce a ton of new features, as most of the notable additions have already appeared in the Developer Preview builds. Google’s blog post, however, mentions the following features as the key highlights

Read more
Android phones finally have their own version of AirTags
Renders of Chipolo's new Point trackers that work with Google's Find My Device network.

Google's new Find My Device tracking service will soon launch with an important third-party provider. Chipolo has announced two new trackers for the service: the Chipolo One Point item tracker and the Chipolo Card Point wallet finder.

By offering these trackers, Chipolo will be among the first companies in the market to provide trackers that work with Google's new tracking network. Google announced its new Find My Device network last year. In short, it's Google's answer to Apple's Find My network. Find My Device can use other nearby Android devices to track your lost phone, item tracker, etc. — just like how Find My uses iPhones and other Apple devices to locate lost iPhones and AirTags.

Read more