back to article Samsung's Galaxy S7 line has had a good run with four years of security updates – but you'll want to trade yours in now

Four years after it hit shelves, Samsung is discontinuing security updates for the venerable Samsung Galaxy S7 and S7 Edge phones. As spotted by DroidLife, neither handset appears on Samsung's list of supported phones, which received monthly updates until March 2019, followed by a quarterly patch schedule as the devices drift …

  1. sorry, what?
    Unhappy

    I'd love to see a law...

    That means manufacturers are forced to support products for a minimum of 5 years, be that with spare parts or security updates. I'm rather surprised to find that even the EU doesn't appear to have such a requirement.

    I know I'm not the typical punter because I pay up front for my phones and I keep them as long as I can. I'm no "oooh, shiny shiny" waste-ard and look to minimize the amount of landfill I generate. It's a shame that Samsung will be forcing a device change on me just so I can benefit from security and other fixes in a product I bought only a few short years back...

    1. Dazed and Confused

      Re: I'd love to see a law...

      I know I'm not the typical punter

      Well you're not alone.

      My S7E got an update a few days ago, or was it last week. Anyway the kernel's date is 10th March 2020 and the Android security patch level is the 1st of March 2020. So perhaps that's the last.

    2. tfewster

      Re: I'd love to see a law...

      I'd be interested to see test cases:

      - If an unpatched security bug counts as a fault.

      - If a "reasonable" lifetime for the software can be agreed (The hardware is probably fine)

      IANAL, but the UK Consumer Rights Act indicates that you can make a claim against the retailer for up to 6 years after purchase.

      https://www.which.co.uk/consumer-rights/advice/what-do-i-do-if-i-have-a-faulty-product#how-long-do-i-have-to-return-a-faulty-product

      1. Notas Badoff

        Re: I'd love to see a law...

        "If a "reasonable" lifetime for the software can be agreed..." But the OP said "...forced to support products for a minimum of 5 years"

        The product is the phone, the combination of hardware and software. Terminating support for the enabling software *is* terminating support for the 'product'.

        Turning my purchases onto the subscription model after the fact will definitely influence my purchasing decisions in the future.

        Even worse for profits than waiting 5 years for customers to come back, is waiting forever for customers to come back.

        1. Anonymous Coward
          Anonymous Coward

          Re: Turning my purchases onto the subscription model

          Are you listening Microsoft???

          {cue the rustling sounds of tumbleweed blowing down Main St, Redmond, WA}

          Are you listening Adobe and the rest????

          Making everything Subscription seems to be the modern answer to 'Life, the Universe and Everything' to many CEO's. It isn't anything of the sort but in their swanky corner offices with their private jets and everything, they are so far divorced from society, they would not know it even if it hit them in the face.

          In these troubled times and with many, many people on reduced (or non-existent) income, what is the attraction for subscriptions?

          It is the 'never-never' land. Nirvana for the product makers and 'Bleak House' for the subscribers.

          I've just canned my last voluntary subscription. With no job and no end in sight for CV-19 I think that life as we knew it is truly doomed and Subscriptions are the last nail in its coffin.

      2. tip pc Silver badge

        Re: I'd love to see a law...

        “I'd be interested to see test cases“

        Go down that route and you’ll find no manufacturer offers updates after shipping.

        When have you actually benefited from a security update? Asked a different way, when has a security update actually prevented an attack on YOUR phone?

        If you don’t get the update, what are the chances of YOUR phone actually being compromised?

        Most vulnerabilities rely on specific scenarios, behaviours, environments, and being targeted. If someone wants to get at you they likely will find a way, despite you having the latest patch, granted patching raises the bar but doesn’t make you impregnable. .

        1. TonyJ

          Re: I'd love to see a law...

          "...When have you actually benefited from a security update? Asked a different way, when has a security update actually prevented an attack on YOUR phone?..."

          What a truly stupid comment.

          How would the vast majority of people know?

          How many consumers monitor (or even have) the logs for the firewall on their routers?

          Let me tell you that some years ago when I finally moved away from the dumb ones to something that was grown up, the sheer volume of probing attacks from e.g. China and Russia was a real eye-opener.

          Now I assume that the previous firewalls were blocking them but how would I know?

          I rolled my motor vehicle last year. I've always worn my seatbelt. I've always had insurance (notwithstanding the laws on such things) - but that would be the first time in 30 years of really needing both.

          Stop being a plum.

          1. tip pc Silver badge

            Re: I'd love to see a law...

            “ I rolled my motor vehicle last year. I've always worn my seatbelt. I've always had insurance (notwithstanding the laws on such things) - but that would be the first time in 30 years of really needing both.

            Stop being a plum.”

            Did you patch your vehicle before rolling it? Did you upgrade its safety systems? Did you amend the insurance contract before hand?

            Sounds like what ever safety systems Your vehicle shipped with did their job, if you could have retrofitted newer safety systems could they have prevented the vehicle rolling?

            My other half’s car has keyless entry and go, If the keys are near the front door crims could steal the car without gaining access to the house, putting the keys in a rf shielding bag or simply well away from the front door would defeat the crims, regardless If a patch is available or not, same goes for adding a steering wheel lock.

            Different operating behaviour can be more effective than applying a patch especially when a patch might not be available.

            1. TonyJ

              Re: I'd love to see a law...

              Did you patch your vehicle before rolling it? Did you upgrade its safety systems? Did you amend the insurance contract before hand?

              Sounds like what ever safety systems Your vehicle shipped with did their job, if you could have retrofitted newer safety systems could they have prevented the vehicle rolling?

              My other half’s car has keyless entry and go, If the keys are near the front door crims could steal the car without gaining access to the house, putting the keys in a rf shielding bag or simply well away from the front door would defeat the crims, regardless If a patch is available or not, same goes for adding a steering wheel lock.

              Different operating behaviour can be more effective than applying a patch especially when a patch might not be available...

              Uhuhh...I don't know about you, but I don't have people remotely trying to compromise my vehicle in a mass non targeted kind of way. No one will slow any processors down because they are mining bitcoins or part of DDoS bot attack and it doesn't store any personal information about me that would be valuable, so why would they even bother if they could? Although see my later point re Tesla.

              Nor do I have to worry that some oik in China will make the engine blow or the brakes fail.

              My current vehicle also has keyless entry. They doors won't open unless they are within about 18" of the vehicle and it won't start unless the keys are inside the vehicle. Indeed, take them out when the engine is running and it tells you on the driver info display that they've been removed from the vehicle and the engine will be shutting down in xx seconds.

              Also are you telling me that if you owned, say, a Tesla, with vulnerabilities that were detected that you'd be equally happy not to receive a patch?

              Your arguments don't hold water.

      3. big_D Silver badge

        Re: I'd love to see a law...

        A lot of people in my family tend to keep their smartphones for around 6 - 8 years, before they replace them, and they are generally things like Samsung Galaxy S4 Lite/S5 Lite, which got replaced last summer, when WhatsApp stopped working properly.

    3. SuperGeek

      Re: I'd love to see a law...

      I agree. I'm still using my S6, the thing that I hate about it is it EATS battery, even with a new genuine one fitted. I can't use Lineage as my banking et al apps don't support rooted, and they no longer officially support it either.

      Gonna try a different phone, maybe a Mate 8. I kept the S6 out of landfill as long as I could tolerate keep charging the life out of it!

      1. Charlie Clark Silver badge

        Re: I'd love to see a law...

        You can still use banking apps on LineageOS, which is not rooted by default, and even root the phone if you install Magisk. I did this with my S5.

        1. TonyJ

          Re: I'd love to see a law...

          "...You can still use banking apps on LineageOS, which is not rooted by default, and even root the phone if you install Magisk. I did this with my S5..."

          Thank you - I was sure I'd read the Lineage was pre-rooted so that is good to know.

          Alas things like Magisk are picked up (or were) by the Barclays app.

          1. Danny 14

            Re: I'd love to see a law...

            Running lineage on my note 3 with magisk. All apps that complain about root can be added to the root-hide function. Works well.

      2. jms222

        S6

        My S6 is still fine on original battery. Now I've switched off location except when I really need it the battery can last a couple of days. But with Samsung behaving the way they do and the amount of crap on the thing I am very tempted to go Apple next.

        1. bengoey49

          Re: S6

          Not only Samsung, Google only updates the Pixel for 3 years. I have the original Pixel from November 2016 , last update was November 2019. No more updates according to Google. So I have moved on to iPhone 11 which will have a longer updates compared to Android phones and although expensive initially, in the long run it works out cheaper compared to Google Pixel Wife still has the S7.

    4. Stork Silver badge

      Re: I'd love to see a law...

      While I agree with you, I must admit my phones have tended to die physically. Gravity or water induced

      1. stiine Silver badge

        Re: I'd love to see a law...

        My trusty, previously unbroken, non-swimming, S7 did a swan dive onto the tile last week. This week El Reg publishes this article....damn, now I have to, and need to, buy a new phone.

        I wonder when the cell phone stores are going to re-open...

    5. Charlie Clark Silver badge

      Re: I'd love to see a law...

      Can't see 5 years ever being the case for such extensive support and I'm not sure it would be practicable The 2-year warranty in the EU is already pretty unusual, but I suspect the real improvements would be made by enshrining a right to repair and beefing up the liability relating to security updates, which is currently almost non-existent. And, to be fair, the industry has improved in this respect. Samsung used to have support for about 18 months for all devices and Google's Project Treble means that devices like the S8 can get security updates via the Play Store. But there is definitey a long way to go!

    6. Anonymous Coward
      Anonymous Coward

      Time to switch to iPhone

      I love my S7, had it since they first came out. I hate my GF's ancient iPhone, as she still hasn't learned how to even put apps on it, she asks me to do that. Apple has always lied to it's customers (Macs don't get viruses and all that, while my friends who work there have told me over the decades that the company requires AV on everything on the premises), BUT I have to say, they seem to do a better job at maintaining updates compatible with old hardware than any other phone maker. When I dump my S7 in the next year, I am going to throw in the towel and go to the dark side by buying an iPhone.

      1. bengoey49

        Re: Time to switch to iPhone

        I am fed up of the 3 year updates of my original Pixel, so I moved on to iPhone 11 a month ago.

    7. Wade Burchette

      Re: I'd love to see a law...

      I had an old LG G4 that only provided security updates for 18 months! Then and now, some people pay for the phone over a 24 month period, so many people would still be paying for a phone that was no longer supported. That turned me off LG phones forever.

  2. redpawn

    Just be grateful

    Just be grateful your partner didn't hit you sooner. You must have done something wrong to make Samsung angry. Be nice to Samsung and buy another and they won't hit you for a while.

  3. Onga

    I only got rid on my S7 Edge last month after getting it at launch time. A truly excellent phone.

    Well I say "got rid", I still have it and will definitely hold on to it as a backup.

  4. RojCowles

    Oddly enough just read this on my venerable S7, through the Google maps screen burn in from using nav 2x per day, 5x per week for 2 years.

    1. Baldrickk

      For me, it's the top bar and the keyboard that are burned in.

      This is unfortunate news as it is definitely a perfectly capable phone still. No, I'm not going to be playing COD Mobile on it, nor would I want to - a small touchscreen is an awful input device for gaming. For anything other than "hardcore" mobile gaming, it still performs more than adequately.

      I can only commend Samsung for keeping it supported, but really wish that mobiles were more like the PC landscape where you can more easily just install an updated OS on it, with no vendor locks.

      1. JetSetJim

        It burns...?

        What brightness settings are you using? Had mine since launch and no screen burn at all. All I've had to do is replace a battery recently

  5. Someone Else Silver badge
    Facepalm

    Will it, now?

    This will no doubt be a huge blow for those still hanging on to their S7s.

    Will it, now? While I can see that some folks might get all up in a lather about "its not supported!!" (ref Windows 7), I simply don't believe, nor do I want to support, 1960's-style planned obsolescence of these rather expensive, and still-highly functional devices. I suppose some folks just have to chase the shiny. But you don't have to; the headline blaring "but you'll want to trade yours in now" is, in my mind, complete marketing bullshit.

    And frankly, I'm a bit surprised that El Reg would be shilling for Samsung.

    1. Anonymous Coward
      Anonymous Coward

      "but you'll want to trade yours in now" is, in my mind, complete marketing bullshit

      That depends. Are you happy to use a phone knowing it's not getting security updates? Probably depends on what you use it for.

      1. Dave K

        Re: "but you'll want to trade yours in now" is, in my mind, complete marketing bullshit

        Doesn't bother me personally. But like you say, it depends what you do with it. Would I use it for online banking or for work? Definitely not. However idle web browsing via a 3rd party (and hence still updated) web browser, a bit of Facebook/WhatsApp, playing the odd game or MP3 when I'm travelling? Of course.

        My current phone is an old LG G4. That's no longer supported either, yet I don't really care. I don't use it for anything particularly private or important. Should it become infected with malware (which is unlikely as I'm careful with what I use it for), I'd use that as the excuse to replace it.

        1. Someone Else Silver badge

          Re: "but you'll want to trade yours in now" is, in my mind, complete marketing bullshit

          Of course, you might want to use it as a phone...

      2. Anonymous Coward
        Anonymous Coward

        Re: "but you'll want to trade yours in now" is, in my mind, complete marketing bullshit

        well, I've never (yet) been hacked by a caller (and "support" callers get a short, to the point response). Likewise, no hack over gps signal, or bluetooth, or even wifi, when I listen to all those radio stations. Well, I suppose, if I were to browse the internet, there might be some risk. But why would I be so stupid to access websites on a 5-inch screen?

  6. Nate Amsden

    huge blow?

    unlikely.

    I ran my Galaxy Note 3 up until less than a year ago(daily driver). Still on Android 4.4.x too (Android 5.x was a downgrade in my opinion). It was my first Android device, prior to that I used WebOS. VERY reluctantly switched to Galaxy S8 Active(still new) last summer as the phone I thought sucked "the least" of any phone on the market.

    I have two Note 3s and one Note 4.

    I'm taking every precaution I can to try to ensure it lasts as long as it can. Including having a backup phone, having replacement OEM batteries(though I dread the thought of having to get the battery replaced), and invested in two devices called "Chargies", which sync with bluetooth to my phone to ensure the device doesn't go beyond a given charge level (for me that level is 79%), provided it is connected to a charger with Chargie connected. Add Accubattery to that list as well.

    I happily replaced the batteries in my Note 3s (one of which is still in daily use, though uses Android 5, it's really only used to view slack) every year because well it was easy. I never needed user replaceable batteries on a daily basis but being able to safely replace them myself annually was a big selling point(keeps things fresh).

    Plastic back, wireless charging(I have been wirelessly charging since the original Palm Pre), flat screen were the biggest selling points for me on the S8 active. The bigger battery is nice too as that implies the life will be longer.

    Currently on Android 9, which is a downgrade over 8, in fact at least for me every newer release of Android takes away more and more things and is a downgrade. If I wanted an iPhone I'd buy an iPhone.

    Other than faster performance the S8 Active doesn't really do much that my Note 3 didn't do already(and in many cases better).

    I'd happily drop $2k for an up to date Note 3 with plastic back, wireless charging, removable battery, flat screen, with Android 4.4.x look & feel & control.

    I'd also happily pay a subscription fee to get those fancy security updates for the older OSs, so I'm not forced into upgrading to a major version of android to get fixes. But that isn't available either. I'll take no fixes and a more usable phone 100000000000000x more than the latest updates given the history of things. I am also careful about what I use my mobile devices for, no social media, no banking, and the only purchases I do are with virtual credit cards generated by my computer. Also have had the android auto download of MMS disabled for years, I do not open MMS from people I don't know (which isn't a guarantee on anything but goes some ways to improving security regarding the exploits in the android media framework). Not perfect, but at the same time I am not aware of any security incidents on my mobile devices ever (same goes for my desktop and laptop devices(mostly running linux).

    Things I miss about note 3 include the stylus, user replaceable batteries, the IR blaster, Android 4.4 experience, having more control over the OS (e.g. can view cpu usage per task and kill stuff etc), MHL (not sure if the S8 active does that or not). IR blaster and MHL I only use while traveling, and I still bring at least 1 note 3 and 1 note 4 when I travel for connecting to hotel TVs for media viewing(they have big SD cards). I have yet to use the headphone jack on my S8 active, only time I've used my phone with headphones was when flying, and I used my Note3/Note4 for that. I do not own any bluetooth headphones.

    I'm sure most of the android fans will hate this post so expecting lots of down votes. I prefer freedom myself, if you WANT the latest you should be able to get it, if you DON'T want it, it should not be forced on you. I can't put into words how mad I was when my S8 active upgraded to Android 9 from 8. I went to great lengths to prevent OS upgrades. I successfully blocked my Note 3 from upgrading to Android 5 for 3-4+ years. The AT&T website even specifically said you have to be connected to wifi to get the upgrade. I was traveling at the time, not connected to wifi and it downloaded the upgrade anyway somehow.. On my home wifi I have AT&T and Samsung servers blocked at the DNS level so any attempts to upgrade will fail instantly.

    Hoping this S8 active lasts as long as the Note 3 did(it still works fine now just a bit slow).

  7. David Pearce

    I am forced to use a smartphone application for banking authentication in Malaysia, so using an unmaintained phone would be reckless

    1. tip pc Silver badge

      If a patch comes out this morning and you update, are you immune to the new exploit discovered last night?

      Patching helps, but your behaviour using the device helps the most. If you need to use a phone app for authentication, like the smart token codes, see if the app works when the phone is in offline mode, I.e wifi, cellular and Bluetooth all turned off. If so regardless of patch level, put the phone in airplane mode, run your app, get your code and then kill the app.

  8. Conundrum1885

    Malware

    Actually the biggest threat at the moment is rogue updates to existing installed applications.

    I am actually all for having manufacturers buy back old devices that are out of support. Not everyone can

    afford to buy a better phone at the moment and people are using online banking a lot more due to the

    lockdown.

  9. richdin

    /e/?

    How about installing an alternative OS for your now unsupported phone?

    https://e.foundation/about-e/

  10. Bogbody

    S7 support ?

    S7 getting no patches?

    There are very few phones out there that are "better" than the S7. Those that are have less features or cost far too much.

    The current affordable Samsung phones (the Axx range) dont have wireless charging for example (saves the usb socket from damage).

    The fancy Sxx are far far far too expensive.

    Fruity phone prices for a Samsung?.. nope!

    1. Anonymous Coward
      Anonymous Coward

      Re: S7 support ?

      The Samsung A series never had support for more than a year or two, so the cost per year was close to the S series

    2. Charlie Clark Silver badge

      Re: S7 support ?

      The current affordable Samsung phones (the Axx range) dont have wireless charging for example (saves the usb socket from damage).

      But this is how market segmentation works… The A series has 90% of the feartures of the S series but costs 50%, because premium features come at, erm, a premium.

  11. Jaspa

    Oh well ...

    Gifted my S7 to the Ex when I upgraded.

    I best let Her know ...

    1. jelabarre59
      Joke

      Re: Oh well ...

      Gifted my S7 to the Ex when I upgraded.

      Is she your "Ex" because you gifted your S7 to her, or did you gift the S7 to her because of the "Ex" bit?

  12. fnusnu

    LineageOS

    Ivan Meler's doing a grand job here: https://forum.xda-developers.com/s7-edge/development/beta-lineageos-17-0-s7-edge-build-1-t3979973

    1. TonyJ

      Re: LineageOS

      The problem for many people is that the likes of the Barclays and HSBC Apps have built in security that detect if the phone is rooted and then won't work.

      1. Charlie Clark Silver badge

        Re: LineageOS

        LineageOS is not rooted by default. And, if you need root, you can use Magisk for enabling it on an app-by-app basis. Worked great on my S5.

      2. jelabarre59

        Re: LineageOS

        Seeing as I wouldn't be doing banking on my phone anyway (big hands, small screen) it wouldn't matter. Besides, I *despise* store-specific (or business-specific) apps. Generalized, multi-usage apps only allowed.

  13. Wenlocke

    My old S7e is currently being used by SWMBO, and it does what she wants, although we might have to do something about that if the bank app decides it doesn't like the OS.

  14. Version 1.0 Silver badge
    Meh

    Welcome to the modern world

    For the manufacturers crappy security design is a feature - endless updates demonstrating that the phone is being used (updates are not anonymous) and then when they pull the plug, a new sale. They would be stupid to design something that worked wouldn't they.

    1. T-Unit

      Re: Welcome to the modern world

      Isn't it more stupid to spend money on maintaining an old device with a dwindling user base?

      As a Samsung customer I understand that you can't support a device forever. A new phone every 4 years seems perfectly reasonable.

      1. Boris the Cockroach Silver badge

        Re: Welcome to the modern world

        Well my S2 lasted 5 and a bit years until the USB socket decided it didnt like playing any more

        Which lead to its retirement and a S7.

        So I think 5 yrs is a reasonable lifespan for a phone, but then how many of you upgrade to the latest shiney shiney

        But for me.. the size of the phone is important as it needs to be in various pockets and avaialble for photographing serial numbers/illuminating stuff/whinging at machine tool suppliers while lying in a puddle of hydraulic oil underneath said machine tools.(its amazing how many brand new machine tools/robots blow or have leaky oil lines within the first 4 weeks of operation..)

    2. Ken Hagan Gold badge

      Re: Welcome to the modern world

      " and then when they pull the plug, a new sale. "

      ...but not necessarily to the same vendor, particularly if the very last experience from that vendor was an unambiguous "we don't care about you anymore".

  15. DrBobK

    Apparently that company everyone seems to hate will continue to support their 2015 phones in their 2020-21 phone operating system.

  16. consultor_es

    My partner has a S7 and just cursed me for informing her that she should probably get a new phone now. Can anyone explain to me in simple terms (so I can explain to her) the security risks of continuing to use it without patches? I know that we "should" replace it but I'm finding myself unable to explain it to her properly.

  17. BGatez

    If you're stupid enough (or unlucky enough to have no other way) to use a phone for say financial transactions or essentially anything similar you've been kidding yourself about security all along

  18. LB45

    S5 still rocking

    S7? Luxury!

    I'm still rocking my S5 that I bought new about 6 years ago now.

    Still works, on it's 2nd battery (cuz it's REMOVABLE without soldering!), and basically does all I need for now. SD slot, headphone jack, bluetooth, camera.

    Plus I'm cheap.

    And....I'm.....a......poor. :-( And very untrendy / unstylish as well.

  19. Anonymous Coward
    Anonymous Coward

    This will no doubt be a huge blow for those still hanging on to their S7s

    as my S2 is doing verywellthankyou and will last me another 5 - 10 years (AT LEAST), I presume I'll die sooner than I get my eager hands on the fabled, 16th hand S7.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like