back to article Samsung commits to 5 years of Android updates... for its enterprise smartphone users at least

Samsung today committed to provide its enterprise-edition flagships with half a decade's worth of security updates. The eligible devices include the enterprise versions of the Galaxy S20 series, the Galaxy S21 series, the Galaxy Note 20 series, the ruggedised Galaxy XCover 5, and the Galaxy Tab Active 3. Other enterprise …

  1. Franco

    Good on Samsung but as I've said before Google need to be taking the lead on this. They're quick enough to bug hunt in other people's software and disclose them if they aren't patched as quickly as Google think they should be, but lagging behind when it comes to product lifecycles themselves.

    1. Charlie Clark Silver badge

      Google has an excellent rate for developing and releasing fixes. The problem has always been with the manufacturers whose financial interests are best served by selling new devices. The situation improved significantly when Google released project Treble, meaning that many security updates could be released via Google Play Services, not perfect but far better than it was. And Samsung has certainly got much better at updates since then. I've had various Samsung devices over the last decade or so and can confirm that update frequency and duration has significantly improved from my Samsung Wave (BadaOS), Tab 8.9 (lovely device but no updates after 18 months) to S5 (fantastic device, and well supported by LineageOS after Samsung abandonded it) and S10e (still getting monthly security and feature updates: OneUI has seen a lot of improvements).

      1. mark l 2 Silver badge

        Google could do more to ensure that phones get patched by telling phone manufactures as part of your license to have the Google Apps on your phones and have access to the Google Play store you need to push out regular security updates within a certain amount of time after they are make them available.

      2. Franco

        Google own the OS and allowed this fractured landscape that we have which allows them to blame the OEMs. They have 100% control over the devices on the Android One program and only support them for 3 years.

        This is NOT about rate of patching, this is about product lifecycles and no Android manufacturer is doing a good enough job on that.

      3. The Dogs Meevonks Silver badge

        Is lineageOS the successor to the old android fork that was on the Wileyfox range of phones? I had the top of the range 1st gen one... Excellent phone, loved all of the security and privacy features...

        Since then I've stuck with Motorola simply because it's as close to vanilla android you can get unless you pay double for a pixel device. My current Motorola One is getting 3yrs security updates and 2 OS updates.

        1. Franco

          Haven't tried the Motorolas but the Nokia branded HMD range are all vanilla Android and there's a good range of specs. Still using my 6.1 which is probably close to end of supported life now.

    2. Anonymous Coward
      Anonymous Coward

      A good intention, but what about all the non-enterprise consumers out there? I've had many Android devices over the years, including several Samsung. I switched to Apple as a trial a couple of years ago and they are way ahead of Android regarding patches and updates.

  2. DS999 Silver badge

    Quarterly schedules won't work for Android

    When Google puts out patches the clock starts ticking for bad guys to develop exploits. There's already a delay between when Google puts out a patch and when OEMs make them available. Now Samsung wants to delay that further by up to three months to give themselves a more comfortable patching schedule?

    Microsoft can patch on a schedule because unless the bug is discovered by someone else and becomes public the extra time isn't spent with a known bug in the wild. Google can patch on a schedule because until they release the source the same is true. For Android OEMs, every day they delay after Google releases the fixes increases the danger.

    1. elsergiovolador Silver badge

      Re: Quarterly schedules won't work for Android

      That's why I think government should step up and require phone companies to open up the firmware. This way users won't be put in a limbo when a fault in the software is discovered. They could get it fixed themselves or via software shop.

      You could also get some custom features done and so on.

      This could actually develop into a new sector and improve the economy.

      1. This post has been deleted by its author

      2. Anonymous Coward
        Anonymous Coward

        Re: Quarterly schedules won't work for Android

        When you say phone companies I think you mean "phone makers". Actually it the relationship between the phone makers and Google

        > While it might not be an official requirement, being granted a Google apps license will go a whole lot easier if you join the Open Handset Alliance. The OHA is a group of companies committed to Android—Google's Android—and members are contractually prohibited from building non-Google approved devices. That's right, joining the OHA requires a company to sign its life away and promise to not build a device that runs a competing Android fork.

        "Google’s iron grip on Android: Controlling open source by any means necessary", Ars Technica, Ron Amadeo - 7/21/2018

        In the long run, I see breaking that grip as the only clean solution.

        1. Richard Boyce

          Re: Quarterly schedules won't work for Android

          Huawei hasn't been given a choice in the matter, and that's probably making a lot of other companies in China and elsewhere think twice about their dependence on Google.

      3. David Halko

        Re: Quarterly schedules won't work for Android

        >> government… require… open up the firmware

        Partners get access to source code, so no intervention is needed, unless it is to provide access to hostile actors

        OpenFirmware exists and used for Sun, IBM, HP, SGI, Apple, etc. systems, for decades, with less system resources than modern phones!

        If people really thought this was an advantage, developers would step up and use OpenFirmware in a phone, which many would likely choose to use.

  3. elsergiovolador Silver badge

    No thanks

    Samsung likes to disable features or make them unusable through updates. At least that was the case for me. I would never update a Samsung phone if it is working fine.

    I think there should be more regulation in that aspect. I would even be up to "right to repair" for firmware and sofware.

    You know if you find a bug or something, you could take your phone to a software developer to get it fixed rather than having to wait for an update from mighty Samsung that will probably break something else.

    1. Gene Cash Silver badge

      Re: No thanks

      Yes! I can't upvote this enough.

      I'm dreading Android 11 which seems to be nanny-ized to the max. There's a lot of useful things it tries to prohibit.

      1. Anonymous Coward
        Anonymous Coward

        Re: No thanks

        "Nanny-ized" - exactly! It is truly horrifying.

      2. Charlie Clark Silver badge

        Re: No thanks

        There's very little in Android 11 on my phone that feels nannified: maybe the ability to add additional users and I seem to recall more control when using the HDMI output.

        Just installing my July update.

        1. MarkElmes

          Re: No thanks

          This just goes to show how slow manufacturers are to update their phones - people here worried about the impact Android 11 may make to their phones, yet my Pixel 4XL is already on the Android 12 beta..

  4. alain williams Silver badge

    5 years from when ?

    It will be from when first released, not from when you bought it. So for many they will only get 2-3 years of updates - this is nothing like enough.

    I get it that they want to sell you a new shiny as soon as possible but that is not what I want - I will replace mine when it breaks.

    1. ecarlseen

      Re: 5 years from when ?

      Yeah, but that's every tech vendor on the planet.

    2. Charlie Clark Silver badge

      Re: 5 years from when ?

      Given the fact that the guarantees on the phone are only required to last two years, this stance goes well beyond what they're required to do.

      1. The Dogs Meevonks Silver badge

        Re: 5 years from when ?

        Gaurantees are not really enforcible in some countries. For the UK for example products must have a reasonable lifespan, so whilst a replacement may not be forthcoming after those 2yrs... a repair could be if it's due to a failure in the product itself rather than a 'user error'

  5. Anonymous Coward
    Anonymous Coward

    Android phones are pretty mature these days.

    Much like the iphones before them, people don't rush out to buy a new one every year, and the changes between models are small and incremental, and the prices are high, so there is little point.

  6. Mowserx

    When Android first came out, I did everything I could to convince everyone around me to go Android and point out all of the problems with iPhones (Eg lack of Google Maps), Apple’s walled garden approach, etc.

    But the state of Android updates and upgrades throughout the the years has proven that if you want timely and long term os updates and upgrades you’re going to have to get an iPhone. It was a very bitter pill for me to swallow years ago but I’m convinced I made the right decision for myself and my family (my wife has a Pixel (2?)) and when it dies she’s getting an iPhone. She’s been on Android since the Galaxy S3.

    1. Charlie Clark Silver badge

      You sound like an ex-smoker!

      Early versions of Android were ropey and updates broke lots of APIs. I've never used Google Maps on my phone – there have always been better alternatives – and a friend of mine regularly complains about the expensive app updates he's forced to install when Apple force feeds new APIs on users. This has happened to me twice in ten years on Android. I have a file system and a useful Bluetooth stack (something that Apple seems to have struggled with on MacOS and I-Phones for years).

      I work on a Mac and appreciate that Apple does get a lot of things right, but it's software management isn't really one of them as a look at the time it takes for them to release security updates for their CVEs, along with: oh, that bug has been fixed in the next version (but not yours).

      1. doublelayer Silver badge

        I'm not sure I understand all of your complaints, but those I do understand are flawed.

        "Early versions of Android were ropey and updates broke lots of APIs."

        So? The rest of your comment implies you don't like Apple and prefer Android, so I'm not sure why you started with this. Yes, Android has problems, just like they said. Also, this isn't really one now.

        "I've never used Google Maps on my phone – there have always been better alternatives": Glad you're happy with that. The original poster seems to think Android-based Google Maps is better than the early Google-based IOS maps app or the Apple Maps one which replaced it.

        "and a friend of mine regularly complains about the expensive app updates he's forced to install when Apple force feeds new APIs on users.": I don't think that's a thing. They release new APIs, but the apps either run fine or get updated. They don't tend to make you pay for new app versions for compatibility. Also, compatibility is not a major problem. I've run apps which were abandoned by their developers around the time of IOS 9, but they still run correctly on IOS 14. Of course you can't guarantee that will happen, but you can't for Android either.

        "This has happened to me twice in ten years on Android.": And to me zero times on IOS or Android and I use both. But if it happens on both platforms, maybe that's just what outdated software does when you try to run it on a new platform it wasn't designed for.

        "I have a file system": That's a major selling point for Android in my mind. Of course for a lot of users, that's not really a thing they think about.

        "and a useful Bluetooth stack (something that Apple seems to have struggled with on MacOS and I-Phones for years).": Not sure how they've struggled, but it generally works fine here and has for a while.

        "I work on a Mac and appreciate that Apple does get a lot of things right, but it's software management isn't really one of them as a look at the time it takes for them to release security updates for their CVEs,"

        This is where your argument is breaking down. Apple takes a while to release a patch, then people install that patch. Android takes some time (not really that different, but let's just say it's shorter), and then the manufacturers delay that patch for at least a month. Many delay for three or six months before releasing it. Some will never get it. This is worse than Apple how, exactly?

        "along with: oh, that bug has been fixed in the next version (but not yours)."

        Then update the version you're running. That's what versions are for. New version gets new code, fixes included. Unless you're stuck and can't install the update, like people on IOS 12, but that means your device is already seven years old. Android does the same thing but you just never have that option.

        1. Charlie Clark Silver badge

          Version != patch level.

          I think MacOS Lion had a particularly broken Bluetooth stack: Apple's solution switch to Mountain Lion.

          Google releases security updates more frequently (monthly) than Apple and most manufacturers are now pushing them to devices within a couple of days. Apple has had several severe flaws unpatched for months.

  7. lostinspace

    My laptop gets updates direct from Microsoft, and it doesn't matter what the manufacturer does. Why can't Android phones be the same and get updates direct from Google? Why do I have to wait for the manufacturer to distribute updates?

    1. Anonymous Coward
      Anonymous Coward

      Well, at least you get your ads directly from Google...

    2. Anonymous Coward
      Anonymous Coward


      Also, each company bends/modifies the OS into a state so they can remove/modify features to annoy you, with the hope that you'll become so annoyed with your current phone, that you'll buy another. This should be illegal, but they've been doing it for a solid decade using the "Google Accident" excuse (ie. a lie to cover intention). In the late 1970's/ early 1980's, US cable companies did the exact same thing with channel scrambling, time shifting, randomly changing regions and "partner" syndication in hopes for you to "upgrade". Eventually, they were told "no" to half the things they were doing (although many didn't hear it).

      If the OS was "standardized" (or whatever), then they wouldn't have the control to force things upon you as you could subvert their changes. There's no bright side to how mobile is currently ran.

    3. doublelayer Silver badge

      Because back in 2008, Google decided that the way to get all the companies to use their OS and help generate the revenue for them was to give them lots of control over things. The manufacturers wanted to smash up the features of the OS so they all went through a manufacturer-approved interface with preinstalled apps, Google wouldn't complain and would make sure users didn't have an easy reset to normal option. Google also realized that they could blame manufacturers for any Android defects and could announce new versions designed to fix this problem which never actually worked. Then that kept happening for eleven more years, and now it's today.

      1. MarkElmes

        Well it was the cell phone carriers who lead that design choice, they wanted to bundle in as much bloatware as possible and Apple made a stand to not allow that to happen, so naturally Android became a very popular choice amongst all manufacturers

  8. imanidiot Silver badge

    Problem is, even with the long term support, it's still a Samsung phone with Samsungs flavour of Android. One that I don't like in the slightest.

    I've recently had to buy a new smartphone (old one had a... gravity related incident) and the choices weren't great. I don't want an iPhone, so that basically leaves Android, I didn't want a phone that phones home to China (which eliminates many many MANY options) I wanted something not too large (around 6" max) and I don't like the Samsung Android. I ended up with a Pixel 5 because it's basically one the the very few options. I'm not entirely sure I feel less dirty selling my soul to the G-men than to China, but here we are.

    1. Michael Wojcik Silver badge

      Yeah, but you get all of Samsung's vulnerability-riddled bloatware too.

    2. The Dogs Meevonks Silver badge

      May I suggest you take a look at Motorola next time round... close to vanilla android... I'm unaware of it being a risk of 'phoning home' as you put it... 3yrs of security updates and 2 OS updates.

      And all for half or more than a pixel costs.

      1. imanidiot Silver badge

        I have looked at them, all the ones I could find for sale seemed to have giant screens (6.7") with a weird aspect ratio.

        And with Lenovo announcing it's dumping the Motorola brand name I'm not convinced support for them will actually last either.

  9. The Dogs Meevonks Silver badge

    Motorola already do this

    Motorola have promised 3yrs of security updates and 2 OS updates to a lot of their phones. I'm currently waiting for an OS update to be rolled out to the Moto One, and get regular monthly security updates... Expecting another one in the next couple of weeks.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like