Reuters reports that Google, maker of the Android operating system, as well as Samsung and LG, makers of many of the most popular phone and tablet lines, will begin pushing regular, monthly security updates to owners of their devices.
That news comes on the heel of a vulnerability in Samsung Galaxy phones that left an estimated 600 million users vulnerable to hack attack, as well as another flaw endemic to all Android phones that affected the better part of a billion users.
Samsung and Google have both been responsive to learning of their security flaws; Samsung had an update ready for their Galaxy phones two days after the exploit became widely known, and Google had already identified and patched their Stagefright vulnerabilities by the time stories about it hit the media.
However, both companies, along with LG, are now trying to be more proactive and less reactive in the wake of the high-profile exploits. Instead of throwing patches out after everyone has said, “holy crap, a billion phones?!,” they will now be deploying monthly security updates to all users.
But here’s the catch: if you bought your phone from a wireless company, as so many millions of us do, you’re not the “user” who gets the update. Your carrier is. And it’s anyone’s guess how long AT&T, Sprint, T-Mobile, or Verizon will sit around waiting before pushing updates over the air to their subscribers.
A Samsung executive confirmed to Reuters that his company had no way of forcing the carriers that buy devices in bulk actually to install the fixes, and said that some companies might only do it for high-end users. “If it’s your business customers, you’ll push it,” he told Reuters.
The hundreds of millions of us who are not large corporations, on the other hand, will have to continue to wait our turn.
Google, Samsung to issue monthly Android security fixes [Reuters]
by Kate Cox via Consumerist
No comments:
Post a Comment