back to article Android users left at risk... and it's not even THEIR FAULT this time!

Tardiness in providing security updates is leaving the vast majority of Android devices hopelessly insecure, according to researchers at the University of Cambridge. Over the last four years, an average of 87 per cent of Android devices were vulnerable to attack by malicious apps, according to the research, which blames a …

  1. Destroy All Monsters Silver badge
    Gimp

    Oh, so you are locked into a contract?

    Crickets chirping...

    1. Michael Wojcik Silver badge

      Re: Oh, so you are locked into a contract?

      I'm not; I have a phone I bought outright from one of those Amazon-hosted resellers, and I use an AT&T-hosted MVNO with a monthly payment plan. (It's about 1/3 the cost of the AT&T plan I used to have.)

      My phone is a Samsung, originally AT&T-branded. Bought new and unlocked.

      No updates in sight. Samsung isn't publishing any for this phone, and AT&T won't supply updates if you're not on contract. Samsung's "commitment" to supplying updates clearly doesn't apply to devices they don't consider current.

      Phone's rooted, so I can just disable Stagefright (using build.props) if I want - at the moment I just have MMS auto-downloading disabled. But the updating process isn't any better if you're not under contract.

  2. Anonymous Coward
    Anonymous Coward

    Cambridge boffins

    or paid-for-hire clickbaiters, you decide..

    " leaving the vast majority of Android devices hopelessly insecure"

    I have yet to EVER see ANY Android device with Malware, so these "boffins" just made themselves look like total chumps.

    1. Anonymous Coward
      Anonymous Coward

      I have yet to EVER see ANY Android device with Malware

      How would you know if the phone had been infected? It may be stealthy malware.

      1. Khaptain Silver badge
        Coat

        Re: I have yet to EVER see ANY Android device with Malware

        "It may be stealthy malware."

        If it was so stealthy the boffins wouldn't know either.

        1. Anonymous Coward
          Anonymous Coward

          Re: I have yet to EVER see ANY Android device with Malware

          Quite true, but the OP is not one of the boffins.

          1. Khaptain Silver badge
            Coat

            Re: I have yet to EVER see ANY Android device with Malware

            The OP might be a stealthy boffin :-)

            1. Anonymous Coward
              Anonymous Coward

              Re: I have yet to EVER see ANY Android device with Malware

              Or a stealthy chump

    2. sisk

      Re: Cambridge boffins

      I have yet to EVER see ANY Android device with Malware

      I've personally seen two infected devices, one of which was mine and I always double check the permissions on my apps before I let them install. The other wasn't even rooted and didn't have the "allow unknown sources" checked so the infection either had to have come in through stagefright or something similar or from the Play Store itself.

      Not to slam Android, because it is still my mobile OS of choice and most likely will be at least until a new player comes into the market, but the malware for it is out there and works. That's why I run a security app.

      1. Lee D Silver badge

        Re: Cambridge boffins

        Just because "allow unknown sources" was off, doesn't mean it's ALWAYS been off.

        I've seen people do nothing more than read that an app needs to turn that option on to work, then press to go to the menu directly, switch that option, let the app install, then go back in and turn it off again.

        In fact, even things like Amazon App Store require this as they are "not Google". So you can be sure that MILLIONS of Android users have turned that option on, and some brainy ones may even have turned it off again, which may well be like closing the stable door after the horse has bolted.

        P.S. The Android App Store, then, is free to install what it likes.

        1. sisk

          Re: Cambridge boffins

          Just because "allow unknown sources" was off, doesn't mean it's ALWAYS been off.

          True enough, but I know the owner of that particular phone very well. I can say with absolute confidence that it's always been off on that phone.

          1. Yet Another Anonymous coward Silver badge

            Re: Cambridge boffins

            And what makes you think the "known sources" aren't malware?

            Google does a line-line security analysis of all Apps on the play store in the 7hours before approving them ?

        2. tiggity Silver badge

          Re: Cambridge boffins

          On the subject of Amazon - I did not install their Amazon underground app - inspected what rights it wanted - an absolutely ludicrous (in a bad way security / privacy wise) set of permissions, way in excess of what was required with the functionality it nominally offered.

    3. Kevin McMurtrie Silver badge

      Re: Cambridge boffins

      There's more to malware than botnets and lost files. Much of what's in Google Play Store is garbage of some kind trying to get easy ad revenue. You might think you're clean, but you might have a few impostor apps that do exactly what you expect but send ad revenue to a different developer. Or maybe they collect a bit of extra information of extra value. Lots of apps even have Google Play Store reviews with proof that they're malware.

    4. Trevor_Pott Gold badge

      Re: Cambridge boffins

      I have yet to EVER see ANY Android device with Malware, so these "boffins" just made themselves look like total chumps.

      I clean an average of 6 devices a week each with various forms of malware. Maybe you're not as representative of the industry as you think?

    5. Anonymous Coward
      Anonymous Coward

      Re: Cambridge boffins

      Well still never seen or heard of a single Android malware issues. I do know a couple of people stung by the age old Windows problems..

      http://www.bbc.co.uk/news/technology-34527439

      Funny this seems to have slipped by without getting a mention, perhaps nobody is paying the security researchers to promote this... That would instantly suggest who was behind all this Android scare stories.

    6. Michael Wojcik Silver badge

      Re: Cambridge boffins

      I have yet to EVER see ANY Android device with Malware

      Neither your Anecdote nor your CREATIVE use of CAPITAL letters are COMPELLING arguments.

  3. Anonymous Coward
    Anonymous Coward

    Updates

    Funny, not a problem with the iPhone.

    1. Blank-Reg
      Gimp

      Re: Updates

      iOS has its own problems.

      Android as naff as ever though

      1. Anonymous Coward
        Anonymous Coward

        Re: Updates

        Of course it does, not disputing that, but thanks for the DV

    2. Anonymous Coward
      Anonymous Coward

      Re: Updates

      Indeed, but there is a huge difference between the iPhone/iOS and Android.

      iDevices are designed hardware and software by a single OEM. This OEM then ensure that the various networks toe the line in terms of updates and keeping crapware to a minimum. i.e. the OEM cares and ensures quality. This even goes as far down to the connector - rather than use USB which was never designed for such a job, iDevices have a purpose-made connector so that DAC can happen *on the device itself* meaning that add-ons are much cheaper and easier for other vendors to make. Heck the iDevice dock being the most common to see.

      Android, on the other hand, is thrown over the wall by the writer who then provides zero support, standards or guidance. Thus networks add crapware and ignore updates as well as OEMs adding crapware and ignoring updates. What the end-user winds up with is a dog's dinner that barely functions (hardly surprising, it is Linux after all) in a cheaply made unit and with a woeful connector.

      This is, and many other reasons, are why Android and its ilk are simply best avoided.

      1. CAPS LOCK
        Joke

        " a dog's dinner that barely functions (hardly surprising, it is Linux after all) "

        LOL, you can't argue with that...

        1. James O'Shea Silver badge

          Re: " a dog's dinner that barely functions (hardly surprising, it is Linux after all) "

          Well, if all you're after is making down-vote-baiting troll attempts, no, you can't. If you're after having even a modicum of accuracy, yes, you can argue with that. Quite well, actually.

          1. Destroy All Monsters Silver badge

            Re: " a dog's dinner that barely functions (hardly surprising, it is Linux after all) "

            Don't feed the ANTI-RICHTO!

          2. sabroni Silver badge
            Happy

            Re: down-vote-baiting troll attempts

            Judging by the icon it was a joke. Made me laugh anyway.....

      2. Mad Chaz

        Re: Updates

        "dog's dinner that barely functions (hardly surprising, it is Linux after all) "

        So how's OSX treating you? You realize it's freebsd, right?

        1. Anonymous Coward
          Anonymous Coward

          Re: Updates

          > So how's OSX treating you? You realize it's freebsd, right?

          You realise FreeBSD != Linux and that OS X != iOS?

        2. James O'Shea Silver badge

          Re: Updates

          OS X is based on NeXTStep, which in turn used the Mach kernel. Some things from BSD (_not_ strictly FreeBSD) were added. And things have changed sufficiently over last decade and a half that it would be extremely inaccurate to call OS X either Mach or BSD. It most definitely is NOT FreeBSD.

          1. asdf

            Re: Updates

            > It most definitely is NOT FreeBSD.

            Nope but FreeBSD most definitely will support your Apple hardware long after Apple stops (will keep those iTunes updates coming to the end of time though) and a strong argument could be made better even while Apple supports it.

      3. Teiwaz
        Meh

        Re: Updates

        No point to a UV/DV for a coward. Ignorance and cowardice are best not rewarded.

      4. Anonymous Coward
        Anonymous Coward

        Re: Updates

        This OEM then ensure that the various networks toe the line in terms of updates and keeping crapware to a minimum

        No, the networks are not involved AT ALL with iOS. They don't have the ability to install crapware or anything else on iOS, and all updates are delivered directly from Apple so the carrier has zero ability to control or interfere with you choosing if and when to update iOS.

        The only thing the carrier controls on an iPhone is 'carrier settings', which you might see referred to in a popup once a year or so, or when you change carriers. Basically it is a small file that allows the carrier to specify stuff like LTE bands, roaming partners, carrier hotspots and so on. But since Apple controls the format and allowed content of the file, and it is not executable code, the carriers can only use it for the designated purposes and can't use it to mess with your iPhone. The only difference you might see if a few menu items in the Cellular settings go away for certain carriers or if your phone is SIM locked due to a contract. The carrier settings go away when you switch carriers via a new SIM and is replaced by your new carrier's settings.

      5. This post has been deleted by its author

    3. sisk

      Re: Updates

      There's malware in the wild for iOS too. And no, you don't have to jailbreak your iWhatsit to get it. The difference is that you can get decent anti-malware for Android while iOS anti-malware is somewhat crippled by restrictions Apple places on it.

      I've said for years that no matter what platform you're running only a fool runs a system with access to the internet and no anti-malware and I stand by that. Unfortunately Apple encourages people to be fools in that regard.

      1. sabroni Silver badge

        Re: no matter what platform you're running

        Well maybe, but the risk decreases with market share. I bet anyone running a Palm Pre on Web OS is fairly safe....

      2. Anonymous Coward
        Anonymous Coward

        @sisk

        Which malware is that then? I assume you are probably referring to the recent issue where some Chinese developers grabbed Xcode off a bulletin board instead of from Apple, which added malware (in the form of a popup to ask for your iCloud credentials) to the compiled code when these developers then uploaded to the app store? Apple remotely disabled all the affected apps, as they always do if any malware is found. What's the point of running anti-malware when it would basically do the same thing in relying on signatures from the outside to tell it what's malware and what isn't?

      3. Anonymous Coward
        Anonymous Coward

        Re: Updates

        There's malware in the wild for iOS too

        Please, please, please, name it so I can have a look at it - by that I mean in a Western app store, though, I would never install an app where I could not even read the screen. It will be totally worth rebuilding the phone from scratch because I have as yet not seen a single such app. Pretty please?

        I've said for years that no matter what platform you're running only a fool runs a system with access to the internet and no anti-malware and I stand by that.

        You can do rather well if you start with decent fundamentals. Anti-virus is more like forgetting to add the brakes when you design a sports car and then fix it by selling chains and boat anchors. I must admit, though, that Google is the only company I know that has been able to start from a Unix platform and then make it look more like Windows from the perspective of vulnerabilities :)

        1. sisk

          Re: Updates

          Toires, LBTM, and FindCall. There are three trojans that can infect un-jailbroken iOS devices. And that considering that iOS is undoubtedly one of the hardest to infect platforms currently available. Granted one is proof of concept and the other two have been removed from the appstore, but if three can do it then more can as well. I personally view anti-virus on hardened OSes the same way I view the carbon monoxide detector in my house: the odds of needing it are astronomically against it, but if I ever DO need it I'd much rather have it than not.

          There's no doubt iOS is more secure than Android. How much of that is due to good design and how much is due to the walled garden and relative obscurity of the underlying system is up for debate, but it's a purely academic debate. I realize that the odds of ever actually encountering iOS malware are pretty insignificant, but just as I would probably tell my landlord where to shove it if he tried to make me get rid of my CO detector I would be uncomfortable not having access to decent anti-virus software. There is simply no such thing as a perfectly hardened system.

          1. Anonymous Coward
            Anonymous Coward

            Re: Updates

            Toires, LBTM, and FindCall. There are three trojans that can infect un-jailbroken iOS devices.

            The first two were proof of concepts that were patched before anyone could put them into production, and one (1) that made it to the app store. The latter got pulled quickly, also because it didn't work that hidden because iOS does not allow SMS sending or making calls without user interaction (stops premium rate abuse).

            I reckon iOS fares rather well in any "how vulnerable is my device out of the box" comparisons, ditto for "how easy is it to keep up to date" comparisons, simply because it is known hardware.

            How much of that is due to good design and how much is due to the walled garden and relative obscurity of the underlying system is up for debate

            Obscure? iOS? LOL :).

            1. sisk

              Re: Updates

              Obscure? iOS? LOL :).

              Yes, iOS is relatively obscure compared to Android. Any neophyte script kiddie with a basic understanding of java can get the source code, spend a few months studying it and know the ends and outs of how the system works. With iOS unless you work for Apple you don't actually know exactly what's going on under the hood. That's what I mean by relative obscurity.

    4. Anonymous Coward
      Anonymous Coward

      Re: Updates

      OK, I will spell it out for you.

      This Android scareware FUD that is going around at the moment, this is Apple money. Apple have their own problems. Apple device security if you look at it without bias, is actually inferior to Android. It doesn't have several of the layers of protection that Android has.

      http://lifehacker.com/how-secure-is-android-really-1446328680

      iPhone is secure because it's locked down. Android is secure because it's also locked down, but it does allow you to unlock it (with a warning). Users are idiots.

      1. asdf

        Re: Updates

        >This Android scareware FUD that is going around at the moment, this is Apple money. Apple have their own problems. Apple device security if you look at it without bias, is actually inferior to Android

        Ok let me know when iOS allows an attacker to root your boot locked (non jailbroken) phone without user intervention with an MMS. That is an entirely different class of shit security more of the Windows XP worm kind. Last I heard its still not completely fixed and in all forms is still certainly a vulnerability on the majority of Android phones out there.

        1. asdf

          Re: Updates

          Also (bah missed edit period) yes iOS has some vulnerabilities (plus Apple's security record and practices are a mixed bag) as well but the fact that they have a very successful patching system (most handsets supported are kept up to date at a remarkably high level) plus a much better full disk encryption solution means Android (as shipped in vast majority of handsets) has some work to do.

    5. MrDamage Silver badge

      Re: Updates

      Noooooo.

      iPhones just leave you feeling seasick just looking at the screen, or refuse to let you use it as intended because you're right handed, or send your car barreling down an airport runway, or charge you a premium price on a "new" phone for features that have been in competitors devices for 4 years.f

      Yep, not a problem with iPhones, because who has the time to write malware for IOS when the device in question doesnt work well enough for you to test it?

      1. asdf

        Re: Updates

        Funny I thought the conversation was about security of the various handsets and not your personal opinion about phones. There is much not to like about Apple but the fact remains they are the only handset maker making any kind of profit on phones today so they are obviously doing something right (and its not all marketing even if the majority, their competitors spend plenty on marketing as well).

  4. kdh0009

    Name and Shame

    Sony's the worst aren't they?, aren't they?

    1. Anonymous Coward
      Anonymous Coward

      Re: Name and Shame

      No far from it....

      And even if they stop supporting it, they help you get Cygenmod and rooting your phone.

      1. Mark Allen

        Re: Name and Shame

        This is the feature I want. If a manufacturer decide to stop supporting the device then at least give us the ability to support it ourselves with Cygenmod. I have an annoying Asus tablet here that had updates abandoned barely three months after purchase! I expected support to at least get to the end of the one year warranty....

  5. Simon Harris

    AndroidVulnerabilities

    The score has three components:

    f - the proportion of devices free from known critical vulnerabilities.

    u - the proportion of devices updated to the most recent version.

    m - the number of vulnerabilities the manufacturer has not yet fixed on any device.

    But how realistic is this considering

    d - the time delay between an update being available from the manufacturer and the carrier being arsed to push it out?

    1. Steve Davies 3 Silver badge

      Re: AndroidVulnerabilities

      Then there is :-

      x : the probability that the release of the OS you are running on your phone actually has a patch generated for it.

      IMHO for the majority of devices x --->>>> Infinity.

      After all you can still buy devices running Gingerbread which is madness

      1. Tom 35

        Re: AndroidVulnerabilities

        If you buy a "free" with contract phone you will be lucky to get kitkat, lots have jellybean, and don't expect to ever see an update even if one was available from the maker of the phone. No change since the days of the flip phone.

    2. sabroni Silver badge

      Re: AndroidVulnerabilities

      u - the proportion of devices updated to the most recent version

      If the carrier hasn't pushed it yet the device isn't counted in u.

    3. MrT

      Re: AndroidVulnerabilities

      'd' extends towards infinity by an exponential rate based on 'a' (where 'a' is the device age in months [unlocked handsets] or days [locked handsets]), inversely reducing 'm' so pretty much all anyone ends up with is 'f' and 'u', a big ¯\_(ツ)_/¯ and a link to buy the latest yet-to-be-abandoned handset.

  6. chipxtreme

    I've got a Galaxy S6 that's fully protected against stagefright v1 and v2 vulnerabilites and i'm using samsung firmware - albeit the france release until they push out the update for uk phones.

    1. Anonymous Coward
      WTF?

      Wow you've got a pretty new phone that's supported.

      Ask anyone with a S3 or S4 and see how they feel.

      1. Notas Badoff

        More than quarterly

        I think I've had at least 4 updates this year on an S4 through AT&T. It is often enough to border on annoying, but I don't think that's the answer you were touting.

    2. Headley_Grange Silver badge

      Wheras..

      I've got a Note 8 which hasn't had a software update in the 18 months I've owned it.

    3. asdf

      >albeit the france release until they push out the update for uk phones.

      Great solution for the general UK public huh?

  7. sisk

    LG good? You're kidding, right?

    I was rather distressed to learn that LG cuts you off if you root your device. Every other manufacturer I've ever had an Android from will at most unroot your phone during an update but LG blocks you from their updates completely, even after unrooting. If you root an LG phone you'd best be running a custom ROM if you want updates.

    1. ssssssssssssssssssssss

      Re: LG good? You're kidding, right?

      Indeed. After being burned with a G3, LG are on my "don't touch with a bargepole" list.

  8. Anonymous Coward
    Anonymous Coward

    Probably a stupid question

    because I've never paid much attention to mobile phones and how they work, but here goes anyway:

    is there any reason other than attempting to enforce user lock-in that one can't simply install any OS one likes on modern 'smartphones'?

    One of the main resons I'm not terribly interested in them is because of their price being similar to that of a full-blown desktop. That being so, I expect similar levels of control over the thing, so that I can ensure its security to the best of my (admittedly not uber) ability. Android doesn't interest me for obvious reasons, and iPhones don't interest me because of the excessive procing (well, they're beyond my reach anyway). My ideal would be a pocket computer running a normal linux distro with a clip-in bit that gives it phone capability - and such that I could turn the phone part off without turning the whole thing off. Does such a beast exist? Could it (as in could it, realistically, given the situation as it is now where phone operators expect to own your phone body and soul yet still get you to pay for the privelege)?

    1. Tim Wolfe-Barry

      Re: Probably a stupid question

      (all comments posted here based on theoretical knowledge only - I have not personally rooted my current device or deployed recent versions of any OS or other software mentioned here. Caveat Lactor applies...)

      Not really stupid...

      Lots of ways round the lock-in problem; simplest is probably to get an Android device and then root it and install whatever alternative Android-derivative you favour. Cyanogenmod is good, apparently.

      For a full-linux experience, something like this may be interesting: http://www.ubuntu.com/phone

      And then there are others out there, like Mozilla with FireFox Phone, who will say they're doing something similar.

      "why can't I just install whatever I like" will fall down, I suspect, due to driver issues - no smartphone (I assume) runs a desktop chipset, so you can't just deploy your current-favourite wintel build as that simply won't boot.

      Options are more limited, I understand, if your hardware is an iThing; you can unlock it but there won't be the choice of alternative OS that there seems to be if your starting point is a 'droid.

      See my own post below - this sort of idiocy has persuaded me to pre-order a v0.1 device from an unknown supplier; here DEFINITELY be Dragons!

    2. sisk

      Re: Probably a stupid question

      is there any reason other than attempting to enforce user lock-in that one can't simply install any OS one likes on modern 'smartphones'?

      The biggest barrier is, for lack of an easier way of putting it, driver issues. If you tried to install iOS on an Android device it would never work because iOS support for non-Apple hardware doesn't exist. Ditto for installing Android on an iThing. There is an app in the works that lets you install Windows Mobile on Android devices, but I've not read anything about it other than that it's in the works. No bets on how wide the support for it is. With some Android phones you don't even have the option of custom ROMs because there aren't any with hardware support for that model.

      Really the only way to get a similar level of control in your mobile device as what you have on a desktop is to buy an Android device, root it, and install a custom recovery on it (which, of course, voids the warranty but gives you access to custom ROMs, which is about as close to an alternative OS as you can really get). Jailbreaking an iOS device can get you close to the level of freedom you enjoy on the Mac, but you're still stuck with iOS. Unlike Android you don't even have any custom ROMs you can install on them.

    3. sisk

      Re: Probably a stupid question

      Actually, now that I think about it, this coupled with a Raspberry Pi and some creative coding might just be able to do what you're talking about.

      1. Anonymous Coward
        Anonymous Coward

        Re: Probably a stupid question

        @sisk (and others that have responded to my question) - thank you, much appreciated! That rephone kickstarter looks interesting! And funnily enough, I have been slowly gathering bits to make a mobile PC based on an RPi (which, let's face it, can be done just by plugging bought bits together, which is about my level. I'm only at baby steps level of both software and hardware hacking).

  9. Tim Wolfe-Barry

    Be more Wiley

    This type of problem has convinced me to pre-order the WileyFox Storm.

    My existing HTC handset has no updates available (still on 4.1 Android) and any that were ever offered came with EE's cruftware.

    Hopefully the WF will allow me to update Cyanogen OS whenever I like, plus delivering the security features that we should be asking for as standard...

    All of that assumes that it will show-up as scheduled at the end of the month, of course...

    1. Message From A Self-Destructing Turnip

      Re: Be more Wiley

      Sorry to disappoint Tim but running Cyanogen is still no guarantee of receiving updates. Mainly because there is no hardware standard for phones, there is no one size fits all OS distribution. Each different phone model requires a custom ROM build, so support only lasts for as long someone is prepared to do the development work to update the ROM build for your phone. Though with Cyanogen support duration is often better than the original manufactures.

      1. dotdavid

        Re: Be more Wiley

        Yeah CyanogenMod support kinda goes on a scale.

        - Manufacturer's ROM. You'll be lucky to get one or two updates unless you're running a Nexus or certain Moto phones.

        - CyanogenMod with their built-in OTA updater

        - Unofficial CyanogenMod on XDA developers, which tend to be a bit more fiddly to keep up to date as they tend not to have an OTA update mechanism

        The latter category though can have support for years, depending on the install base for your phone. My Asus Transformer TF101 is running the latest Android despite official support ending at Android 4.0 and the latest official CyanogenMod being CM10 (Android 4.3), thanks to the efforts of a particularly dedicated device maintainer.

  10. TeeCee Gold badge
    Mushroom

    Eh? What?

    which blames a failure of some manufacturers to provide regular security updates for the problem.

    That would imply that there's at least one which actually does provide updates for all its devices out in the field[1]. Care to name them as I'd like to buy one of their products?

    Ah.....right.......typo was it......?

    [1] I.E. Not only the ones still covered by the warranty.

  11. Wolfclaw

    Simple equation , Android(manufacturers+mobile service provider) = (got your money + foad if you want support)

  12. Fazal Majid

    Android updates policies are unconscionable

    My father asked me for recommendations for an unlocked smartphone. I would have recommended an iPhone, except he doesn't want to spend more than $200. I held up my nose and recommended a Windows device to him precisely because of Android phone makers' unacceptable policies.

    It's not surprising, really, the OEMs would rather sell you a new phone than help you make your old last. Software updates should be firmly in the hand of the ones making the software, i.e. Google, not the Android OEMs.

    1. Anonymous Coward
      Anonymous Coward

      Re: Android updates policies are unconscionable

      At the margins these firms (using that term rather loosely) operate at, there's zero chance of being able to support the devices at all. People would have to pay some sort of premium which they demonstrably are unwilling to do. Samsung does charge a premium but doesn't seem to do updates for very long and look where it's gotten. Little to no respect on this issue.

      And that completely ignores carriers who likely have a major role in Sammy's issues. Change consumer behaviors. 'Til then? Live with it.

  13. Kevin 6

    Samsung is pretty good

    at pushing its users under the bus that is concerning updates.

    The Samsung phone I got (Samsung Galaxy Centura ) I don't recall getting a single update since I got it. It currently has android 4.0.4 in it...

    Sad thing is I do like their hardware I have a LG that I was going to switch to that I found no where near as robust.

  14. Jason Hindle Silver badge

    This is why Nexus is the only Android phone I'll consider.

    As long as the others insist on delivering updates in sweet time.

  15. Paul J Turner

    Waiting to hear from Kogan

    If there will ever be an update to my Kogan / Benq Agora-4G phone from Android 4.4.2.

    Could be worse though - https://medium.com/@tuesdev/as-many-others-i-didn-t-want-to-wait-the-next-6-8-months-to-receive-a-oneplus-2-invite-ba20ac8606ae

  16. thomas k

    Why bother with updates ...

    When they can just sell you a new phone? I mean, if you're *really* that worried, you'll spring for one, right?

    I can see how people who prefer flagships might be hesitant with this approach, perhaps, but maybe if people stop buying flagships and switch to cheap land-fill models instead, manufacturers might get the message.

  17. Alan Denman

    Dog slow apps are safer

    Native code being far more dangerous, we need those fart apps limited to safer Java only!

  18. paulf
    Holmes

    HTC off the radar now?

    A little off topic but it's interesting to note HTC's latest quarterly loss (early Oct 2015) was reported by the Beeb but not on El Reg (at least not that I noticed). Perhaps El Reg could just have a cut and paste template story ready for the inevitable in Jan 2016?

    http://www.bbc.co.uk/news/business-34451104

    Straying back towards topic a little, it's something other Android handset manufacturers should take note of. HTC's problems are down to reaping what they've sown for years though their egregious neglect of customers, especially WRT security updates and bug fixes.

  19. Rick Giles
    Happy

    Did anyone else...

    Read the sub-title as "You're LATE with those patches, mobe wankers!"

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like