Another Android vulnerability has been found and fixed, but Google, Samsung and others have no idea how many Android customers are still vulnerable. And it’s the unknowns about Android security that make using Android so very scary.
Latest Scary Bug
Checkmarx reported on the latest Android security bug and how Google and Samsung responded in How Attackers Could Hijack Your Android Camera to Spy on You.
The problem with this bug and with Android in general continues to be that Google has no idea how many Android devices out there remain completely vulnerable to flaws like this one.
Ars Technica reported in Google & Samsung fix Android spying flaw. Other makers may still be vulnerable:
Checkmarx said Google has privately indicated that other makers of Android phones besides Samsung may also be vulnerable. Google’s statement didn’t directly confirm this or say if any other manufacturers have installed an update.
Scary Security in Android is a Feature, Not a Bug
Android is designed to be difficult to update. Or rather, as a result of intentional neglect, Android is difficult to update. Not only does Google not do enough, or perhaps does nothing, to fix this problem, hardware manufacturers frequently abandon old devices really fast. Leaving customers with outdated and insecure Android and other software.
Google still hasn’t fixed their own Android Distribution Dashboard to be accurate. It still does not show the latest Android version 10.
Pie is Android version 9 and the latest version that Google is keeping track of. That is just irresponsible.
Contrast that to how much Apple cares about this and cares about supporting customers with older products for years and years. Check out the OS version distribution on Apple’s App Store page for developers.
Google and All Android Hardware Manufacturers Should Be Better Than This
It’s been 12 years since Android was unveiled. Google should be supporting their customers much much better than this by now.