Fragmentation Leads To Android Insecurities

Rick Zeman writes "The Washington Post writes about how vendor fragmentation leads to security vulnerabilities and other exploits. This situation is '...making the world's most popular mobile operating system more vulnerable than its rivals to hackers, scam artists and a growing universe of malicious software' unlike Apple's iOS which they note has widely available updates several times a year. In light of many companies' Bring Your Own Device initiatives 'You have potentially millions of Androids making their way into the work space, accessing confidential documents,' said Christopher Soghoian, a former Federal Trade Commission technology expert who now works for the American Civil Liberties Union. 'It's like a really dry forest, and it's just waiting for a match.'"

Re:Not vendor fragmentation

[TheGratefulNet]

bullshit!

google abandoned the 'bad old hardware' (gfx chips were 'too old').

and so they stopped ALL updates of importance.

its not the vendors. don't blame them. its the creator of android. those guys messed up the design (split of gfx and non-gfx) and so we get 'end of lifed' systems that are FAR too young to be put to pasture.

sigh. really, deep sigh.

Re:Or...

[happymellon]

You mean like the Android humble bundles?

Re:Or...

[TheRaven64]

Bullshit. The problem is Android's notion of a system application. These are things that can't be uninstalled and must be on the internal storage. Some of these really are system services, but others are just shovelware. The 512MB on the Nexus One is more than adequate for a more recent Android, if you move some of the non-essential crap onto the SD card. The Nexus One came with a 4GB SD card and supports up to 32GB, so there's no reason not to do this, except that then you'd be able to uninstall some of the Google stuff.

This model, by the way, is especially wasteful because often these system components need updating, and due to the design of the Android filesystem layout they can't overwrite the old components, so you end up having to have two copies of a load of stuff installed, and you can't delete the unused one even though that's the one on the smaller storage device...

Re: Or...

[limaxray]

There is nothing wasteful or unusual about Android's file system, it is perfectly normal for an embedded system like a phone. The objective is to make the device as durable as possible, immune to improper shutdown, negligent users, and other such things. For this purpose the core bits are on a partition mounted RO, with the user data stored on a separate partition. Generally the way you'd update such systems is to replace the entire RFS, but since that would require the OEMs efforts, Android uses the system it does. Maybe it's not ideal, but we can update a good amount of functionality without having to worry about battery pulls bricking the phone. Complaining that your old, early generation phone doesn't support the newest software is ridiculous. We are with mobile devices where we we with PCs 15+ years ago. You are running a 486 in an age of Pentiums. Not only does the Nexus One lack storage, it has a slow SoC and only 512 MB of memory. And, IMHO, it was the biggest pile of dog shit to wear the Nexus title (yes I've owned one).

Re:Just download Avast mobile security

[bartron]

What the hell?

How can anyone say, with a straight face, that you need to run AV software on a goddamn phone? A PHONE! What manner of circumstances lead to this being considered something that is perfectly normal?

If anything it just shows what a logistical clusterfuck Google created with the first few editions of Android and letting all and sundry create hardware without at least enforcing some form of automatic patching regime. Don't get me wrong, I think ICS is a wonderful OS for a phone, but to birthed straight into the world expecting to have to run AV software??? Look at yourself in the mirror and tell yourself that's a perfectly normal and rational thing.